Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and system for protecting server IP

A technology for protecting systems and servers, applied in transmission systems, electrical components, etc., can solve problems such as cumbersome, illegal hosts cannot be occupied, etc.

Active Publication Date: 2015-06-24
山东华软金盾软件股份有限公司
View PDF6 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The technical problem to be solved by the present invention is that even if the server goes down (that is, the IP is temporarily released), the IP of the server cannot be occupied by the illegal host, and all actions are only carried out on a small number of (generally, only one) hosts. All machines in the network need to perform cumbersome operations such as ARP binding

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for protecting server IP
  • Method and system for protecting server IP
  • Method and system for protecting server IP

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0040] Such as figure 1 Shown is a schematic diagram of the system topology of the server IP protection method of the present invention, wherein, according to the above topology diagram, a server IP protection method includes:

[0041] Step 1) select a machine in the network segment as a working machine, which maintains a protection list;

[0042] Step 2) the working machine obtains the ARP query packet sent by the host under the same network segment, and the ARP query packet is a MAC address that includes the IP address that the host will obtain and the visitor;

[0043] Step 3) extract IP address and MAC address from described APR inquiry packet, and inquire whether this IP address is in the protection list, wherein, if IP address is in IP protection list and MAC does not correspond, then think it is illegal host, and reply to the host with an ARP packet whose IP is occupied.

[0044] Wherein, before step 1), the protected IP protection list and their legal MAC mapping rec...

Embodiment 2

[0047] It will be described in detail in combination with Embodiment 2.

[0048]Specifically, the implementation method of this scheme is to select a machine in the network segment to do the protection action, called the working machine, and this machine protects the specified IP from being used by illegal MAC through ARP attack. The principle lies in the process of IP acquisition. When a host wants to use a certain IP, it needs to obtain the consent of the intranet. This is the process of ARP negotiation. The normal process is that the host will first send an ARP broadcast to ask whether there is an IP address in the intranet. Use this IP, if yes, tell me (MAC), if this IP is indeed occupied, the ARP protocol defines the behavior of this IP occupant: reply an ARP packet to the inquirer, indicating that the IP is used by me (MAC) , the initiator of the ARP query knows that the IP is occupied, and the IP acquisition fails. Conversely, if there is no reply packet from any host ...

Embodiment 3

[0051] It will be described in conjunction with a specific program design. Specifically, the method includes the following steps in detail:

[0052] 1. Record the policy (protected IP list and their legal MAC mapping) into the memory for backup.

[0053] 2. Use the winpcap library to capture packets in promiscuous mode on all network cards in order to capture ARP query packets.

[0054] 3. To judge each captured ARP query packet, the judgment logic is as follows:

[0055] 1) If it is initiated by the local machine, it will not be processed;

[0056] 2) If sender_ip and target_ip in the ARP structure are consistent, or sender_ip is 0, then it is considered that this is an inquiry packet that wants to obtain an IP address, and only this kind of inquiry packet that wants to obtain an IP address is processed.

[0057] 3) Look for target_ip in the protection list, if found, it means this is a protected IP

[0058] 4) Find the MAC of this IP mapping from the protection list, if i...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and system for protecting a server IP. The method comprises the following the steps that 1, a machine is selected from a network segment for serving as a working machine, and the working machine maintains a protection list; 2, the working machine obtains an APR inquiry package sent by a host computer which is in the same network segment with the working machine, the APR inquiry package contains an IP address and an MAC address of an accessor, and the IP address is to be obtained by the host computer; 3, the IP address and the MAC address are extracted from the APR inquiry package, the IP address is inquired whether to be in the protection list, wherein, if the IP address is in the protection list and the MAC address does not correspond, then the IP address is considered to be an illegal host computer, and the APR inquiry package occupied by the IP address is replied to the host computer.

Description

technical field [0001] The invention belongs to the field of computer Internet, and relates to a server IP protection method and system. Background technique [0002] As the main provider of resources, the server in the LAN plays an important role and plays an important role in the normal and efficient operation of other terminals in the network. Many of the data submitted to the server are sensitive resources, and many clients connect to the server based on IP, so if the server IP is fraudulently used, it means that many clients may try to connect to the fake server and submit sensitive resources. Data, this is a very dangerous behavior. If the server is running all the time, the IP is always occupied. Generally speaking, it will not be used fraudulently. However, if someone maliciously causes the server to go offline or crash, and seizes the opportunity to seize the IP address that originally belonged to the server, the server will reconnect. After entering the network, ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/12
Inventor 吴永
Owner 山东华软金盾软件股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products