Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and system for implementing honeypot based on Nginx

An implementation method and honeypot technology, applied in the transmission system, electrical components, etc., can solve problems such as difficult secondary transformation and adjustment, Cookies theft, complex deployment of honeypots, etc.

Active Publication Date: 2019-01-04
ZHONGAN INFORMATION TECH SERVICES CO LTD
View PDF6 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

If the WEB honeypot is deployed under the second-level domain name, after the attacker enters the honeypot and controls the WEB service of the honeypot, it may cause a secondary attack in which Cookies are stolen due to the same-origin policy, so the honeypot is very unsafe. control
Since many servers provide services based on VPS hosts on the cloud, the IP address segments of the same enterprise are not uniform, and may not all be in the same C segment, so honeypots deployed based on C segment IP addresses and independent IP addresses are not targeted and very It is difficult to attract real targeted attackers; moreover, under normal circumstances, the deployment of honeypots is complicated and the flexibility is low. It is difficult to carry out secondary transformation and adjustment after deployment. The deployment cost is high, and it is difficult to deploy large-scale honeypots.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for implementing honeypot based on Nginx
  • Method and system for implementing honeypot based on Nginx
  • Method and system for implementing honeypot based on Nginx

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] In order to make the purpose, technical solutions and advantages of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only Some, but not all, embodiments of the invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0040] In the description of the present application, it should be understood that the terms "first", "second" and so on are used for descriptive purposes only, and should not be understood as indicating or implying relative importance. In addition, in the description of the present application, unless otherwise specified, "plurality" means two or more.

[0041] Befor...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and a system for implementing a honeypot based on Nginx, which belong to the technical field of computer network security. The method includes the following steps: a configuration module configures at least one honeypot service path in an Nginx server; a blacklist service system generates and stores a blacklist to enable an LUA script module embedded into the Nginxserver to be loaded to the memory of the Nginx server at a fixed time, wherein the LUA script module communicates with the blacklist service system through a communication protocol; the LUA script module obtains the current access record of the at least one honeypot service path, and determines whether the IP address of the current client included in the current access record is contained in thelatest blacklist in the memory of the Nginx server; and if the result is yes, honeypot service will be provided for the current client, otherwise, honeypot service will not be provided for the currentclient. According to the embodiments of the invention, only a specified client can access the honeypot service, and unified, flexible and safe honeypot deployment is realized.

Description

technical field [0001] The invention relates to the technical field of computer network security, in particular to a method and system for implementing a Nginx-based honeypot. Background technique [0002] Honeypot technology is essentially a technology to deceive the attacker. By arranging some hosts, network services or information as bait, it induces the attacker to attack them, so as to capture and analyze the attack behavior. Therefore, the honeypot It is a targeted service that only needs to guide the attacker into the honeypot, and ordinary users do not need to visit it. At the same time, the closer the honeypot is to the business, the higher its authenticity and exposure rate, and the greater the attraction rate to attackers. Honeypots are mainly divided into low-interaction, high-interaction and sticky honeypots (Tarpits). [0003] Traditional honeypots are deployed under the second-level domain name of the target site or on the C-segment address of the target ser...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/101H04L63/1491H04L67/02
Inventor 杨威王明博
Owner ZHONGAN INFORMATION TECH SERVICES CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products