Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Universal method of anti-springboard machine based on Ethernet bridge rule

A general method, Ethernet technology, applied in the field of anti-jumper machine based on Ethernet bridge rules, can solve the problems of honeypot flow limitation, etc., achieve the effect of easy management, avoid the failure of anti-jump mechanism, and prevent lateral movement

Pending Publication Date: 2022-07-22
江苏天翼安全技术有限公司
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Purpose of the invention: the purpose of the present invention is to aim at the deficiencies in the prior art, provide a kind of general method of anti-jump board machine based on Ethernet bridge rule, by restricting and allowing the operation of port flow, make honeypot can be independent of real business, solve Solved the problem that the host host directly restricts the flow of the bridged honeypot

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Universal method of anti-springboard machine based on Ethernet bridge rule

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0018] The technical solutions of the present invention are described in detail below, but the protection scope of the present invention is not limited to the embodiments.

[0019] The invention discloses a general method for an anti-jumping machine based on Ethernet bridge rules, comprising the following steps:

[0020] Step 1: Bridge the honeypot deployed with multiple VLANs on the Linux host.

[0021] In this step, use the bridging method to create a large number of honeypots on the Linux host with multiple vlans to form a honeynet deployed in a wider range. The Linux host has an address on each vlan, and creates ip as these vlans. The honeypot of the address increases the authenticity and coverage. Among them, the honeypot is a virtual machine that induces attackers to attack, and the honeypot is actually deployed. The honeypot on the Linux host uses bridging technology, which is equivalent to directly connecting with the host. network to connect. At the same time, becau...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a universal method for an anti-springboard machine based on an Ethernet bridge rule, which adopts a configuration mode of filtering a data packet by an Ethernet bridge, and utilizes a configuration tool ebtables for filtering the data packet for the flow of a data link layer in a Linux kernel, when the data packet is sent to a Linux host machine, the host machine detects and processes the filtering rule of the data packet and filters the data packet; because the honeypot deployed by multiple vlan is bridged on the Linux host machine, when an attacker attacks the honeypot, the FORWARD chain is limited by utilizing ebtables, and the FORWARD chain rule does not enter a user control and is responsible for forwarding a data packet which flows through the host machine but does not enter the local machine. According to the method, an Ethernet bridge rule is adopted, multiple vlans are bridged on a Linux host machine to create a large number of honeypots, a honeynet deployed in a large range is formed, and through the operation of limiting and allowing port flow, the honeypots are independent of real services, and anti-springboard operation is carried out.

Description

technical field [0001] The invention relates to the technical field of network information security, in particular to a general method for an anti-springboard machine based on Ethernet bridge rules. Background technique [0002] In the prior art, the anti-springboard approach is to add a firewall to the overall business scope, or configure a firewall for each honeypot itself to perform anti-springboard protection. However, adding a firewall to the overall business scope will easily affect the existing business functions, which is not conducive to flexible configuration. If the honeypot itself is used to configure the firewall to prevent the springboard, it is easy for the attacker to modify the anti-springboard after obtaining the super administrator authority, making it invalid. SUMMARY OF THE INVENTION [0003] Purpose of the invention: The purpose of the present invention is to aim at the deficiencies of the prior art, and to provide a general method for an anti-jumpin...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/40
CPCH04L63/02H04L63/1491H04L63/0227H04L63/0263
Inventor 宋彦春郑昭翼
Owner 江苏天翼安全技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com