Unlock instant, AI-driven research and patent intelligence for your innovation.

Scanning method for network station leakage

A vulnerability scanning and security technology, which is applied in the field of website security vulnerability scanning based on complete crawling, can solve problems such as insufficient crawling range, and achieve the effect of improving reliability

Inactive Publication Date: 2006-11-29
北京华景中天信息技术有限公司
View PDF1 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Aiming at the problem that the crawling range caused by the above-mentioned crawling method is not wide enough, the purpose of the present invention is to provide a scanning method that can comprehensively scan the security vulnerabilities of the website. Scanning, such that web pages are scanned not only for hierarchical pages crawled, but also for pages discovered after rule-based probing of web pages and subpages seeded with such pages

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Scanning method for network station leakage
  • Scanning method for network station leakage
  • Scanning method for network station leakage

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] In the following, a virtual website www.abc.com will be taken as an example, and the method for scanning website security vulnerabilities of the present invention will be further described through specific operations on the website.

[0027] (1) Scanning stage:

[0028] Such as figure 2 As shown, first obtain links based on fixed scanning rules according to the fixed scanning rules in the database. These links are links that can be guessed directly, such as: \password.ini, \login.asp, \_vti_bin\, \test.pl, \ config.ini, \rootlogin.asp…….

[0029] Add these links directly obtained based on the fixed scanning rules together with the website name www.abc.com into the queue of web page links to be scanned.

[0030] Each link in the web page link queue is scanned in turn, and at the same time, new links found during the web page scanning process are added to the web page link queue. For links obtained based on fixed scanning rules, by analyzing the server response messag...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

This invention relates to a method for scanning security leakage, which applies multiple scan modes to scan the networks deeply and thoroughly including not only the creepy hierarchy pages, but also the pages found out after detection to the pages and sub-pages taking the pages as the seeds, in which, the method includes two stages of scan and analysis, in the scan period, the newly discovered links are transformed by a specific scan rule and the transformed new links will join in the scan queue to be scanned at the same time when scanning the web links and the scan continues repeatedly till no new links appear.

Description

technical field [0001] The invention relates to a scanning technology for website security loopholes, in particular to a scanning method for website security loopholes based on complete crawling. Background technique [0002] With the development of the Internet, the security problems faced by the programs running on the Web server are becoming more and more prominent. Ensuring that Web services can run safely and stably is an important task for IT departments in many companies and institutions. Usually, due to the lack of effective web security assessment tools and the subsequent security problems caused by frequent system upgrades, managers cannot find problems in a timely and effective manner. Practice has shown that security problems based on the network layer often reflect obvious problems and are easy to be found. But another type of problem is caused by the application layer, which is difficult to find in time. This type of problem is more often due to the develope...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/00H04L12/28H04L29/06
Inventor 高山徐强吴剑林王耀勇王喜兵
Owner 北京华景中天信息技术有限公司