Attack countering method and system based on RDP disk mapping

A technology of disk mapping and control method, which is applied in the field of network security, can solve the problems of high cost, uncontrollable effect, and no specific technology for countering attackers, and achieve low-cost effects

Inactive Publication Date: 2020-12-25
广州锦行网络科技有限公司
View PDF2 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] 1. Based on honeypot technology, the cost is high and the effect is uncontrollable
[0007] 2. Simulate the scheme of secretly obtaining the...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack countering method and system based on RDP disk mapping
  • Attack countering method and system based on RDP disk mapping

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0101] Refer to attached Figure 1-2 , according to a specific embodiment of the present invention, the method for obtaining the password hash of the windows system account provided by the present invention is described in detail.

[0102] The present invention provides a kind of attack countermeasure method based on RDP disk mapping, comprises the following steps:

[0103] The first decoy server build step,

[0104] storing the first decoy in the first decoy server, the first decoy including the information of the second decoy server;

[0105] The information of the second decoy server includes credentials for logging into the second decoy server; the information of the second decoy server stored in the first decoy server includes: the IP address, login account and login password of the second decoy server.

[0106] Attackers are usually interested in login credential information. The first decoy stores information including the second decoy server, and the information of t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an attack countering method and system based on RDP disk mapping, and belongs to the technical field of network security. According to the method, an IP, a login account and a login password of an RDP server are stored in enterprise network assets to serve as baits, and an attacker can log in the RDP server once obtaining the baits, the attacker. Disguised file baits are stored in the RDP server so as to induce the attacker to copy and paste the file baits to an attacker host. The copying and pasting operation of the attacker fail due to the fact that the RDP server closes the copying and pasting function, a system local group strategy of the RDP server can induce the attacker to conduct disk mapping, the file baits can be automatically executed when the attacker logs in the RDP server, so that an executable file is implanted into the attacker host, and countering of the attacker is completed. According to the method, executable files such as Trojans are reversely implanted into the attacker computer by utilizing the disk mapping function of the RDP, so that the effect of controlling the attacker computer is achieved.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to an attack countermeasure method and system based on RDP disk mapping. Background technique [0002] There are more and more network attacks and more and more attackers, but the traceability methods for the attackers are often difficult to be effective, including the traceability of the attacker's IP, the traceability of the device fingerprint, and so on. Therefore, on the basis of source tracing, we need more effective means to counter attackers. There are not many existing means of countering attackers, and they are often based on honeypot technology. [0003] In the Chinese patent application document CN108134797A, a system and method for implementing attack countermeasures based on honeypot technology are disclosed. The system includes a honeypot host, a honeypot environment deployment module, a countermeasure mechanism setting module and a countermeasure module serv...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/08H04L63/1491
Inventor 吴建亮胡鹏吴岸宏
Owner 广州锦行网络科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products