Illegal external connection detection method for NAT access equipment

A technology for external detection and access equipment, applied in the direction of electrical components, transmission systems, etc., can solve problems such as inability to effectively discover and detect communication conditions, and achieve the effect of reducing the probability of missed detection and facilitating deployment

Pending Publication Date: 2021-06-01
ZHEJIANG YUANWANG INFORMATION CO LTD
View PDF0 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The purpose of the present invention is to overcome the deficiencies of the above-mentioned prior art, and to provide a method for detecting illegal outreach of NAT access devices, which aims to solve the problem that the existing technologies cannot effectively discover and detect devices and devices that access the network through NAT. Problems with the communication status of other networks such as the Internet

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Illegal external connection detection method for NAT access equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0018] refer to figure 1 , the embodiment of the present invention provides a method for detecting illegal outreach for NAT access devices, including the following steps:

[0019] S1. Deploy the gateway hardware device in a bypass on the core switch, and provide all network traffic information flowing through the core switch to the gateway hardware device in the form of a mirror image;

[0020] S2. The gateway hardware device analyzes the traffic information obtained in real time, separates the HTTP data stream, and conducts in-depth analysis of the GET\POST message information;

[0021] S3, parse the cookie information in the GET\POST message, extract the chkurl key value information, if there is no chkurl information, go to step S4, if the chkurl information is extracted, then go to step S5;

[0022] S4. The gateway hardware device forges the HTTP response message according to the HTTP flow information, and uses the Set-Cookie value to enter the chkurl key and the chkurl ke...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an illegal external connection detection method for NAT access equipment, which comprises the following steps of: S1, deploying gateway hardware equipment on a bypass of a core switch, and providing network flow information to the gateway hardware equipment; S2, analyzing flow information in real time; S3, if the chkurl information does not exist, turning to the step S4, otherwise, turning to the step S5; S4, enabling the gateway hardware equipment to use a Set-Cookie value to enter a chkurl key and a chkurl key value; S5, judging whether the chkurl key value is consistent with the request path of the current message or not, if not, turning to step S6, and otherwise, turning to S7; S6, judging whether the time information in the chkurl key value is overtime or not, and if the time information is overtime, turning to the step S4; S7, judging whether the time information in the chkurl key value exceeds a detection period or not, if not, ending, otherwise, continuing to execute the step S8; and S8, inputting the gateway hardware equipment value into a script with an alarm system connection request so as to detect the external connection condition of the equipment, thereby solving the problem that the NAT access equipment cannot effectively and comprehensively carry out illegal external connection detection.

Description

【Technical field】 [0001] The invention relates to the technical field of network security detection, in particular to a detection method for illegal outreach of NAT access equipment. 【Background technique】 [0002] NAT (Network Address Translation), that is, network address translation technology, is widely used as a temporary solution to the current depletion of IPv4 address resources, ranging from operators to home networks. The use of NAT greatly reduces the threshold of network access and makes the network topology more complex, greatly increasing the difficulty of operation and maintenance management. In particular, there are special needs that require isolation and protection of networks that prohibit illegal outreach, and it is even impossible to effectively manage private network devices accessed by NAT. In order to solve the above problems, it is necessary to propose an outreach detection method for NAT access devices, which is used to detect the network connection...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08H04L29/12
CPCH04L61/2503H04L63/0236H04L63/1416H04L67/02
Inventor 傅昱皓王乾吕王行奇孟飞飞
Owner ZHEJIANG YUANWANG INFORMATION CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap