Method and system for rapidly detecting enterprise intranet equipment SSH weak password

An enterprise intranet and weak password technology, applied in the field of information security, can solve the problems of complex intranet environment, low efficiency, and difficulty in detecting weak SSH passwords, so as to reduce risks and improve detection efficiency.
CN108965264AInactive Publication Date: 2018-12-07ZHENGZHOU YUNHAI INFORMATION TECH CO LTD
11 Cites 2 Cited by

Patent Information

Authority / Receiving Office
CN · China
Current Assignee / Owner
ZHENGZHOU YUNHAI INFORMATION TECH CO LTD
Publication Date
2018-12-07
Estimated Expiration
Not applicable · inactive patent

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
Patent Text Reader

Abstract

The invention provides a method and a system for rapidly detecting an enterprise intranet equipment SSH weak password. The method comprises the following steps that S1, port scanning is performed on the enterprise intranet; S2, weak password auditing is performed on the port scanning result; and S3, secondary verification and filtering are performed on the equipment of which the audit result is abnormal. The IP address range of each mechanism is accurate to the C section through full IP range pin detection of the enterprise intranet, then port scanning is performed on the enterprise intranet by using zmap and weak password auditing and secondary verification are performed on the scanning result so that the SSH weak password of various types of equipment in the enterprise intranet can be rapidly discovered, the problems of difficult detection and low efficiency of the SSH weak password caused by the complex intranet environment and high number of active IPs can be solved, the weak password detection efficiency of the intranet equipment can be enhanced and the risk that the attacker remotely logs in the enterprise intranet for attack can be reduced.
Need to check novelty before this filing date? Find Prior Art

Description

Technical field

[0001] The invention relates to the technical field of information security, in particular to a method and system for rapidly detecting weak SSH passwords of enterprise intranet devices. Background technique

[0002] SSH (Secure Shell, Secure Shell Protocol) service is formulated by the IETF's Network Working Group; SSH is a security protocol based on the application layer and the transport layer. SSH is currently a more reliable protocol designed to provide security for remote login sessions and other network services. Using the SSH protocol can effectively prevent information leakage in the remote management process. SSH was originally a program on UNIX systems, and then quickly expanded to other operating platforms. SSH can compensate for loopholes in the network when used correctly.

[0003] But when the host on the network provides SSH service, if the user uses a weak password, the attacker can load a dictionary file to guess the password. Once the attacker...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More