Unlock instant, AI-driven research and patent intelligence for your innovation.

A method, system and related device for determining a lost host

A technology for determining a method and a host, applied in the field of network security, can solve problems such as faulty internal DNS server identification and unsolved security risks, so as to improve security and avoid misjudgment.

Active Publication Date: 2022-03-22
SANGFOR TECH INC
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, it is obviously impossible for the internal DNS server to be a compromised host. That is to say, under the existing compromised host determination mechanism, the internal DNS server is often mistakenly identified as a compromised host, so that the real compromised host can escape detection and pose a security risk. can't be resolved

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method, system and related device for determining a lost host
  • A method, system and related device for determining a lost host
  • A method, system and related device for determining a lost host

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0053] The purpose of this application is to provide a method, system, firewall, internal DNS server and computer-readable storage medium for determining a lost host, aiming at accurately locating the real lost host.

[0054] In order to make the purposes, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the drawings in the embodiments of the present application. Obviously, the described embodiments It is a part of the embodiments of this application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0055] In order to facilitate the understanding of the solution provided by this application, firstly, the application scenarios appli...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

This application discloses a method for determining a lost host, which can effectively prevent the firewall from judging the internal DNS server as a lost host again through the identification capability, and through the linkage mechanism, the firewall that detects a malicious domain name will notify the internal DNS server of this situation, so that the internal DNS According to the stored domain name resolution request, the server finds the host that initiates the domain name resolution request, thereby locating the real compromised host. Applying the scheme of this application, in the scenario of determining the compromised host, the firewall and the internal DNS server no longer act independently, but under the joint action of identification capability, linkage mechanism and storage capability, they can accurately locate the compromised host and avoid It eliminates the occurrence of misjudgment and a series of problems caused by misjudgment, and improves the security of the network. The present application also discloses a system for determining a lost host, a firewall device, an internal DNS server, and a computer-readable storage medium, which have the above beneficial effects.

Description

technical field [0001] The present application relates to the technical field of network security, in particular to a method, a system, a firewall, an internal DNS server and a computer-readable storage medium for determining a lost host. Background technique [0002] Hackers or malicious attackers often choose to control other people's computer equipment (host) to carry out malicious attacks, so as to avoid tracking and conceal themselves. Such hosts controlled to perform malicious attacks are usually called compromised hosts. [0003] Compared with individual computer equipment, once the internal host in the intranet environment becomes a compromised host, it will become a huge security risk that threatens the security of the entire intranet environment. Therefore, how to determine whether there is a compromised host in the intranet environment, and which one It is very important that the internal host is the compromised host. [0004] In the prior art, the compromised ho...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40H04L61/4511
CPCH04L63/1416H04L2463/146H04L61/4511
Inventor 欧和
Owner SANGFOR TECH INC