CN102315992A - Detection method for illegal external connection - Google Patents
Detection method for illegal external connection Download PDFInfo
- Publication number
- CN102315992A CN102315992A CN201110324828A CN201110324828A CN102315992A CN 102315992 A CN102315992 A CN 102315992A CN 201110324828 A CN201110324828 A CN 201110324828A CN 201110324828 A CN201110324828 A CN 201110324828A CN 102315992 A CN102315992 A CN 102315992A
- Authority
- CN
- China
- Prior art keywords
- terminal equipment
- external connection
- management server
- lawless
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 70
- 238000000034 method Methods 0.000 claims abstract description 40
- 230000004044 response Effects 0.000 claims abstract description 12
- 230000006854 communication Effects 0.000 claims description 28
- 238000004891 communication Methods 0.000 claims description 25
- 238000007906 compression Methods 0.000 claims description 3
- 230000006835 compression Effects 0.000 claims description 3
- 238000012544 monitoring process Methods 0.000 description 7
- 239000000523 sample Substances 0.000 description 6
- 230000003993 interaction Effects 0.000 description 4
- 241000700605 Viruses Species 0.000 description 2
- 238000013475 authorization Methods 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 239000008358 core component Substances 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000009472 formulation Methods 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 238000012797 qualification Methods 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses a detection method for illegal external connection, wherein the method is used for detecting an illegal external connection behavior on a computer in an internal network. The method comprises the following steps: a definition step S310, defining a detection strategy in advance in a management server and arranging terminal equipment that needs to apply the detection strategy; A detection step S320, detecting illegal external connection on a computer in an internal network by the terminal equipment according to the detection strategy downloaded from the management server; an alarming step S330, emitting alarm information to the management server by the terminal equipment when it is determined that there is an illegal external connection behavior on the computer in the internal network; and a response step S340, executing a response measure by the management server according to the alarm information. According to the detection method for the illegal external connection provided in the invention, various possible external connection modes on a computer in an internal network can be comprehensively detected, so that an accuracy and a correctness for detection can be improved.
Description
Technical field
The present invention relates to a kind of lawless exterior joint detecting method that the illegal external connection behavior of inner net computer is detected.
Background technology
The development of computer and network technologies is for terminal computer provides the abundant network and the means of devices interconnect.The terminal use not only can directly realize with other computers or Internet interconnected through cable network; Also can be through multiple wireless connections mode, for example WLAN, infrared ray, bluetooth etc. realize the interconnected of network and equipment; The abundant Peripheral Interface that can also provide through the terminal, for example multiple interfaces such as USB interface, com port, LPT mouth, Modem realize the interconnected of terminal and peripheral hardware, terminal and terminal or terminal and network.In addition, on the basis of above physical connection, also have PPOE virtual dial-up, all kinds of VPN selective, as the optional mode of the interconnection and interflow of safety.
And in some concerning security matters Intranets, because there is the multiple network connected mode in the computer of Intranet, and lacks the otherwise effective technique monitoring means, therefore have a large amount of inner net computers to carry out network in violation of rules and regulations and outreach.The outer joint conference of these illegal networks causes following serious problems:
1) confidential information is leaked
The user is through the computer of illegal external connection, sends out the concerning security matters data inner outward actively or passively, causes heavy losses to tissue;
2) introduce safety problem
The exist for virus, wooden horse of illegal external connection computer are attacked Intranet desirable passage are provided; Virus or wooden horse can by the terminal use violate a ban to use USB flash disk, without authorization dialing carry out internet access, arbitrarily browse web sites, arbitrarily in the process of download site software; Take advantage of a weak point; Shoot Intranet, the safety of serious threat internal data in the stable operation of Intranet and the Intranet.
For the computer to illegal external connection effectively detects, there is following detection method at present.
At " a kind of method of detecting computer illegal external connection in closed network " (application number: the method that discloses a kind of detecting computer illegal external connection in closed network 200910081606.1); Comprise: Intranet network interface card and outer net network interface card are set on any computer in said network as monitoring machine; And be provided with respectively corresponding in net address and Fei Nei net address, the router port setting of said outer net network interface card connection with said non-in the port address of the identical network segment of net address; Said monitoring machine sends probe messages through said Intranet network interface card and outer net network interface card in network; And receive corresponding response message; If network internal storage is at the computer that does not send response message to said outer net network interface card, then will judge this computer is the illegal external connection main frame.This detection method dependency network topological structure, if in Intranet, be provided with filter plants such as fire compartment wall, then probe messages can be filtered device mask, under this environment, just can not correctly detect the main frame of illegal external connection.
At " a kind of detection method of illegal external connection of inner net computer " (application number: the detection method that discloses a kind of illegal external connection of inner net computer 200510096094.8).The purpose of this invention is the detection method that a kind of illegal external connection of inner net computer will be provided; Each has the mode of typical representational station address through the dns server poll on each classified network main frame, confirms that can the classified network main frame carry out illegally interconnected with external network.This detection method does not detect the network mode of outreaching of computer; Just whether the poll through dns server detects and is outreaching; When inner net computer is forbidden DNS Protocol; And when the mode through proxy outreached network, existing detection method can not accurately detect the behavior of illegal external connection.
Summary of the invention
In view of above-mentioned technical problem, the present invention provides a kind of lawless exterior joint detecting method that can accurately detect the illegal external connection of inner net computer behavior.
Lawless exterior joint detecting method involved in the present invention may further comprise the steps: the definition step, and definition detects strategy in advance in management server, and the terminal equipment that needs the applying detection strategy is set; Detect step, said terminal equipment detects according to the illegal external connection of the said detection strategy of downloading from said management server to inner net computer; Alarm step, when being judged as said inner net computer when having the illegal external connection behavior, said terminal equipment sends warning information to said management server; And response of step, said management server is carried out responsive measures according to warning information.
In above-mentioned lawless exterior joint detecting method, wherein, said detection step comprises: the first structure forwarding step; Inquire about the network adapter information in the inner net computer one by one; And, construct connective detection packet, and send to the outer net main frame according to the network parameter of the said adapter that inquires; Query steps when all said network adapter inquiries finish, is inquired about the agent way that whether is provided with online on the said inner net computer; The second structure forwarding step when being provided with the agent way of said online, and according to the network parameter of the agent way of the said online that inquires, being constructed connective detection packet, and is sent to said outer net main frame; And determining step, when said terminal equipment receive from said outer net main frame to the response bag of said connective detection packet the time, judge that there is the illegal external connection behavior in inner net computer.
In above-mentioned lawless exterior joint detecting method, said network adapter information comprises implementor name; The network parameter of said adapter comprises ip address, mask and gateway.
In above-mentioned lawless exterior joint detecting method, said connective detection packet comprises http detection packet and ping detection packet.
In above-mentioned lawless exterior joint detecting method, the network parameter of the agent way of said online comprises the main frame ip and the port information of said terminal equipment.
In above-mentioned lawless exterior joint detecting method, said responsive measures comprises: control desk alarm, mail are alarmed, are blocked network and restart machine.
In above-mentioned lawless exterior joint detecting method, said terminal equipment is many.
In above-mentioned lawless exterior joint detecting method; The intranet security management system that said terminal equipment, said management server and said control desk constitute is supported multistage deployment way; Scale and supervisory level according to network are divided into the N level, and wherein, N is the integer greater than 1.
In above-mentioned lawless exterior joint detecting method, the data communication between the said terminal equipment, between said terminal equipment and the said management server adopts ssl to encrypt and the communication mode of compression.
In above-mentioned lawless exterior joint detecting method, adopt the coded communication mode of https between said management server and the control desk.
In lawless exterior joint detecting method of the present invention; Connect parameter through network available in the automatic identification computer; And carry out illegal external connection according to the network parameter of discerning and detect, and, adopt and initiatively construct disparate networks agreement probe data packet; Outside network host is carried out connectedness survey, and come according to result of detection whether the detection computations machine is the mode that illegally outreaches.
According to lawless exterior joint detecting method of the present invention, can carry out complete detection to the various possible mode of outreaching of computer Intranet, improved accuracy of detection and correctness.Solved of the dependence of existing detection method, solved the problem that existing detection method can not correctly detect under the agent way of online network topology.
Description of drawings
When combining accompanying drawing to consider; Through with reference to following detailed, can more completely understand the present invention better and learn wherein many attendant advantages easily, but accompanying drawing described herein is used to provide further understanding of the present invention; Constitute the application's a part; Illustrative examples of the present invention and explanation thereof are used to explain the present invention, do not constitute to improper qualification of the present invention, wherein:
Fig. 1 is the deployment sketch map that illegally outreaches detection system.
Fig. 2 is the block diagram that illegally outreaches detection system.
Fig. 3 is the flow chart of interior lawless exterior joint detecting method.
Fig. 4 is the flow chart of the performed detection step of the terminal equipment of lawless exterior joint detecting method of the present invention.
Embodiment
Fig. 1 is the deployment sketch map that illegally outreaches detection system, and is as shown in Figure 1, and the illegal external connection detection system comprises: many station terminals equipment 100, management server 200 and control desk 300.
Fig. 2 is the block diagram that illegally outreaches detection system.As shown in Figure 2, on each station terminal equipment 100 of many station terminals equipment Agent is installed, can download from management server 200 and detect strategy, carry out the detection of illegal external connection according to detecting strategy, and testing result is reported management server 200.Can comprise: terminal communication module 110, terminal control module 120, illegal external connection detect engine 130, alarm module 140.
Particularly, terminal communication module 110 is used for the communication process between terminal equipment and management server, the terminal equipment, realizes transmitting-receiving, communication encryption and decryption and the breakpoint transmission etc. of communication establishment of connection, data; Terminal control module 120 is core components of terminal equipment, is responsible for each module of terminal equipment inside is carried out unified management, and it accepts to detect strategy through the terminal communication module; And will detect the application of policies illegal external connection and detect engine 130; In addition, it also accepts warning information and state information that illegal external connection detects engine 130, is transmitted to the upper management server through terminal communication module 110 then; And it also carries out unified monitoring and management to the resource of terminal equipment; Illegal external connection detects engine 130 network connection informations of identification computers automatically, according to the network joint construction probe data packet of identification, sends the main frame that probe data packet is given outer net then, and the analyzing responding data are judged whether illegal external connection of this computer; If the discovery illegal external connection then notifies alarm module 140 to send the warning information of illegal external connection to management server.
Terminal equipment of the present invention can be discerned the disparate networks connected mode of computer automatically; Then based on the internetwork connection mode that identifies; Main frame to external network sends the network connectivty detection packet, judges according to the response results of detection packet whether inner net computer is illegally to outreach.
Management server 200 is control centres of system, and the security information of its acceptance and processing subordinate terminal equipment is formulated and issued security strategy and gives terminal equipment, accepts and respond the supervisory instruction of control console 300 simultaneously.Have functions such as the Centralized management of policy of detection, asset management, authentication and authorization, analysis and form, warning information acceptance and processing.As shown in Figure 2, can comprise: management server communication module 210, management server control module 220, illegal external connection monitoring module 230, assets management module 240, policy management module 250, Certificate Authority module 260, registration service module 270, resource information bank 280.
Particularly, management server communication module 210 is used for the communication process between terminal equipment and management server, management server and the control desk, realizes functions such as the transmitting-receiving of communication establishment of connection, data, the encryption and decryption of communicating by letter.
Management server control module 220 is core components of management server, is responsible for each module of management server inside is carried out unified management, and it is handed down to security strategy and control command through communication module the terminal equipment of subordinate; In addition, it also accepts the user instruction of control console, and according to user instruction other modules is managed and controlled; And it also realizes carrying out uniform dispatching and management to the task in the management server.
Illegal external connection monitoring module 230 is accepted the illegal external connection warning information that subordinate's terminal equipment reports, and carries out corresponding responsive measures according to security strategy then; These responsive measures comprise control desk alarm, mail alarm, block network and restart machine etc.
Assets management module 240 is realized the assets in the network are carried out centralized and unified management, mainly comprises: the grouping management of assets, assets such as import and export at function.
Policy management module 250 realizes security strategy in the system is carried out centralized and unified management, mainly comprises: functions such as the formulation of strategy, strategy distribution, strategy monitoring.
Certificate Authority module 260 realizes unified authentification of user and based on role's rights management function.
Registration service module 270 is responsible for all resource informations in the system being carried out unified management, the content in the maintenance resources information bank 280.
Resource information bank 280 is used to store various resources such as the address information, configuration information, security strategy at each terminal.
Control desk 300 is interfaces of user interactions, receives user's instruction, is transmitted to management servers process, accepts simultaneously and presents the information from management server.Control desk 300 is the computer equipments with browser, for example IE browser function, and control desk 300 can be provided with separately, also can be arranged on terminal equipment 100 or the management server 200.As shown in Figure 2, control desk 300 comprises: console communication module 310, control desk control module 320, represent module 330, human-computer interaction module 340.
Communication process between console communication module 310 charge management servers 200 and the control desk 300 realizes functions such as the transmitting-receiving of communication establishment of connection, data, the encryption and decryption of communicating by letter.
Control desk control module 320 is responsible for other modules are carried out centralized and unified management, functions such as the uniform dispatching of realization task, data centralization assignment.
Represent the data performance that module 330 realizes multiple modes such as form.
Human-computer interaction module 340 is responsible for the manager mutual, realizes man-machine interaction, and patterned administration interface is provided.
Data communication between terminal equipment 100 and the management server 200 supports ssl to encrypt, and guarantees the confidentiality of data; Data to transmission are compressed, and have reduced taking the network bandwidth; Then adopt the coded communication mode of https between control desk 300 and the management server 200, guarantee the communication security of system
Fig. 3 is a routine flow chart of lawless exterior joint detecting method of the present invention.As shown in Figure 3, may further comprise the steps:
Definition step S310, definition detects strategy in advance in management server 200, and the terminal equipment 100 that needs the applying detection strategy is set.
Detect step S320, terminal equipment 100 detects according to the illegal external connection of the detection strategy of downloading from management server 200 to inner net computer.
Alarm step S330, when being judged as inner net computer when having the illegal external connection behavior, terminal equipment 100 sends warning information to management server 200.
Response of step S340, management server 200 carry out responsive measures according to warning information.
Fig. 4 is the flow chart of the performed detection step of the terminal equipment of lawless exterior joint detecting method of the present invention.As shown in Figure 4, detect step and may further comprise the steps:
The first structure forwarding step S410 inquires about the network adapter information in the inner net computer one by one, and according to the network parameter of the adapter that inquires, constructs connective detection packet, and send to the outer net main frame.For example inquire about the information of a network adapter in the computer; Mainly comprise information such as implementor name; Obtain the network parameter of this adapter according to implementor name, comprise information such as ip address, mask and gateway, and according to the network parameter of this adapter; The connective probe data packet (for example: http detection packet and ping detection packet etc.) of tectonic network, and send to the main frame of external network.Then judge whether in addition network adapter,, otherwise carry out query steps S420 if having then carry out S410 again.
Whether query steps S420 when all network adapter inquiries finish, is provided with the agent way of online on the inquiry inner net computer.If have, then get into the second structure forwarding step S430, if not then get into determining step S440.
The second structure forwarding step S430 when being provided with the agent way of online, and according to the network parameter of the agent way of the online that inquires, constructing connective detection packet, and sends to the outer net main frame.Here, the network parameter of the agent way of online comprises information such as terminal equipment mainframe ip and port.
Determining step S440, when terminal equipment receive from the outer net main frame to the response bag of connective detection packet the time, judge that there is the illegal external connection behavior in inner net computer.
If not from the outer net main frame to the response bag of connective detection packet the time, then do not carry out alarm step, finish this time to detect.
Illegal external connection detection system of the present invention is supported the mode of multistage deployment; When large scale network is disposed; Can be divided into N (N>1) level according to the scale and the supervisory level of network; Wherein set up the administrative center of network-wide basis, formulate and issue unified network-wide security policy and detect strategy at Centroid.These strategies are consistent between peer or subordinate administrative center through mechanism synchronous and that duplicate.The change of strategy also all can be uploaded to the upper management center in the subordinate administrative center, can browse the application of policies situation of any one subordinate administrative center at the upper management center, is applicable to the application deployment of large-scale network environment.Owing to adopt decentralized control, reliability is high, has reduced the load of each node server.
Between terminal equipment and the terminal equipment, the data communication support between terminal equipment and the management server is encrypted and compression; Then adopt the coded communication mode of https between control desk and the management server, guarantee the communication security of system.
The lawless exterior joint detecting method that inner net computer is carried out the illegal external connection detection of the present invention is used for solving existing detection technique and has the not comprehensive and inaccurate problem that detects.Through the present invention the diverse network connected mode of inner net computer is discerned automatically; Initiatively the main frame of external network is carried out the network connectivty detection through detected available network connected mode then, confirm according to result of detection whether inner net computer can carry out illegally interconnected with external network.This method is discerned the disparate networks JA(junction ambient) at computer place comprehensively, and combines the mode of active detecting on this basis, can detect the computer of Intranet illegal external connection accurately, all sidedly.Adopt this method can fundamentally solve detection problem to illegal external connection of inner net computer.This method can be applied in the various kinds of equipment such as network security management, intrusion detection and server protection.
The present invention has carried out complete detection to the various possible modes of outreaching in the computer, has improved accuracy of detection and correctness.Solved of the dependence of existing detection method, solved the problem that existing detection method can not correctly detect under agent way network topology.
As stated, embodiments of the invention have been carried out explanation at length, but as long as not breaking away from inventive point of the present invention and effect in fact can have a lot of distortion, this will be readily apparent to persons skilled in the art.Therefore, such variation also all is included within protection scope of the present invention.
Claims (10)
1. a lawless exterior joint detecting method is used for the illegal external connection behavior of inner net computer is detected, and may further comprise the steps:
The definition step, definition detects strategy in advance in management server, and the terminal equipment that needs the applying detection strategy is set;
Detect step, said terminal equipment detects according to the illegal external connection of the said detection strategy of downloading from said management server to inner net computer;
Alarm step, when being judged as said inner net computer when having the illegal external connection behavior, said terminal equipment sends warning information to said management server; And
Response of step, said management server are carried out responsive measures according to warning information.
2. lawless exterior joint detecting method according to claim 1, wherein, said detection step comprises:
The first structure forwarding step is inquired about the network adapter information in the inner net computer one by one, and according to the network parameter of the said adapter that inquires, is constructed connective detection packet, and send to the outer net main frame;
Query steps when all said network adapter inquiries finish, is inquired about the agent way that whether is provided with online on the said inner net computer;
The second structure forwarding step when being provided with the agent way of said online, and according to the network parameter of the agent way of the said online that inquires, being constructed connective detection packet, and is sent to said outer net main frame; And
Determining step, when said terminal equipment receive from said outer net main frame to the response bag of said connective detection packet the time, judge that there is the illegal external connection behavior in inner net computer.
3. lawless exterior joint detecting method according to claim 2, wherein,
Said network adapter information comprises implementor name;
The network parameter of said adapter comprises ip address, mask and gateway.
4. lawless exterior joint detecting method according to claim 3, wherein,
Said connective detection packet comprises http detection packet and ping detection packet.
5. lawless exterior joint detecting method according to claim 2, wherein,
The network parameter of the agent way of said online comprises the main frame ip and the port information of said terminal equipment.
6. according to each described lawless exterior joint detecting method in the claim 1 to 5, wherein,
Said responsive measures comprises: control desk alarm, mail are alarmed, are blocked network and restart machine.
7. lawless exterior joint detecting method according to claim 6, wherein,
Said terminal equipment is many.
8. lawless exterior joint detecting method according to claim 6, wherein,
The illegal external connection detection system that said terminal equipment, said management server and control desk constitute is supported multistage deployment way, is divided into the N level according to the scale and the supervisory level of network, and wherein, N is the integer greater than 1.
9. lawless exterior joint detecting method according to claim 6, wherein,
Data communication between the said terminal equipment, between said terminal equipment and the said management server adopts ssl to encrypt and the communication mode of compression.
10. lawless exterior joint detecting method according to claim 6, wherein,
Adopt the coded communication mode of https between said management server and the control desk.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110324828A CN102315992A (en) | 2011-10-21 | 2011-10-21 | Detection method for illegal external connection |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110324828A CN102315992A (en) | 2011-10-21 | 2011-10-21 | Detection method for illegal external connection |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102315992A true CN102315992A (en) | 2012-01-11 |
Family
ID=45428829
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110324828A Pending CN102315992A (en) | 2011-10-21 | 2011-10-21 | Detection method for illegal external connection |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102315992A (en) |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102880827A (en) * | 2012-09-11 | 2013-01-16 | 温州市创力电子有限公司 | Method and system for managing computer terminals |
| CN102916943A (en) * | 2012-09-20 | 2013-02-06 | 无锡华御信息技术有限公司 | Management method and management system of portable storage device based on network environment |
| CN104683163A (en) * | 2013-11-27 | 2015-06-03 | 东莞市微云系统科技有限公司 | Cloud terminal network connectivity checking method, cloud terminal network connectivity checking system, and cloud terminal equipment |
| CN105227383A (en) * | 2015-11-06 | 2016-01-06 | 广东电网有限责任公司电力科学研究院 | A kind of device of network topology investigation |
| CN105359156A (en) * | 2013-07-05 | 2016-02-24 | 日本电信电话株式会社 | Unauthorized-access detection system and unauthorized-access detection method |
| CN105450442A (en) * | 2015-11-06 | 2016-03-30 | 广东电网有限责任公司电力科学研究院 | Network topology checking method and system thereof |
| CN105471857A (en) * | 2015-11-19 | 2016-04-06 | 国网天津市电力公司 | Power grid terminal invalid external connection monitoring blocking method |
| CN105577668A (en) * | 2015-12-25 | 2016-05-11 | 北京奇虎科技有限公司 | A network connection control method and device |
| CN107426208A (en) * | 2017-07-24 | 2017-12-01 | 郑州云海信息技术有限公司 | A kind of method for monitoring network illegal external connection |
| CN107819787A (en) * | 2017-11-30 | 2018-03-20 | 国网河南省电力公司商丘供电公司 | One kind prevents LAN computer illegal external connection system and method |
| CN108292343A (en) * | 2015-12-10 | 2018-07-17 | 西门子股份公司 | Weak link avoids |
| CN108322454A (en) * | 2018-01-17 | 2018-07-24 | 杭州盈高科技有限公司 | A kind of network security detection method and device |
| CN109450921A (en) * | 2018-11-29 | 2019-03-08 | 北京北信源信息安全技术有限公司 | Network status monitoring method, apparatus, storage medium and server |
| CN110166315A (en) * | 2019-04-17 | 2019-08-23 | 浙江远望信息股份有限公司 | With the presence or absence of the detection method that can connect the Internet lines in a kind of pair of broadcast domain |
| CN110191102A (en) * | 2019-05-09 | 2019-08-30 | 黄志英 | A kind of illegal external connection comprehensive monitoring system and its method |
| CN111130930A (en) * | 2019-12-16 | 2020-05-08 | 杭州迪普科技股份有限公司 | Dual-network card detection method and device |
| CN114244808A (en) * | 2021-11-17 | 2022-03-25 | 广东电网有限责任公司 | Method and device for passively checking offline illegal external connection based on non-client mode |
| CN114448678A (en) * | 2021-12-31 | 2022-05-06 | 南方电网数字电网研究院有限公司 | Illegal external connection monitoring system and method |
| CN115834205A (en) * | 2022-11-23 | 2023-03-21 | 贵州电网有限责任公司 | A Monitoring System Violation Outreach Alarm System |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1750480A (en) * | 2005-09-29 | 2006-03-22 | 西安交大捷普网络科技有限公司 | Detecting method for illegal external connection of inner net computer |
| WO2010093559A2 (en) * | 2009-02-16 | 2010-08-19 | Microsoft Corporation | Trusted cloud computing and services framework |
-
2011
- 2011-10-21 CN CN201110324828A patent/CN102315992A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1750480A (en) * | 2005-09-29 | 2006-03-22 | 西安交大捷普网络科技有限公司 | Detecting method for illegal external connection of inner net computer |
| WO2010093559A2 (en) * | 2009-02-16 | 2010-08-19 | Microsoft Corporation | Trusted cloud computing and services framework |
Non-Patent Citations (2)
| Title |
|---|
| 吴晓光 等: "为企业内网构建非法外联监控管理体系", 《金融电子化》 * |
| 朱宽: "以安全管理促进内网安全", 《信息网络安全》 * |
Cited By (28)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102880827A (en) * | 2012-09-11 | 2013-01-16 | 温州市创力电子有限公司 | Method and system for managing computer terminals |
| CN102916943A (en) * | 2012-09-20 | 2013-02-06 | 无锡华御信息技术有限公司 | Management method and management system of portable storage device based on network environment |
| CN105359156B (en) * | 2013-07-05 | 2018-06-12 | 日本电信电话株式会社 | Unauthorized access detecting system and unauthorized access detection method |
| CN105359156A (en) * | 2013-07-05 | 2016-02-24 | 日本电信电话株式会社 | Unauthorized-access detection system and unauthorized-access detection method |
| US10142343B2 (en) | 2013-07-05 | 2018-11-27 | Nippon Telegraph And Telephone Corporation | Unauthorized access detecting system and unauthorized access detecting method |
| CN104683163A (en) * | 2013-11-27 | 2015-06-03 | 东莞市微云系统科技有限公司 | Cloud terminal network connectivity checking method, cloud terminal network connectivity checking system, and cloud terminal equipment |
| CN105450442B (en) * | 2015-11-06 | 2019-02-15 | 广东电网有限责任公司电力科学研究院 | A kind of network topology investigation method and its system |
| CN105450442A (en) * | 2015-11-06 | 2016-03-30 | 广东电网有限责任公司电力科学研究院 | Network topology checking method and system thereof |
| CN105227383A (en) * | 2015-11-06 | 2016-01-06 | 广东电网有限责任公司电力科学研究院 | A kind of device of network topology investigation |
| CN105227383B (en) * | 2015-11-06 | 2018-07-03 | 广东电网有限责任公司电力科学研究院 | A kind of device of network topology investigation |
| CN105471857A (en) * | 2015-11-19 | 2016-04-06 | 国网天津市电力公司 | Power grid terminal invalid external connection monitoring blocking method |
| CN108292343B (en) * | 2015-12-10 | 2022-07-26 | 西门子股份公司 | Avoidance of weak links |
| CN108292343A (en) * | 2015-12-10 | 2018-07-17 | 西门子股份公司 | Weak link avoids |
| CN105577668A (en) * | 2015-12-25 | 2016-05-11 | 北京奇虎科技有限公司 | A network connection control method and device |
| CN107426208A (en) * | 2017-07-24 | 2017-12-01 | 郑州云海信息技术有限公司 | A kind of method for monitoring network illegal external connection |
| CN107819787B (en) * | 2017-11-30 | 2020-10-16 | 国网河南省电力公司商丘供电公司 | A system and method for preventing illegal external connection of local area network computers |
| CN107819787A (en) * | 2017-11-30 | 2018-03-20 | 国网河南省电力公司商丘供电公司 | One kind prevents LAN computer illegal external connection system and method |
| CN108322454A (en) * | 2018-01-17 | 2018-07-24 | 杭州盈高科技有限公司 | A kind of network security detection method and device |
| CN109450921A (en) * | 2018-11-29 | 2019-03-08 | 北京北信源信息安全技术有限公司 | Network status monitoring method, apparatus, storage medium and server |
| CN109450921B (en) * | 2018-11-29 | 2021-08-10 | 北京北信源信息安全技术有限公司 | Network state monitoring method and device, storage medium and server |
| CN110166315A (en) * | 2019-04-17 | 2019-08-23 | 浙江远望信息股份有限公司 | With the presence or absence of the detection method that can connect the Internet lines in a kind of pair of broadcast domain |
| CN110191102B (en) * | 2019-05-09 | 2021-12-21 | 黄志英 | Illegal external connection comprehensive monitoring system and method thereof |
| CN110191102A (en) * | 2019-05-09 | 2019-08-30 | 黄志英 | A kind of illegal external connection comprehensive monitoring system and its method |
| CN111130930A (en) * | 2019-12-16 | 2020-05-08 | 杭州迪普科技股份有限公司 | Dual-network card detection method and device |
| CN114244808A (en) * | 2021-11-17 | 2022-03-25 | 广东电网有限责任公司 | Method and device for passively checking offline illegal external connection based on non-client mode |
| CN114244808B (en) * | 2021-11-17 | 2023-08-08 | 广东电网有限责任公司 | Offline illegal external connection method and device based on passive inspection of non-client mode |
| CN114448678A (en) * | 2021-12-31 | 2022-05-06 | 南方电网数字电网研究院有限公司 | Illegal external connection monitoring system and method |
| CN115834205A (en) * | 2022-11-23 | 2023-03-21 | 贵州电网有限责任公司 | A Monitoring System Violation Outreach Alarm System |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102315992A (en) | Detection method for illegal external connection | |
| Zarpelão et al. | A survey of intrusion detection in Internet of Things | |
| CN110661761B (en) | An access control apparatus, method, computer program product and computer readable medium | |
| CN102045214B (en) | Botnet detection method, device and system | |
| KR101788495B1 (en) | Security gateway for a regional/home network | |
| CN201194396Y (en) | Safe gateway platform based on transparent proxy gateway | |
| CN101197715B (en) | A secure centralized collection method for mobile data service status | |
| CN105262738A (en) | Router and method for preventing ARP attacks thereof | |
| CN101895442B (en) | Network quality active monitoring method and system in credible Internet | |
| CN106911529A (en) | Power network industry control safety detecting system based on protocol analysis | |
| CN111464563B (en) | Protection method of industrial control network and corresponding device | |
| CN106878135A (en) | A kind of connection method and device | |
| CN105991638A (en) | Network attack path analysis and generation method and network attack path analysis and generation system | |
| CN102739684A (en) | Portal authentication method based on virtual IP address, and server thereof | |
| CN113259347B (en) | Equipment safety system and equipment behavior management method in industrial Internet | |
| KR100758796B1 (en) | Real-time service management system for enterprise and its method | |
| CN102970166A (en) | Method and system for monitoring alarm event of network element equipment | |
| CN102045310B (en) | Industrial Internet intrusion detection as well as defense method and device | |
| CN114124436B (en) | APN access trusted computing management system based on electric power Internet of things universal terminal | |
| CN108353027A (en) | A kind of software defined network system for detecting port failure | |
| CN101729544B (en) | Method and system for security capacity negotiation | |
| CN207782854U (en) | A kind of network monitoring system based on cloud computing | |
| CN112565203B (en) | Centralized management platform | |
| CN111769632A (en) | A distributed power security communication method and system using NB-IOT technology | |
| CN113452702B (en) | Micro-service traffic detection system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20120111 |