Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Port security check method, device and system

A port security and inspection method technology, applied in the field of Internet security, can solve problems such as blasting, Hydra duplication of labor, time-consuming, etc., to achieve the effect of improving efficiency, avoiding duplication of labor, and improving effectiveness

Inactive Publication Date: 2016-06-29
BEIJING CHESHANGHUI SOFTWARE
View PDF5 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, Hydra can only brute force a single port from a single IP address at a time
Therefore, when enterprise security personnel are faced with tens of thousands of IP addresses and each IP address corresponds to multiple ports, using Hydra will generate a lot of duplication of labor, resulting in serious time-consuming
In addition, the port of Hydra cannot be configured. For example, when the user sets the port corresponding to the Ssh service from the default 22 to 22022, if the Ssh parameter of Hydra is used to crack the password, the default port will still be 22, and the cracking result will be affected. influences
Therefore, Hydra cannot be used when faced with a somewhat defensive server, and cannot accurately detect whether the port is safe

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Port security check method, device and system
  • Port security check method, device and system
  • Port security check method, device and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited by the embodiments set forth herein. Rather, these embodiments are provided for more thorough understanding of the present disclosure and to fully convey the scope of the present disclosure to those skilled in the art.

[0028] figure 1 It is a schematic diagram of a port security checking system 100 according to an embodiment of the present invention. refer to figure 1 , the system 100 includes a server 110, a computing device 120, and a network 130, among other components. In other embodiments, fewer, additional or different components may be present in system 100 . Specifically, while only one computing device 120 and one server 110 are depic...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a port security check method executed in a server. A mapping relationship of ports and services as a port mapping table is stored in the server. The port security check method comprises the following steps of: receiving an IP address segment to be cracked transmitted by calculation equipment to generate a plurality of IP addresses to be cracked; generating a port list to be scanned according to the port mapping table; scanning the port of each IP address in the plurality of IP addresses to be cracked according to the port list, and determining that the port is the port to be cracked of the IP address if the port is an open port; associating the IP address with the corresponding port to be cracked so as to generate a first queue; inquiring services respectively corresponding to the plurality of ports to be cracked from the port mapping table; associating a user name and a password by invoking a user name dictionary and a password dictionary so as to generate a second queue; and cracking passwords of services corresponding to various ports to be cracked of various IP addresses in the first queue by using the second queue through an enumerative method. The invention further provides a corresponding device and system.

Description

technical field [0001] The invention relates to the technical field of Internet security, in particular to a port security checking method, device and system. Background technique [0002] By port scanning the target computing device, the attacker can obtain the open ports of the IP address. Generally, these open ports have their fixed corresponding services. For example, port 22 corresponds to Ssh under Linux, which is remote login, and port 80 corresponds to The port 1433 corresponds to the Mssql database service. Therefore, the attacker obtains the corresponding service through the open port, and then uses the username and password dictionary to brute force the password of the identified service. [0003] Therefore, how enterprise security personnel can ensure port security is an urgent problem to be solved. Common password cracking tools for port services, such as Hydra, is a brute force password cracking tool under Linux, which supports online password cracking of almo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L9/00
CPCH04L9/002H04L63/1433
Inventor 李斌纪庆海魏俊锋卞李强
Owner BEIJING CHESHANGHUI SOFTWARE
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products