Fast scanning method of network ports based on self-adaptation

A network port, fast scanning technology, applied in the direction of data exchange network, digital transmission system, electrical components, etc., can solve the problems of large number of scanned, consume a lot of time, failure of the three-way handshake process, etc., to reduce the number, avoid The effect of repeating scanning and speeding up

Inactive Publication Date: 2016-08-03
SOUTHEAST UNIV
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

(2) Semi-open scanning (SYN scanning): a. If the target computer responds with SYN=1 and ACK=1 in the TCP message, it means that the port is active, and then the scanning host sends an RST to the target host to refuse to establish a TCP connection , resulting in the failure of the three-way handshake process
[0005] The main problem of the current port scanning is that a host has 65536 ports, and the number of ports opened by the IP in the subnet is very small. If you want to be able to scan the vulnerabilities in the subnet, you need to scan all the hosts in the subnet All the ports are scanned, resulting in a huge number of scanned traffic. On the one hand, the scanning traffic affects the normal operation of the network, and at the same time, it takes a lot of time to scan

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Fast scanning method of network ports based on self-adaptation
  • Fast scanning method of network ports based on self-adaptation
  • Fast scanning method of network ports based on self-adaptation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0028] A fast scanning method for network ports based on self-adaptation, which is characterized by:

[0029] Step 1: Set an IP address set A of the scanned subnet. The initial value of set A is the IP address set of the scanned subnet set by the user. Set the IP address set S in advance. The initial value of set S is the IP address set by the user. Set, set the scanning port set P in advance, the initial of set P is the set of scanning ports set by the user, set an IP port set R, the initial set of R is empty, set the new port set NP, the new port set NP is initially empty, enter Step two;

[0030] Step 2: Take out each IP address from the IP address set S in turn, scan all the ports of the taken out IP address, add the scanned IP address and port number to the IP port set R, and add the port at the same time The number is added to the port set P, when all the IP addresses in the IP address set S are processed, go to step 3; otherwise, repeat step 2;

[0031] Step 3: Delete the IP...

Embodiment 2

[0039] The IP addresses and open ports in the set of all detected subnet IP addresses in this example are as follows:

[0040] 10.0.0.180

[0041] 10.0.0.2801001

[0042] 10.0.0.3

[0043] 10.0.0.4

[0044] 10.0.0.5100120450

[0045] 10.0.0.6

[0046] 10.0.0.7

[0047] A fast scanning method for network ports based on self-adaptation, which is characterized by:

[0048] Step one (1): Set an IP address set A of the scanned subnet, the initial value of set A is the IP address set of the scanned subnet set by the user {10.0.0.1, 10.0.0.2, 10.0.0.3, 10.0.0.4 ,10.0.0.5,10.0.0.6,10.0.0.7}, set the IP address set S in advance, the initial value of set S is the IP address set {10.0.0.1} set by the user, set the scan port set P in advance, the initial of set P Set an IP port set R for the user's scan port set {80}, set R is initially empty, set a new port set NP, the new port set NP is initially empty, and proceed to step 2 (2);

[0049] Step two (2): Take out each IP address 10.0.0.1 from the IP a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a self-adapting-based network port fast scanning method. According to the method, through mutual self-adaptive learning of IP addresses and ports, newly found IP addresses or newly found ports are updated and scanned, and repeated scanning is avoided. On the one hand, the number of detected messages can be reduced greatly, meanwhile, the conditions of the IPs and the ports opened in the network can be found to the maximum extent, and the subnet scanning speed is greatly increased. Once it is found that a loophole port happens to a certain host, it is likely that the host has other loophole ports under general conditions, under the condition that one loophole is found, self-adaptive learning can be performed, all the ports where the loopholes may exist of the host IPs which can be attacked easily can be found in time, all the other loopholes of the IPs of the whole network can be detected by just finding any one IP loophole, and threatening loopholes probably existing in the network can be scanned in time.

Description

Technical field [0001] The technology relates to the field of network measurement technology, in particular to a fast scanning method for network ports based on self-adaptation. Background technique [0002] Each operating system has different ports open for communication between systems. If an intruder wants to detect which ports the target computer opens and which services are provided, he needs to establish a TCP connection with the target port first. Try to establish a connection with some ports of the target host. If the target host responds to the port, the port is open. [0003] There are many port scanning techniques, such as: (1) Full TCP connection: A three-way handshake is used to establish a standard TCP connection with the target computer, but it is easily recorded by the target host. (2) Half-open scanning (SYN scanning): a. If the target computer responds with SYN=1 and ACK=1 in the TCP message, it means that the port is active, and then the scanning host sends a RS...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/26
Inventor 程光吴桦
Owner SOUTHEAST UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap