Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and system for interfering network scanner

A network scanning and operating system technology, applied in the field of network attack and defense, can solve the problem that network scanners cannot forge the type of operating system in a targeted manner

Pending Publication Date: 2022-05-10
杭州默安科技有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of this application is to provide a method and system for interfering with network scanners, so as to solve the technical problem in the above-mentioned prior art that network scanners cannot directionally forge the specified operating system type

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for interfering network scanner

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0040] Such as figure 1 As shown, the present embodiment includes a method for interfering with a network scanner, comprising the following steps: preparing and storing response data packets of several operating systems, sniffing all visitors and receiving access data packets of visitors, and performing an operation on the access data packets Detect and judge the type of access data packets.

[0041] If the access data packet is a normal traffic access, a SYN / ACK response packet is returned in response to the access data packet, and a communication connection is established with the visitor after completing the three-way handshake. If the access data packet is a scan packet, send a response packet of any operating system other than the local machine back to the network scanner.

[0042] Specifically, in normal network services, both the attacker and the normal visitor directly access the service port, and the attacker's network scanner can directly determine the specific info...

Embodiment 2

[0062] This embodiment includes a system for interfering with a network scanner, including: a storage unit, which stores response data packets of several operating systems. The judging unit is configured to sniff all the visitors and receive the access data packets of the visitors, detect the access data packets and judge the type of the access data packets.

[0063] The first communication unit is configured to return a response data packet of SYN / ACK in response to the access data packet, and establish a communication connection with the visitor after completing the three-way handshake. The second communication unit is used to send the response data packet of any operating system except the local machine back to the network scanner.

[0064] For relevant information, please refer to part of the description of Embodiment 1.

Embodiment 3

[0066] An electronic device includes a memory and a processor, the memory is used to store one or more computer instructions, wherein the one or more computer instructions are executed by the processor to implement the above method for interfering with a network scanner.

[0067] Those skilled in the art can clearly understand that for the convenience and brevity of the description, the specific working process of the electronic device described above can refer to the corresponding process in the foregoing method embodiment, which will not be repeated here.

[0068] A computer-readable storage medium. Computer instructions are stored on the computer-readable storage medium. When the computer instructions are executed by a processor, the steps of the method in Embodiment 1 are implemented.

[0069] Those skilled in the art should understand that the embodiments of the present invention may be provided as methods, apparatuses, or computer program products. Accordingly, the prese...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and system for interfering a network scanner, and relates to the technical field of network attack and defense, and the method for interfering the network scanner comprises the following steps: preparing and storing response data packets of a plurality of operating systems, sniffing all visitors, and receiving access data packets. And if the access data packet is normal flow access, returning an SYN / ACK response data packet in response to the access data packet, and establishing communication connection with the visitor after three handshakes are completed. And if the access data packet is a scanning packet, sending a response data packet of any operating system except the local machine and returning the response data packet to the network scanner. The method has the beneficial effects that when the network scanner accesses, the specific response data packet is automatically responded according to the response mode of the specified operating system, and the algorithm of the network scanner is fixed, so that the specific fingerprint can be generated for the specific response data packet; therefore, the network scanner of an attacker misjudges that the operating system is a specified operating system.

Description

technical field [0001] The present application belongs to the technical field of network attack and defense, and more specifically, the present application relates to a method and system for interfering with a network scanner. Background technique [0002] In the field of network attack and defense, the first step of all attack / security tests is often to collect information through network scanning, and an important part of network scanning is to identify the operating system corresponding to a certain IP. After the operating system is identified, the attacker / security tester can exploit the vulnerabilities that the operating system has. Therefore, from the perspective of defense, if one operating system is directly faked into another operating system during the scanner detection process, a certain degree of defense can be carried out. For the existing scanner operating system identification function, the open source tool nmap is the most widely used on the market. Most oth...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/40H04L69/163H04L69/22
CPCH04L63/1408H04L63/1441H04L63/166H04L63/0236H04L69/163H04L69/22
Inventor 王嘉雄周涛涛魏兴国
Owner 杭州默安科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com