Self-adapting-based network port fast scanning method

A network port and fast scanning technology, applied in the direction of data exchange network, digital transmission system, electrical components, etc., can solve the problems of large number of scanned, consume a lot of time, failure of three-way handshake process, etc., to avoid repeated scanning, Effects of speeding up and reducing numbers

Inactive Publication Date: 2014-03-26
SOUTHEAST UNIV
View PDF6 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

(2) Semi-open scanning (SYN scanning): a. If the target computer responds with SYN=1 and ACK=1 in the TCP message, it means that the port is active, and then the scanning host sends an RST to the target host to refuse to establish a TCP connection , resulting in the failure of the three-way handshake process
[0005] The main problem of the current port scanning is that a host has 65536 ports, and the number of ports opened by the IP in the subnet is very small. If you want to be able to scan the vulnerabilities in the subnet, you need to scan all the hosts in the subnet All the ports are scanned, resulting in a huge number of scanned traffic. On the one hand, the scanning traffic affects the normal operation of the network, and at the same time, it takes a lot of time to scan

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Self-adapting-based network port fast scanning method
  • Self-adapting-based network port fast scanning method
  • Self-adapting-based network port fast scanning method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0028] A kind of fast scanning method based on self-adaptive network port, it is characterized in that:

[0029] Step 1: Set an IP address set A of the scanned subnet. The initial value of set A is the IP address set of the scanned subnet set by the user. Set the IP address set S in advance. The initial value of set S is the IP address set by the user Set, set the scanning port set P in advance, the initial set of the set P is the set of scanning ports set by the user, set an IP port set R, the set R is initially empty, set the new port set NP, the new port set NP is initially empty, enter Step two;

[0030] Step 2: Take out each IP address in turn from the IP address set S, scan all the ports of the taken IP addresses, add the scanned IP addresses and port numbers to the IP port set R, and at the same time add the ports Add the number to the port set P, when all the IP addresses in the IP address set S are processed, go to step 3; otherwise, repeat step 2;

[0031] Step 3:...

Embodiment 2

[0039] The IP addresses and their open ports in all detected subnet IP address sets in this example are as follows:

[0040] 10.0.0.1 80

[0041] 10.0.0.2 80 1001

[0042] 10.0.0.3

[0043] 10.0.0.4

[0044] 10.0.0.5 1001 20450

[0045] 10.0.0.6

[0046] 10.0.0.7

[0047] A kind of fast scanning method based on self-adaptive network port, it is characterized in that:

[0048] Step 1 (1): Set an IP address set A of the scanned subnet. The initial value of set A is the set of IP addresses of the scanned subnet set by the user {10.0.0.1, 10.0.0.2, 10.0.0.3, 10.0.0.4 . For the scanning port set {80} set by the user, set an IP port set R, the set R is initially empty, set a new port set NP, the new port set NP is initially empty, and enter step 2 (2);

[0049] Step 2 (2): Take out each IP address 10.0.0.1 in turn from the IP address set S, scan all the ports of the taken out IP address 10.0.0.1, and add the scanned IP address and port number 80 Go to {10.0.0.1 80} in the I...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a self-adapting-based network port fast scanning method. According to the method, through mutual self-adaptive learning of IP addresses and ports, newly found IP addresses or newly found ports are updated and scanned, and repeated scanning is avoided. On the one hand, the number of detected messages can be reduced greatly, meanwhile, the conditions of the IPs and the ports opened in the network can be found to the maximum extent, and the subnet scanning speed is greatly increased. Once it is found that a loophole port happens to a certain host, it is likely that the host has other loophole ports under general conditions, under the condition that one loophole is found, self-adaptive learning can be performed, all the ports where the loopholes may exist of the host IPs which can be attacked easily can be found in time, all the other loopholes of the IPs of the whole network can be detected by just finding any one IP loophole, and threatening loopholes probably existing in the network can be scanned in time.

Description

technical field [0001] The technology relates to the technical field of network measurement, in particular to a fast scanning method for network ports based on self-adaptation. Background technique [0002] Each operating system has different ports open for inter-system communication. If an intruder wants to detect which ports are open and which services are provided by the target computer, they need to establish a TCP connection with the target port first. Try to establish a connection with some port of the target host. If the port of the target host responds, it means that the port is open. [0003] There are many port scanning techniques, such as: (1) full TCP connection: use three-way handshake to establish a standard TCP connection with the target computer, but it is easy to be recorded by the target host. (2) Semi-open scanning (SYN scanning): a. If the target computer responds with SYN=1 and ACK=1 in the TCP message, it means that the port is active, and then ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/26
Inventor 程光吴桦
Owner SOUTHEAST UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap