A Defense Method for D-linkdir Series Router Configuration Interface Vulnerabilities

Abstract

The invention discloses a defense method for D-Link Dir series router configuration interface loopholes, which is mainly used to solve the security problem caused by the interface loopholes of the Dir series routers of this brand. The invention utilizes the protection agent to filter the data packets of the external network and the internal network, so as to ensure that only the IP that has been verified by the router can request the resources of the router, so as to realize the simultaneous defense of the attacks on the external network and the internal network; the protection agent is in a data structure, through Maintain a finite state machine to set the state of the IP address and perform state conversion; the protection agent intercepts the user's request, and the protection agent judges whether the source address of the data packet is safe. If it is a safe IP, its request for resources is allowed, otherwise Guide the user to log in. If the protection agent receives the successful login data packet, it will allow the IP to request router resources, otherwise it will be regarded as a forwarding packet and forwarded.

Description

technical field [0001] The invention relates to a defense method for D-Link Dir series router configuration interface loopholes, which solves the security problem caused by the interface loopholes of D-LinkDir series routers, and belongs to the network space security technology. Background technique [0002] The router is an important device for Internet interconnection, and it undertakes the data forwarding function between different networks. Therefore, the security and reliability of the router directly determine the security and stability of the Internet. In recent years, with the frequent occurrence of router attacks, network security has been threatened more and more. Therefore, research on vulnerability defense for routers has become a hotspot in network security research. According to the survey, there are backdoors in many brands of routers on the market, through which attackers can directly control the routers and further launch attacks such as DNS hijacking, info...

AI Technical Summary

Problems solved by technology

[0004] For the interface vulnerability of this brand of routers, the official released a corresponding patch, but most routers of the Dir series are affected by this vulnerability

However, the official did not release patches for all affected models in a timely manner

In view of this situation, the defensive measures of this series of routers are to open the firewall of the routers and prohibit access to web services from the external network. However, this method cannot allow administrators to manage the routers more flexibly, resulting in reduced functionality of the routers.

Another defensive measure is to set up a whitelist of access addresses to reduce the risk of being attacked. This approach also has some disadvantages, and the whitelist needs to be constantly updated; the existence of NAT or network proxy will block legitimate users and cannot resist intranet penetration

Images