A centralized DNS security monitoring method applied to routers

A security monitoring and router technology, applied in transmission systems, electrical components, etc., can solve problems such as adverse effects, stable network operation and application security threats, and achieve the effect of low deployment cost

Active Publication Date: 2018-10-16
CHENGDU QIANNIU INFORMATION TECH
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The combination of threats such as worms, viruses, Trojan horses, vulnerability attacks, and DDoS attacks has caused greater threats and adverse effects to the stable operation of the network and application security

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A centralized DNS security monitoring method applied to routers

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0022] A centralized DNS security monitoring method applied to routers, comprising the following steps:

[0023] Step 1): By deploying the monitoring module on the router, when the router initiates a DNS resolution request to the DNS server each time, the monitoring module records the detailed data of the request and transmits it to the centralized management server;

[0024] Step 2): The centralized management server records the detailed data of the request, and then the centralized management server extracts the domain name field in the detailed data of the request, and uses the domain name field as the domain name to initiate a DNS resolution authoritative request to the authoritative DNS server, and when it receives a reply from the authoritative request Then record the reply data of the authoritative request;

[0025] Step 3): When the router receives the reply data requested from the DNS server, the monitoring module records the requested reply data and transmits it to t...

Embodiment 2

[0028] This embodiment is further optimized on the basis of the above embodiments. Further, in order to better realize the present invention, the following steps are included:

[0029] Step 1-1): By deploying the monitoring module on the router, when the router initiates a DNS resolution request to an unknown DNS server each time, the monitoring module records the detailed data of the request and transmits it to the centralized management server;

[0030] Step 2-2): The centralized management server records the detailed data of the request, and then the centralized management server extracts the domain name field in the detailed data of the request, and uses the domain name field as the domain name to initiate a DNS resolution authoritative request to the authoritative DNS server. After requesting the reply data, record the authoritative reply data;

[0031] Step 3-3): When the router receives the response data to the request from the unknown DNS server, the monitoring module ...

Embodiment 3

[0034] This embodiment is further optimized on the basis of the above embodiments. Further, in order to better realize the present invention, the unknown DNS server is specifically determined by the network configuration of each router, and the configuration is set by the router administrator. Addresses, IP addresses may be tampered with due to attacks.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a centralized DNS security monitoring method applied to a router. A monitoring module is deployed on the router, and each time the router initiates a DNS resolution request to the DNS server, the detailed data of the request is recorded and transmitted to the centralized management server; centralized management The server extracts the domain name field in the detailed data of the request, uses this domain name field as the domain name to initiate a DNS resolution authoritative request to the authoritative DNS server, and records the reply data after receiving the authoritative request. The monitoring module records the reply data of the request and passes it to the centralized Manage the server; compare with the reply data of the authoritative request; monitor the existing DNS resolution process to obtain the DNS resolution request and reply data, submit them to the centralized management server, and use the request data of the resolution process to request the authoritative DNS domain name again The server compares the acquired safety reply data with the reply data to determine whether the DNS resolution process is safe.

Description

technical field [0001] The invention relates to technical fields such as computer information security, TCP / IP protocol analysis, DNS domain name analysis, etc., specifically, a centralized DNS security monitoring method applied to routers. Background technique [0002] With the rapid development of informatization, the current status of network security has undergone great changes compared with previous years. Threats such as worms, viruses, Trojan horses, vulnerability attacks, and DDoS attacks combine with each other to cause greater threats and adverse effects on the stable operation of the network and application security. Among them, attacks against DNS (Domain Name Server, Domain Name Service) have also become one of the most serious threats. DNS is an important foundation of the Internet. Many network services, including WEB access and Email services, are closely related to DNS. Therefore, the security of DNS is directly related to the normal use of the entire Inter...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/12H04L29/06
CPCH04L63/1408H04L61/4511
Inventor 周晓军刘韬夏欣然黎露谢莎
Owner CHENGDU QIANNIU INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products