CN106912039B - Method and device for network configuration detection and repair of wireless network - Google Patents
Method and device for network configuration detection and repair of wireless network Download PDFInfo
- Publication number
- CN106912039B CN106912039B CN201510982427.0A CN201510982427A CN106912039B CN 106912039 B CN106912039 B CN 106912039B CN 201510982427 A CN201510982427 A CN 201510982427A CN 106912039 B CN106912039 B CN 106912039B
- Authority
- CN
- China
- Prior art keywords
- network
- dns
- security level
- security
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W24/00—Supervisory, monitoring or testing arrangements
- H04W24/04—Arrangements for maintaining operational condition
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Telephonic Communication Services (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Description
技术领域technical field
本申请涉及网络安全技术领域,尤其涉及一种无线网络的网络配置检测修复方法及装置。The present application relates to the technical field of network security, and in particular, to a method and device for detecting and repairing a network configuration of a wireless network.
背景技术Background technique
随着移动终端(如便携式电脑、手机、Pad)的不断普及,通过wifi(WirelessFidelity,无线保真)上网的用户也越来越多。With the continuous popularization of mobile terminals (such as portable computers, mobile phones, and Pads), more and more users surf the Internet through wifi (Wireless Fidelity, wireless fidelity).
在商场、酒店、餐厅等公共场合中提供免费wifi的地方越来越多。一般的公共场合中会使用路由器提供公共的wifi网络,这类无线网络通常不设置连接密码,移动终端搜索到该无线网络后,直接可以接入从而使用无线网络。然而,一些不法分子常常利用公共的无线网络,通过黑客软件篡改路由器的设置,可以把用户正常访问的网址解析到钓鱼网站上以盗取用户的私人信息和数据(如银行卡账户密码,个人隐私等)。There are more and more places that provide free wifi in public places such as shopping malls, hotels, and restaurants. In general public places, a router is used to provide a public wifi network. This type of wireless network usually does not set a connection password. After the mobile terminal searches for the wireless network, it can directly access and use the wireless network. However, some criminals often use public wireless networks to tamper with router settings through hacking software, and can parse the URLs that users normally visit to phishing websites to steal users' private information and data (such as bank card account passwords, personal privacy Wait).
综上所述,现有技术中存在无线网络不安全的问题。To sum up, there is a problem that the wireless network is insecure in the prior art.
发明内容SUMMARY OF THE INVENTION
本申请实施例的目的是提供一种无线网络的网络配置检测修复方法和装置,用以解决现有技术中存在无线网络不安全的问题。The purpose of the embodiments of the present application is to provide a method and device for detecting and repairing a network configuration of a wireless network, so as to solve the problem that the wireless network is insecure in the prior art.
为解决上述技术问题,本申请实施例提供的无线网络的网络配置检测修复方法和装置是这样实现的:In order to solve the above technical problems, the method and device for detecting and repairing the network configuration of a wireless network provided by the embodiments of the present application are implemented as follows:
一种无线网络的网络配置检测修复方法,包括:A method for detecting and repairing a network configuration of a wireless network, comprising:
云检测服务器接收客户端发送的携带客户端连接无线网络时获取的网络配置信息的检测请求;其中,所述网络配置信息至少包括该无线网络预设的恶意统一资源定位符URL;The cloud detection server receives a detection request sent by the client carrying the network configuration information obtained when the client connects to a wireless network; wherein, the network configuration information at least includes a malicious Uniform Resource Locator URL preset by the wireless network;
云检测服务器根据预设的安全检测规则确定所述网络配置信息的网络安全等级;The cloud detection server determines the network security level of the network configuration information according to a preset security detection rule;
云检测服务器将所述网络安全等级返回至客户端,供客户端对所述安全等级为待修复的网络安全等级的网络配置信息进行修复动作。The cloud detection server returns the network security level to the client for the client to perform a repair action on the network configuration information whose security level is the network security level to be repaired.
优选地,所述安全检测规则包括:如URL符合第一URL安全规则,则所述网络安全等级为危险;如URL符合第二URL安全规则,则所述网络安全等级为安全;如URL符合第三URL安全规则,则所述网络安全等级为警告。Preferably, the security detection rules include: if the URL conforms to the first URL security rule, the network security level is dangerous; if the URL conforms to the second URL security rule, the network security level is safe; if the URL conforms to the first URL security rule, the network security level is safe; Three URL security rules, the network security level is warning.
优选地,所述网络配置信息还包括广域网WAN接口的域名系统DNS;Preferably, the network configuration information further includes the Domain Name System DNS of the WAN interface of the WAN;
云检测服务器根据预设的安全检测规则确定所述网络配置信息的网络安全等级,具体包括:The cloud detection server determines the network security level of the network configuration information according to the preset security detection rules, which specifically includes:
云检测服务器根据预设的安全检测规则确定所述网络配置信息的网络安全等级;其中,所述安全检测规则包括:如DNS符合第一DNS安全规则,则所述网络安全等级为危险;如DNS符合第二DNS安全规则,则所述网络安全等级为安全;如DNS符合第三DNS安全规则,则所述网络安全等级为警告。The cloud detection server determines the network security level of the network configuration information according to the preset security detection rules; wherein, the security detection rules include: if the DNS conforms to the first DNS security rule, the network security level is dangerous; for example, the DNS If the second DNS security rule is complied with, the network security level is safe; if the DNS complies with the third DNS security rule, the network security level is warning.
优选地,所述网络配置信息还包括动态主机配置协议DHCP的DNS;Preferably, the network configuration information further includes the DNS of the Dynamic Host Configuration Protocol DHCP;
云检测服务器根据预设的安全检测规则确定所述网络配置信息的网络安全等级,具体包括:The cloud detection server determines the network security level of the network configuration information according to the preset security detection rules, which specifically includes:
云检测服务器根据预设的安全检测规则确定所述网络配置信息的网络安全等级;其中,所述安全检测规则包括:如DNS符合第一DNS安全规则,则所述网络安全等级为危险;如DNS符合第二DNS安全规则,则所述网络安全等级为安全;如DNS符合第三DNS安全规则,则所述网络安全等级为警告。The cloud detection server determines the network security level of the network configuration information according to the preset security detection rules; wherein, the security detection rules include: if the DNS conforms to the first DNS security rule, the network security level is dangerous; for example, the DNS If the second DNS security rule is complied with, the network security level is safe; if the DNS complies with the third DNS security rule, the network security level is warning.
优选地,在云检测服务器将所述网络安全等级返回至客户端之前,还包括:Preferably, before the cloud detection server returns the network security level to the client, the method further includes:
判断云检测服务器与客户端的网络连接是否正常;Determine whether the network connection between the cloud detection server and the client is normal;
若所述云检测服务器与所述客户端的网络连接不正常,云检测服务器存储所述网络安全等级,并在所述云检测服务器与所述客户端的网络连接正常时,将所述网络安全等级返回至客户端。If the network connection between the cloud detection server and the client is abnormal, the cloud detection server stores the network security level, and returns the network security level when the network connection between the cloud detection server and the client is normal. to the client.
一种无线网络的网络配置检测修复装置,包括:A network configuration detection and repair device for a wireless network, comprising:
接收单元,用于接收客户端发送的携带客户端连接无线网络时获取的网络配置信息的检测请求;其中,所述网络配置信息至少包括该无线网络预设的恶意统一资源定位符URL;a receiving unit, configured to receive a detection request sent by a client carrying network configuration information obtained when the client connects to a wireless network; wherein the network configuration information at least includes a malicious Uniform Resource Locator URL preset by the wireless network;
检测单元,用于根据预设的安全检测规则确定所述网络配置信息的网络安全等级;a detection unit, configured to determine the network security level of the network configuration information according to a preset security detection rule;
返回单元,用于将所述网络安全等级返回至客户端,供客户端对所述安全等级为待修复的网络安全等级的网络配置信息进行修复动作。The returning unit is configured to return the network security level to the client, so that the client can perform a repair action on the network configuration information whose security level is the network security level to be repaired.
优选地,所述安全检测规则包括:如URL符合第一URL安全规则,则所述网络安全等级为危险;如URL符合第二URL安全规则,则所述网络安全等级为安全;如URL符合第三URL安全规则,则所述网络安全等级为警告。Preferably, the security detection rules include: if the URL conforms to the first URL security rule, the network security level is dangerous; if the URL conforms to the second URL security rule, the network security level is safe; if the URL conforms to the first URL security rule, the network security level is safe; Three URL security rules, the network security level is warning.
优选地,所述网络配置信息还包括广域网WAN接口的域名系统DNS;Preferably, the network configuration information further includes the Domain Name System DNS of the WAN interface of the WAN;
所述检测单元具体用于:The detection unit is specifically used for:
根据预设的安全检测规则确定所述网络配置信息的网络安全等级;其中,所述安全检测规则包括:如DNS符合第一DNS安全规则,则所述网络安全等级为危险;如DNS符合第二DNS安全规则,则所述网络安全等级为安全;如DNS符合第三DNS安全规则,则所述网络安全等级为警告。The network security level of the network configuration information is determined according to a preset security detection rule; wherein, the security detection rule includes: if the DNS complies with the first DNS security rule, the network security level is dangerous; if the DNS complies with the second DNS security rule, the network security level is dangerous; DNS security rules, the network security level is safe; if the DNS conforms to the third DNS security rule, the network security level is warning.
优选地,所述网络配置信息还包括广域网WAN接口的域名系统DNS;Preferably, the network configuration information further includes the Domain Name System DNS of the WAN interface of the WAN;
所述检测单元具体用于:The detection unit is specifically used for:
根据预设的安全检测规则确定所述网络配置信息的网络安全等级;其中,所述安全检测规则包括:如DNS符合第一DNS安全规则,则所述网络安全等级为危险;如DNS符合第二DNS安全规则,则所述网络安全等级为安全;如DNS符合第三DNS安全规则,则所述网络安全等级为警告。The network security level of the network configuration information is determined according to a preset security detection rule; wherein, the security detection rule includes: if the DNS complies with the first DNS security rule, the network security level is dangerous; if the DNS complies with the second DNS security rule, the network security level is dangerous; DNS security rules, the network security level is safe; if the DNS conforms to the third DNS security rule, the network security level is warning.
优选地,在返回单元之前,还包括:Preferably, before returning to the unit, it also includes:
判断单元,用于判断云检测服务器与客户端的网络连接是否正常;a judging unit for judging whether the network connection between the cloud detection server and the client is normal;
所述返回单元具体用于:The returning unit is specifically used for:
在所述云检测服务器与所述客户端的网络连接不正常时,云检测服务器存储所述网络安全等级;并在所述云检测服务器与所述客户端的网络连接正常时,将所述网络安全等级返回至客户端,供客户端对所述安全等级为待修复的网络安全等级的网络配置信息进行修复动作。When the network connection between the cloud detection server and the client is abnormal, the cloud detection server stores the network security level; and when the network connection between the cloud detection server and the client is normal, the network security level is stored in the cloud detection server. Return to the client, for the client to perform a repair action on the network configuration information whose security level is the network security level to be repaired.
由以上本申请各实施例提供的技术方案可见,云检测服务器接收客户端发送的携带客户端连接无线网络时获取的网络配置信息的检测请求进行;其中,所述网络配置信息至少包括该无线网络预设的恶意统一资源定位符URL;通过预设的安全检测规则确定该网络配置信息的安全等级,从而使得客户端可以对所述安全等级为待修复的网络安全等级的网络配置信息进行修复动作。本申请实施例通过上述过程,云检测服务器可以对客户端发送的检测请求中携带的网络配置信息进行检测,通过云检测服务器来检测到需要进行修复的网络安全等级(包括对无线网络预设的URL进行篡改等)并返回至客户端,最终由客户端确定是否需要对网络配置信息进行相应地修复,从而确保无线网络的安全。It can be seen from the technical solutions provided by the above embodiments of the present application that the cloud detection server receives the detection request sent by the client and carries the network configuration information obtained when the client connects to the wireless network; wherein, the network configuration information at least includes the wireless network. A preset malicious Uniform Resource Locator URL; the security level of the network configuration information is determined by a preset security detection rule, so that the client can perform a repair action on the network configuration information whose security level is the network security level to be repaired . Through the above process in this embodiment of the present application, the cloud detection server may detect the network configuration information carried in the detection request sent by the client, and the cloud detection server may detect the network security level that needs to be repaired (including the preset wireless network security level). The URL is tampered with, etc.) and returned to the client, and finally the client determines whether the network configuration information needs to be repaired accordingly, so as to ensure the security of the wireless network.
附图说明Description of drawings
此处所说明的附图用来提供对本申请的进一步理解,构成本申请的一部分,本申请的示意性实施例及其说明用于解释本申请,并不构成对本申请的不当限定。在附图中:The drawings described herein are used to provide further understanding of the present application and constitute a part of the present application. The schematic embodiments and descriptions of the present application are used to explain the present application and do not constitute an improper limitation of the present application. In the attached image:
图1为本申请实施例中提供用以实现无线网络的网络配置检测修复的系统架构图;FIG. 1 provides a system architecture diagram for realizing network configuration detection and repair of a wireless network in an embodiment of the present application;
图2为本申请一实施例中提供的无线网络的网络配置检测修复方法的流程图;2 is a flowchart of a method for detecting and repairing a network configuration of a wireless network according to an embodiment of the present application;
图3为本申请一实施例中提供的无线网络的网络配置检测修复方法的流程图;3 is a flowchart of a method for detecting and repairing a network configuration of a wireless network according to an embodiment of the present application;
图4为本申请一实施例中提供的无线网络的网络配置检测修复方法的流程图;4 is a flowchart of a method for detecting and repairing a network configuration of a wireless network according to an embodiment of the present application;
图5为本申请一实施例中提供的无线网络的网络配置检测修复方法的流程图;5 is a flowchart of a method for detecting and repairing a network configuration of a wireless network according to an embodiment of the present application;
图6为本申请一实施例中提供的无线网络的网络配置检测修复装置的模块图;6 is a block diagram of an apparatus for detecting and repairing a network configuration of a wireless network according to an embodiment of the present application;
图7为本申请一实施例中提供的无线网络的网络配置检测修复装置的模块图;7 is a block diagram of an apparatus for detecting and repairing a network configuration of a wireless network according to an embodiment of the present application;
图8为本申请一实施例中提供的无线网络的网络配置检测修复装置的模块图。FIG. 8 is a block diagram of an apparatus for detecting and repairing a network configuration of a wireless network according to an embodiment of the present application.
具体实施方式Detailed ways
为使本申请的目的、技术方案和优点更加清楚,下面将结合本申请具体实施例及相应的附图对本申请技术方案进行清楚、完整地描述。显然,所描述的实施例仅是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。In order to make the objectives, technical solutions and advantages of the present application clearer, the technical solutions of the present application will be clearly and completely described below with reference to the specific embodiments of the present application and the corresponding drawings. Obviously, the described embodiments are only a part of the embodiments of the present application, but not all of the embodiments. Based on the embodiments in the present application, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present application.
图1为本申请实施例中提供用以实现无线网络的网络配置检测修复的系统架构图。本申请实施例中,该系统架构包括客户端10、与客户端10进行通信的云检测服务器30、上述客户端10使用的无线网络对应的路由器20以及与上述云检测服务器30对应的数据库40。其中,路由器可以例如是无线网络路由器、智能流控路由器、动态限速路由器、虚拟路由器或者宽带路由器等。上述客户端可以是电脑或手机等,上述数据库中至少存储有相应的用以检测无线网络的网络安全等级的安全检测规则。FIG. 1 provides a system architecture diagram for implementing network configuration detection and repair of a wireless network in an embodiment of the present application. In this embodiment of the present application, the system architecture includes a
图2为本申请一实施例中提供的无线网络的网络配置检测修复方法的流程图。本实施例中,上述方法包括如下步骤:FIG. 2 is a flowchart of a method for detecting and repairing a network configuration of a wireless network according to an embodiment of the present application. In this embodiment, the above method includes the following steps:
S101:客户端获取该客户端连接的无线网络的网络配置信息;其中,所述网络配置信息至少包括该无线网络预设的恶意统一资源定位符URL。S101: The client obtains network configuration information of a wireless network connected to the client; wherein the network configuration information at least includes a malicious Uniform Resource Locator URL preset by the wireless network.
本实施例中,所述客户端上安装有用以检测无线网络的网络配置信息的应用(Application,APP),该无线网络的网络配置信息可以通过客户端来设置,上述网络配置信息至少包括该无线网络预先设定的恶意统一资源定位符(Uniform Resource Locator,URL)。具体地,在用户通过客户端对使用的无线网络进行配置时,可以选择设定恶意的URL,这样,在日后上网的过程中即可对这些恶意的URL进行过滤,以避免这些恶意的URL中包含的恶意脚本对客户端造成安全隐患。上述恶意的URL可以通过获取日志数据,并通过恶意网址自动分析系统对这些日志数据进行分析,以得到包含恶意脚本的恶意URL,并将得到这些恶意URL放入到恶意URL数据库中。在实际应用中,不同的无线网络可以设定不同的恶意URL,这些恶意URL可以从恶意URL数据库中选取。In this embodiment, an application (Application, APP) for detecting the network configuration information of the wireless network is installed on the client, the network configuration information of the wireless network can be set by the client, and the network configuration information at least includes the wireless network Malicious Uniform Resource Locator (URL) preset by the network. Specifically, when the user configures the wireless network used through the client, he can choose to set malicious URLs, so that these malicious URLs can be filtered in the process of surfing the Internet in the future to avoid the malicious URLs in the The included malicious script poses a security risk to the client. The above malicious URLs can be obtained by obtaining log data, and analyzing the log data through the malicious website automatic analysis system to obtain malicious URLs containing malicious scripts, and put the obtained malicious URLs into the malicious URL database. In practical applications, different wireless networks can set different malicious URLs, and these malicious URLs can be selected from the malicious URL database.
当然,在本申请实施例中,上述网络配置信息并不限于上述恶意URL,还可以包括广域网WAN接口的域名系统DNS、动态主机配置协议DHCP的DNS。所述WAN(Wide AreaNetwork,广域网)是网络设备连接外网的端口,不法分子常常把网络连接设备WAN接口的DNS篡改为恶意DNS。恶意DNS通过把正常的网址解析到钓鱼网站或者受不法分子控制的主机上,从而盗取用户的私人信息和数据(如银行卡账户密码,个人隐私等)。所述DHCP(Dynamic Host Configuration Protocol,动态主机配置协议)用于给网络或网络服务供应商自动分配IP(Internet Protocol,网络之间互连的协议)地址。如果客户端连接使用具有DHCP功能的网络连接设备,并且使用了自动获得IP地址后,会将网络连接设备DHCP的DNS同步到客户端本地,因此一旦网络连接设备DHCP的DNS被篡改为恶意的DNS的话,所有连接该网络连接设备的客户端将会面临很大的风险。Of course, in the embodiment of the present application, the above-mentioned network configuration information is not limited to the above-mentioned malicious URL, and may also include the Domain Name System DNS of the WAN interface of the WAN and the DNS of the Dynamic Host Configuration Protocol DHCP. The WAN (Wide Area Network, wide area network) is the port through which the network device connects to the external network, and criminals often tamper with the DNS of the WAN interface of the network connection device into malicious DNS. Malicious DNS steals users' private information and data (such as bank card account passwords, personal privacy, etc.) by parsing normal URLs to phishing websites or hosts controlled by criminals. The DHCP (Dynamic Host Configuration Protocol, Dynamic Host Configuration Protocol) is used to automatically assign IP (Internet Protocol, protocol for interconnection between networks) addresses to networks or network service providers. If the client connects to a network connection device with DHCP function and uses the automatic IP address acquisition, the DNS of the network connection device DHCP will be synchronized to the local client, so once the DNS of the network connection device DHCP is tampered with malicious DNS If this happens, all clients connecting to this network-connected device will be at great risk.
具体地,所述客户端获取其接入的无线网络的网络配置,可以包括如下步骤:Specifically, obtaining the network configuration of the wireless network accessed by the client terminal may include the following steps:
A1:从注册表中获取具有DHCP功能的网络连接设备的IP地址。A1: Obtain the IP address of the DHCP-capable network-connected device from the registry.
例如,可以通过从注册表中的HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{GUID}\DhcpServer读取具有DHCP功能的网络连接设备的IP地址。For example, the IP address of a DHCP-capable network-connected device can be read from the registry at HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{GUID}\DhcpServer.
A2:通过IP地址建立与具有DHCP功能的网络连接设备的网络连接,通过该连接返回的数据包中的HTTP头部数据,获取具有DHCP功能的网络连接设备的型号。A2: Establish a network connection with the network connection device with DHCP function through the IP address, and obtain the model of the network connection device with DHCP function through the HTTP header data in the data packet returned by the connection.
例如,可以通过连接至该具有DHCP功能的网络连接设备IP地址(例如:http://RouterIP),从而与具有DHCP功能的网络连接设备的IP地址取得连接,并从该地址接收返回数据包,该返回数据包包括HTTP头部数据,HTTP头部数据中包括有具有DHCP功能的网络连接设备的型号。For example, by connecting to the IP address of the DHCP-capable network connection device (for example: http://RouterIP), the connection can be made with the IP address of the DHCP-capable network connection device, and a return packet is received from the address, The returned data packet includes HTTP header data, and the HTTP header data includes the model of the network connection device with the DHCP function.
A3:根据具有DHCP功能的网络连接设备的IP地址和具有DHCP功能的网络连接设备的型号,访问具有DHCP功能的网络连接设备的DHCP配置页面,从该页面中获取具有DHCP功能的网络连接设备的DNS。A3: According to the IP address of the network connection device with DHCP function and the model of the network connection device with DHCP function, visit the DHCP configuration page of the network connection device with DHCP function, and obtain the DHCP function of the network connection device from this page. DNS.
根据所获取的具有DHCP功能的网络连接设备的IP地址和具有DHCP功能的网络连接设备的型号,使用网络连接设备的管理用户名和密码,即可访问具有DHCP功能的网络连接设备的DHCP配置页面。According to the obtained IP address of the DHCP-capable network connection device and the model of the DHCP-capable network connection device, use the management user name and password of the network connection device to access the DHCP configuration page of the DHCP-capable network connection device.
需要说明的是,在实际应用中,其它获取无线网络的DHCP的DNS的适当方式也同样适用本申请实施例。It should be noted that, in practical applications, other appropriate manners for obtaining the DNS of the DHCP of the wireless network are also applicable to the embodiments of the present application.
在本申请的另一个实施例中,所述网络配置还可以包括:管理密码、远端WEB管理开启状态、隔离区主机服务开启状态、无线网络安全配置参数。In another embodiment of the present application, the network configuration may further include: management password, remote WEB management enable status, isolation area host service enable status, and wireless network security configuration parameters.
在实际使用中,除了WAN接口的DNS和DHCP的DNS被篡改后会造成很大的安全隐患外,以下因素也可能影响无线网络安全:In actual use, in addition to the tampering of the DNS of the WAN interface and the DNS of the DHCP, which will cause great security risks, the following factors may also affect the security of the wireless network:
(1)管理密码,所述管理密码为登录网络链接设备的密码。如果所述管理密码为弱密码,则容易被不法分子破解密码,从而篡改所述网络连接设备的DNS。所述弱密码可以包括管理密码为网络连接设备生产厂商提供的默认密码(例如TP-link的默认用户名和密码均为admin),或者使用易被破解的弱密码(例如123456、000000等)。(1) Management password, where the management password is a password for logging in to the network link device. If the management password is a weak password, it is easy for criminals to crack the password, thereby tampering with the DNS of the network connection device. The weak password may include the default password provided by the network connection device manufacturer for the management password (for example, the default username and password of TP-link are both admin), or a weak password that is easily cracked (for example, 123456, 000000, etc.).
(2)远端WEB管理开启状态,通常所述远端WEB管理开启状态分为开启和关闭状态。如果网络连接设备开启了远端WEB管理,则在公网上就可以访问该网络连接设备,不法分子通过远端的IP地址可以轻易篡改所述网络连接设备的DNS。(2) The remote WEB management open state, generally, the remote WEB management open state is divided into an open state and a closed state. If the remote WEB management is enabled on the network connection device, the network connection device can be accessed on the public network, and criminals can easily tamper with the DNS of the network connection device through the remote IP address.
(3)隔离区(demilitarized zone,DMZ)主机服务开启状态,通常所述隔离区主机服务开启状态分为开启和关闭状态。如果网络连接设备关闭隔离区主机服务,则在公网上不发连接内网的设备;但是,如果网络连接设备开启了隔离区主机服务,即将内网中的一台设备设置为DMZ主机后,在公网上的设备也可以连接内网的设备,从而通过对外开启服务的设备作为跳板,攻击内网的设备包括篡改所述网络连接设备的DNS。(3) DMZ (demilitarized zone, DMZ) host service enabled state, usually the host service enabled state of the demilitarized zone is divided into an on state and an off state. If the isolation zone host service is disabled on the network connection device, the device connected to the intranet will not be sent on the public network; however, if the isolation zone host service is enabled on the network connection device, that is, after setting a device in the intranet as the DMZ host, the Devices on the public network can also be connected to devices on the internal network, so that the devices that enable external services are used as springboards, and devices that attack the internal network include tampering with the DNS of the network-connected devices.
(4)无线网络安全配置参数,本实施例中所述无线网络安全配置参数可以包括无线网络开启状态,无线网络密码。如果无线网络连接设备开启了无线网络,但是没有设置密码,或者使用了不安全的密码认证方式,例如密码认证方式为WEP加密(Wired EquivalentPrivacy,有线等效加密),则该无线网络比较容易被不法分子侵入。(4) Wireless network security configuration parameters. The wireless network security configuration parameters in this embodiment may include a wireless network open state and a wireless network password. If the wireless network connection device has turned on the wireless network, but no password is set, or an insecure password authentication method is used, for example, the password authentication method is WEP encryption (Wired Equivalent Privacy), then the wireless network is more likely to be illegal. Molecular invasion.
因此,为了更好地提高无线网络的安全,在所述获取无线网络的网络配置中,所述网络配置除了包括WAN和/或DHCP的DNS,还可以包括管理密码、远端WEB管理状态、隔离区主机服务状态、无线网络安全配置参数。Therefore, in order to better improve the security of the wireless network, in the network configuration for obtaining the wireless network, the network configuration may include, in addition to the DNS of WAN and/or DHCP, management password, remote WEB management status, isolation Zone host service status, wireless network security configuration parameters.
S102:客户端向云检测服务器发送携带上述网络配置信息的检测请求。S102: The client sends a detection request carrying the foregoing network configuration information to the cloud detection server.
S103:客户端接收云检测服务器返回的与所述检测请求对应的网络安全等级;其中,所述网络安全等级是云检测服务器根据预先设定的安全检测规则确定的。S103: The client receives the network security level corresponding to the detection request returned by the cloud detection server; wherein, the network security level is determined by the cloud detection server according to a preset security detection rule.
本申请实施例中,上述步骤S103具体包括如下步骤:In this embodiment of the present application, the foregoing step S103 specifically includes the following steps:
客户端接收云检测服务器返回的根据云检测服务器上预设的安全检测规则确定的网络安全等级;其中,所述安全检测规则包括:如URL与云检测服务器上预存的与该无线网络对应的URL不一致,则所述网络安全等级为危险。The client receives the network security level determined according to the security detection rules preset on the cloud detection server and returned by the cloud detection server; wherein, the security detection rules include: such as URL and a URL corresponding to the wireless network pre-stored on the cloud detection server If not, the network security level is dangerous.
在实际应用中,存在网络端的其他设备对上述无线网络的网络配置信息进行恶意篡改的隐患,上述篡改动作包括篡改该无线网络预先设置的恶意URL。例如,将原先设定的恶意URL进行删除或新增非恶意的URL等。故,上述安全检测规则可以例如是:若发现预先设定的恶意URL与当前获取到的无线网络的恶意URL不一致,则将该无线网络的网络安全等级确定为危险。当然,本申请其他实施例中,可以根据实际被篡改的恶意URL的数目来确定上述网络安全等级,例如,被篡改的数目是1-10,确定上述网络安全等级为警告;被篡改的数目是10-50,确定上述网络安全等级为危险;等等。In practical applications, there is a hidden danger that other devices on the network side maliciously tamper with the network configuration information of the wireless network, and the tampering action includes tampering with a malicious URL preset by the wireless network. For example, delete the original malicious URL or add a non-malicious URL. Therefore, the above-mentioned security detection rule may be, for example: if the preset malicious URL is found to be inconsistent with the currently acquired malicious URL of the wireless network, the network security level of the wireless network is determined as dangerous. Of course, in other embodiments of the present application, the above-mentioned network security level may be determined according to the number of malicious URLs that are actually tampered with. For example, if the number of tampered with 1-10, the above-mentioned network security level is determined to be a warning; the number of tampered with is 10-50, determine the above network security level as dangerous; and so on.
本申请实施例中,上述步骤S103还可以具体包括如下步骤:In this embodiment of the present application, the foregoing step S103 may further specifically include the following steps:
客户端接收云检测服务器返回的根据云检测服务器上预设的安全检测规则确定的网络安全等级;其中,所述安全检测规则包括:如DNS符合第一DNS安全规则,则所述网络安全等级为危险;如DNS符合第二DNS安全规则,则所述网络安全等级为安全;如DNS符合第三DNS安全规则,则所述网络安全等级为警告。The client receives the network security level determined according to the security detection rule preset on the cloud detection server and returned by the cloud detection server; wherein, the security detection rule includes: if the DNS conforms to the first DNS security rule, the network security level is Dangerous; if the DNS conforms to the second DNS security rule, the network security level is safe; if the DNS conforms to the third DNS security rule, the network security level is warning.
本实施例中,所述第一DNS安全规则可以是位于黑名单中,该黑名单中记录了恶意DNS名单;所述第二DNS安全规则可以是位于白名单中,该白名单中记录了安全DNS名单;所述第三DNS安全规则可以是既不位于黑名单也不位于白名单中。In this embodiment, the first DNS security rule may be located in a blacklist, and the blacklist records a malicious DNS list; the second DNS security rule may be located in a whitelist, and the whitelist records security DNS list; the third DNS security rule may be neither in the blacklist nor in the whitelist.
所述黑名单、白名单可以随下载所述安全检测规则时一起下载并保存在本地。The blacklist and whitelist can be downloaded together with the download of the security detection rule and saved locally.
一般的,云检测服务器中生成所述黑名单的方式如下所示:Generally, the method of generating the blacklist in the cloud detection server is as follows:
B1:获取已知域名的DNS正确解析结果的集合,DNS正确解析结果的集合通过一组域名解析服务器对已知域名解析得到。B1: Obtain a set of DNS correct resolution results of known domain names, and the set of DNS correct resolution results is obtained by parsing the known domain names by a set of domain name resolution servers.
在具体实现中,一组域名解析服务器中的服务器均是已经经过安全认证的服务器,可以选择多个具有电信运行商资质的域名解析服务器。已知域名可以从网民访问量巨大的域名中选取,例如网购类网站域名、游戏类网站域名、社交类网站域名等。In a specific implementation, the servers in a group of domain name resolution servers are all servers that have passed security authentication, and multiple domain name resolution servers with telecom operator qualifications can be selected. Known domain names can be selected from domain names with a large number of Internet users, such as online shopping website domain names, game website domain names, social networking website domain names, and so on.
B2:获取已知域名的待检测DNS解析结果,待检测DNS解析结果为目标DNS对已知域名解析的结果。B2: Obtain the DNS resolution result of the known domain name to be detected, and the DNS resolution result to be detected is the result of the target DNS resolving the known domain name.
B3:检查待检测DNS解析结果是否属于DNS正确解析结果的集合;若否,将目标DNS标记为可疑DNS。B3: Check whether the DNS resolution result to be detected belongs to the set of correct DNS resolution results; if not, mark the target DNS as suspicious DNS.
检查待检测DNS解析结果是否属于DNS正确解析结果的集合包括至少以下任意一种方式:检查待检测DNS解析结果中的IP地址是否属于DNS正确解析结果的集合中的IP地址列表;检查待检测DNS解析结果中的别名记录是否属于DNS正确解析结果的集合中的别名记录列表;检查待检测DNS解析结果中的邮件交换记录是否属于DNS正确解析结果的集合中的邮件交换记录列表。以上方式分别是基于DNS的解析结果中的该域名对应的IP地址(A记录)、该域名对应的别名记录(cname记录)、邮件交换记录(Mail Exchanger,MX记录)得出的。以上三种方式可以根据实际情况灵活配置,例如只选择其中的IP地址,也可以综合选择三种方式中的两种或全部三种同时进行查询。Checking whether the DNS resolution result to be detected belongs to the set of correct DNS resolution results includes at least any one of the following methods: checking whether the IP address in the DNS resolution result to be detected belongs to the IP address list in the set of correct DNS resolution results; checking the DNS to be detected Check whether the alias record in the resolution result belongs to the list of alias records in the set of correct DNS resolution results; check whether the mail exchange record in the DNS resolution result to be detected belongs to the list of mail exchange records in the set of correct DNS resolution result. The above methods are respectively obtained based on the IP address (A record) corresponding to the domain name, the alias record (cname record) and the mail exchange record (Mail Exchanger, MX record) corresponding to the domain name in the DNS resolution result. The above three methods can be flexibly configured according to the actual situation. For example, only one of the IP addresses can be selected, or two or all three of the three methods can be comprehensively selected to query at the same time.
B4:分别获取第一页面和第二页面,其中第一页面为DNS正确解析结果对应的页面,第二页面为待检测DNS解析结果对应的页面。B4: Obtain the first page and the second page respectively, wherein the first page is the page corresponding to the correct DNS resolution result, and the second page is the page corresponding to the DNS resolution result to be detected.
B5:计算第一页面和第二页面的页面相似度。B5: Calculate the page similarity between the first page and the second page.
在具体实现中,计算页面相似度存在多种方式,一种方式是使用向量空间模型算法计算第一页面和第二页面的页面内容相似度。In a specific implementation, there are multiple ways to calculate the page similarity. One way is to use a vector space model algorithm to calculate the page content similarity between the first page and the second page.
B6:在相似度小于预设值的情况下,确定可疑DNS为恶意DNS。B6: When the similarity is less than the preset value, determine that the suspicious DNS is a malicious DNS.
在页面内容相似度小与预设值时,证明可疑DNS解析结果对应的页面不是原来域名正确对应的页面,可疑DNS对解析目标进行了篡改,将该可以DNS确定为恶意DNS。When the similarity of page content is less than the preset value, it proves that the page corresponding to the suspicious DNS resolution result is not the page corresponding to the original domain name correctly, the suspicious DNS has tampered with the resolution target, and the valid DNS is determined as malicious DNS.
B7:将所述恶意DNS记录到黑名单中。B7: Record the malicious DNS into a blacklist.
一般的,云检测服务器中生成所述白名单的方式如下所示:Generally, the method of generating the whitelist in the cloud detection server is as follows:
C1:将多个具有电信运行商资质的域名解析服务器(例如电信联通在各地设立的DNS解析服务器)、国内和国际上知名域名解析服务器(例如谷歌、香港和记环球电讯的服务器)等确定为安全DNS。C1: Determining multiple domain name resolution servers with telecom operator qualifications (such as DNS resolution servers established by China Telecom Unicom in various places), domestic and international well-known domain name resolution servers (such as servers of Google, Hong Kong Hutchison Global Telecom), etc. as Secure DNS.
C2:将安全DNS记录到白名单中。C2: Record secure DNS to the whitelist.
举例说明,客户端获取WAN的DNS为(184.105.175.69,66.102.253.29),DHCP的DNS为(184.105.175.69,66.102.253.29);假设WAN的DNS的黑名单中包含有(184.105.175.69,66.102.253.29),DHCP的DNS的黑名单中包含有(184.105.175.69,66.102.253.29);经过S120步骤,得到的安全等级如下表所示:For example, the client obtains the DNS of WAN as (184.105.175.69, 66.102.253.29), and the DNS of DHCP as (184.105.175.69, 66.102.253.29); assuming that the blacklist of DNS of WAN contains (184.105.175.69, 66.102) .253.29), the DNS blacklist of DHCP contains (184.105.175.69, 66.102.253.29); after step S120, the obtained security level is shown in the following table:
S104:客户端判断所述网络安全等级是否为待修复的网络安全等级,若是,对该无线网络的网络配置信息进行相应的修复动作。S104: The client determines whether the network security level is the network security level to be repaired, and if so, performs a corresponding repair action on the network configuration information of the wireless network.
本申请一实施例中,若上述网络配置信息包括恶意URL,则上述步骤S104可以具体包括如下步骤:In an embodiment of the present application, if the above-mentioned network configuration information includes a malicious URL, the above-mentioned step S104 may specifically include the following steps:
客户端判断所述网络安全等级是否为危险;若是,对所述网络配置信息进行修复。也就是说,只有在网络安全等级被判断为危险时,才会对上述网络配置信息进行修复,一般地,在云检测服务器上预先存储着每个被检测的无线网络的配置信息(用户预先设定的),当在被恶意篡改并需要进行修复时,则可以通过在上述云检测服务器上获取到在恶意篡改之前该无线网络的配置信息,再将上述无线网络的网络配置信息进行相应的恢复即可。当然,若判断上述无线网络的配置信息的网络安全等级是安全,则不需要对其进行修复。The client determines whether the network security level is dangerous; if so, repairs the network configuration information. That is to say, the above network configuration information will be repaired only when the network security level is judged to be dangerous. Generally, the configuration information of each detected wireless network is pre-stored on the cloud detection server (preset by the user). If it is maliciously tampered with and needs to be repaired, you can obtain the configuration information of the wireless network before malicious tampering on the cloud detection server, and then restore the network configuration information of the wireless network accordingly. That's it. Of course, if it is determined that the network security level of the configuration information of the wireless network is safe, it does not need to be repaired.
另外,在本申请其他实施例中,若上述网络配置信息包括广域网WAN接口的域名系统DNS、动态主机配置协议DHCP的DNS;则上述步骤S104可以具体包括如下步骤:In addition, in other embodiments of the present application, if the above-mentioned network configuration information includes the domain name system DNS of the WAN interface of the wide area network and the DNS of the dynamic host configuration protocol DHCP; then the above-mentioned step S104 may specifically include the following steps:
客户端判断所述网络安全等级是否为危险或警告,若是,对所述网络配置信息进行修复。The client determines whether the network security level is dangerous or warning, and if so, repairs the network configuration information.
基于上述实施例提供的方法,本申请可以根据无线网络的网络配置信息,通过云检测服务器来检测到需要进行修复的网络安全等级(包括对无线网络预设的URL进行篡改等)并返回至客户端,最终由客户端确定是否需要对网络配置信息进行相应地修复,从而确保无线网络的安全。Based on the methods provided by the above embodiments, the present application can detect the network security level that needs to be repaired (including tampering with the preset URL of the wireless network, etc.) through the cloud detection server according to the network configuration information of the wireless network, and return it to the client Finally, the client determines whether the network configuration information needs to be repaired accordingly, so as to ensure the security of the wireless network.
图3为本申请一实施例中提供的无线网络的网络配置检测修复方法的流程图。本实施例中,所述方法包括如下步骤:FIG. 3 is a flowchart of a method for detecting and repairing a network configuration of a wireless network according to an embodiment of the present application. In this embodiment, the method includes the following steps:
S201:客户端获取该客户端连接的无线网络的网络配置信息;其中,所述网络配置信息至少包括该无线网络预设的恶意统一资源定位符URL。S201: The client obtains network configuration information of a wireless network connected to the client; wherein, the network configuration information at least includes a malicious Uniform Resource Locator URL preset by the wireless network.
该步骤可以参照上述步骤S101的具体内容,本文不再予以赘述。For this step, reference may be made to the specific content of the foregoing step S101, which will not be repeated herein.
S202:判断客户端与所述云检测服务器的网络连接是否正常。S202: Determine whether the network connection between the client and the cloud detection server is normal.
在实际应用过程中,若当前客户端并不能通过互联网与上述云检测服务器进行通信,则无法通过向云检测服务器发送上述检测请求,以使得云检测服务器根据上述检测请求进行网络安全等级的确定。为了解决这一问题。以使得客户端在未联网的时候也能进行无线网络的安全检测,在本实施例中,首先通过上述步骤S202来判断客户端和云检测服务器是否能够连接。若能,则需要向云检测服务器发送上述检测请求,若不能,则转到步骤S203。In the actual application process, if the current client cannot communicate with the cloud detection server through the Internet, the cloud detection server cannot send the detection request to the cloud detection server, so that the cloud detection server can determine the network security level according to the detection request. In order to solve this problem. In order to enable the client to perform wireless network security detection even when it is not connected to the Internet, in this embodiment, it is first determined whether the client and the cloud detection server can be connected through the above step S202. If yes, it needs to send the above detection request to the cloud detection server, if not, go to step S203.
S203:若所述客户端与所述云检测服务器的网络连接不正常,客户端根据本地存储的安全检测规则确定与当前获取的网络配置信息对应的网络安全等级;其中,所述安全检测规则包括:如URL与云检测服务器上预存的与该无线网络对应的URL不一致,则所述网络安全等级为危险。S203: If the network connection between the client and the cloud detection server is abnormal, the client determines the network security level corresponding to the currently acquired network configuration information according to the locally stored security detection rules; wherein the security detection rules include : If the URL is inconsistent with the URL corresponding to the wireless network pre-stored on the cloud detection server, the network security level is dangerous.
上述步骤S203可以部分参照上述步骤S103的具体内容。本实施例中,当客户端与云检测服务器的网络连接不正常(中断或者网络速度差等),则可以采取客户端上预先存储的安全检测规则进行网络安全等级的确定。一般地,客户端上可以定期获取到云检测服务器上的安全检测规则,或者云检测服务器定期将最新的安全检测规则下传到上述客户端上。上述安全检测规则可以随着业务发展不断地进行更新或升级。The above-mentioned step S203 may partially refer to the specific content of the above-mentioned step S103. In this embodiment, when the network connection between the client and the cloud detection server is abnormal (interruption or poor network speed, etc.), the security detection rules pre-stored on the client may be used to determine the network security level. Generally, the client can periodically obtain the security detection rules on the cloud detection server, or the cloud detection server regularly downloads the latest security detection rules to the client. The above security detection rules can be continuously updated or upgraded with business development.
S204:客户端判断所述网络安全等级是否为待修复的网络安全等级,若是,对该无线网络的网络配置信息进行相应的修复动作。S204: The client determines whether the network security level is the network security level to be repaired, and if so, performs a corresponding repair action on the network configuration information of the wireless network.
该步骤S204可以参照上述步骤S104的具体内容,本文不再予以赘述。For this step S204, reference may be made to the specific content of the above-mentioned step S104, which will not be repeated herein.
本申请其他实施例中,所述网络配置信息还包括广域网WAN接口的域名系统DNS、动态主机配置协议DHCP的DNS;则,上述步骤S203具体包括:In other embodiments of the present application, the network configuration information further includes the domain name system DNS of the WAN interface of the wide area network and the DNS of the dynamic host configuration protocol DHCP; then, the above step S203 specifically includes:
若所述客户端与所述云检测服务器的网络连接不正常,客户端根据本地存储的安全检测规则确定与当前获取的网络配置信息中的DNS对应的网络安全等级;其中,所述安全检测规则包括:如DNS符合第一DNS安全规则,则所述网络安全等级为危险;如DNS符合第二DNS安全规则,则所述网络安全等级为安全;如DNS符合第三DNS安全规则,则所述网络安全等级为警告。If the network connection between the client and the cloud detection server is abnormal, the client determines the network security level corresponding to the DNS in the currently acquired network configuration information according to the security detection rules stored locally; wherein, the security detection rules Including: if the DNS conforms to the first DNS security rule, the network security level is dangerous; if the DNS conforms to the second DNS security rule, the network security level is safe; if the DNS conforms to the third DNS security rule, the network security level is safe; The network security level is Warning.
相应地,上述步骤S204可以具体包括如下步骤:Correspondingly, the above step S204 may specifically include the following steps:
客户端判断所述网络安全等级是否为危险或警告,若是,对所述网络配置信息进行修复。The client determines whether the network security level is dangerous or warning, and if so, repairs the network configuration information.
同理,基于上述实施例提供的方法,本申请可以根据无线网络的网络配置信息,通过云检测服务器来检测到需要进行修复的网络安全等级(包括对无线网络预设的URL进行篡改等)并返回至客户端,最终由客户端确定是否需要对网络配置信息进行相应地修复,从而确保无线网络的安全。Similarly, based on the methods provided by the above embodiments, the present application can detect the network security level that needs to be repaired (including tampering with the preset URL of the wireless network, etc.) through the cloud detection server according to the network configuration information of the wireless network, and Returning to the client, the client finally determines whether the network configuration information needs to be repaired accordingly, so as to ensure the security of the wireless network.
图4为本申请一实施例中提供的无线网络的网络配置检测修复方法的流程图。本实施例中,所述方法包括如下步骤:FIG. 4 is a flowchart of a method for detecting and repairing a network configuration of a wireless network according to an embodiment of the present application. In this embodiment, the method includes the following steps:
S301:云检测服务器接收客户端发送的携带客户端连接无线网络时获取的网络配置信息的检测请求;其中,所述网络配置信息至少包括该无线网络预设的恶意统一资源定位符URL。S301: The cloud detection server receives a detection request sent by a client carrying network configuration information obtained when the client connects to a wireless network; wherein the network configuration information at least includes a malicious Uniform Resource Locator URL preset by the wireless network.
如上所述,经S101及S102之后,云检测服务器可以接收客户端发送的携带客户端连接无线网络时获取的网络配置信息的检测请求;其中,所述网络配置信息至少包括该无线网络预设的恶意统一资源定位符URL。As described above, after S101 and S102, the cloud detection server can receive a detection request sent by the client carrying the network configuration information obtained when the client connects to the wireless network; wherein, the network configuration information at least includes the wireless network preset Malicious Uniform Resource Locator URL.
当然,在本申请实施例中,上述网络配置信息并不限于上述恶意URL,还可以包括广域网WAN接口的域名系统DNS、动态主机配置协议DHCP的DNS。所述WAN(Wide AreaNetwork,广域网)是网络设备连接外网的端口,不法分子常常把网络连接设备WAN接口的DNS篡改为恶意DNS。恶意DNS通过把正常的网址解析到钓鱼网站或者受不法分子控制的主机上,从而盗取用户的私人信息和数据(如银行卡账户密码,个人隐私等)。所述DHCP(Dynamic Host Configuration Protocol,动态主机配置协议)用于给网络或网络服务供应商自动分配IP(Internet Protocol,网络之间互连的协议)地址。如果客户端连接使用具有DHCP功能的网络连接设备,并且使用了自动获得IP地址后,会将网络连接设备DHCP的DNS同步到客户端本地,因此一旦网络连接设备DHCP的DNS被篡改为恶意的DNS的话,所有连接该网络连接设备的客户端将会面临很大的风险。Of course, in the embodiment of the present application, the above-mentioned network configuration information is not limited to the above-mentioned malicious URL, and may also include the Domain Name System DNS of the WAN interface of the WAN and the DNS of the Dynamic Host Configuration Protocol DHCP. The WAN (Wide Area Network, wide area network) is the port through which the network device connects to the external network, and criminals often tamper with the DNS of the WAN interface of the network connection device into malicious DNS. Malicious DNS steals users' private information and data (such as bank card account passwords, personal privacy, etc.) by parsing normal URLs to phishing websites or hosts controlled by criminals. The DHCP (Dynamic Host Configuration Protocol, Dynamic Host Configuration Protocol) is used to automatically assign IP (Internet Protocol, protocol for interconnection between networks) addresses to networks or network service providers. If the client connects to a network connection device with DHCP function and uses the automatic IP address acquisition, the DNS of the network connection device DHCP will be synchronized to the local client, so once the DNS of the network connection device DHCP is tampered with malicious DNS If this happens, all clients connecting to this network-connected device will be at great risk.
S302:云检测服务器根据预设的安全检测规则确定所述网络配置信息的网络安全等级;S302: The cloud detection server determines the network security level of the network configuration information according to a preset security detection rule;
本申请实施例中,所述安全检测规则包括:如URL符合第一URL安全规则,则所述网络安全等级为危险;如URL符合第二URL安全规则,则所述网络安全等级为安全;如URL符合第三URL安全规则,则所述网络安全等级为警告。In the embodiment of the present application, the security detection rules include: if the URL conforms to the first URL security rule, the network security level is dangerous; if the URL conforms to the second URL security rule, the network security level is safe; The URL conforms to the third URL security rule, and the network security level is a warning.
在实际应用中,存在网络端的其他设备对上述无线网络的网络配置信息进行恶意篡改的隐患,上述篡改动作包括篡改该无线网络预先设置的恶意URL。例如,将原先设定的恶意URL进行删除或新增非恶意的URL等。故,上述安全检测规则可以例如是:若发现预先设定的恶意URL与当前获取到的无线网络的恶意URL不一致,则将该无线网络的网络安全等级确定为危险。当然,本申请其他实施例中,可以根据实际被篡改的恶意URL的数目来确定上述网络安全等级,例如,被篡改的数目是1-10,确定上述网络安全等级为警告;被篡改的数目是10-50,确定上述网络安全等级为危险;等等。In practical applications, there is a hidden danger that other devices on the network side maliciously tamper with the network configuration information of the wireless network, and the tampering action includes tampering with a malicious URL preset by the wireless network. For example, delete the original malicious URL or add a non-malicious URL. Therefore, the above-mentioned security detection rule may be, for example: if the preset malicious URL is found to be inconsistent with the currently acquired malicious URL of the wireless network, the network security level of the wireless network is determined as dangerous. Of course, in other embodiments of the present application, the above-mentioned network security level may be determined according to the number of malicious URLs that are actually tampered with. For example, if the number of tampered with 1-10, the above-mentioned network security level is determined to be a warning; the number of tampered with is 10-50, determine the above network security level as dangerous; and so on.
本申请实施例中,上述步骤S302还可以具体包括如下步骤:In this embodiment of the present application, the above step S302 may further specifically include the following steps:
云检测服务器根据预设的安全检测规则确定所述网络配置信息的网络安全等级;其中,所述安全检测规则包括:如DNS符合第一DNS安全规则,则所述网络安全等级为危险;如DNS符合第二DNS安全规则,则所述网络安全等级为安全;如DNS符合第三DNS安全规则,则所述网络安全等级为警告。The cloud detection server determines the network security level of the network configuration information according to the preset security detection rules; wherein, the security detection rules include: if the DNS conforms to the first DNS security rule, the network security level is dangerous; for example, the DNS If the second DNS security rule is complied with, the network security level is safe; if the DNS complies with the third DNS security rule, the network security level is warning.
本实施例中,所述第一DNS安全规则可以是位于黑名单中,该黑名单中记录了恶意DNS名单;所述第二DNS安全规则可以是位于白名单中,该白名单中记录了安全DNS名单;所述第三DNS安全规则可以是既不位于黑名单也不位于白名单中。In this embodiment, the first DNS security rule may be located in a blacklist, and the blacklist records a malicious DNS list; the second DNS security rule may be located in a whitelist, and the whitelist records security DNS list; the third DNS security rule may be neither in the blacklist nor in the whitelist.
云检测服务器中生成所述黑名单和白名单的方式如上述实施例中S103中所述,此处不再赘述。The manner of generating the blacklist and the whitelist in the cloud detection server is as described in S103 in the foregoing embodiment, and details are not described herein again.
S304:云检测服务器将所述网络安全等级返回至客户端,供客户端对所述安全等级为待修复的网络安全等级的网络配置信息进行修复动作。S304: The cloud detection server returns the network security level to the client for the client to perform a repair action on the network configuration information whose security level is the network security level to be repaired.
云检测服务器将所述网络安全等级返回至客户端,供客户端对所述安全等级为待修复的网络安全等级的网络配置信息进行修复动作。The cloud detection server returns the network security level to the client for the client to perform a repair action on the network configuration information whose security level is the network security level to be repaired.
例如,客户端判断所述网络安全等级是否为危险;若是,对所述网络配置信息进行修复。一般地,在云检测服务器上预先存储着每个被检测的无线网络的配置信息(用户预先设定的),当在被恶意篡改并需要进行修复时,则可以通过在上述云检测服务器上获取到在恶意篡改之前该无线网络的配置信息,再将上述无线网络的网络配置信息进行相应的恢复即可。当然,若判断上述无线网络的配置信息的网络安全等级是安全,则不需要对其进行修复。For example, the client determines whether the network security level is dangerous; if so, repairs the network configuration information. Generally, the configuration information of each detected wireless network (preset by the user) is pre-stored on the cloud detection server. When it is maliciously tampered with and needs to be repaired, it can be obtained by obtaining the above-mentioned cloud detection server. Until the configuration information of the wireless network is maliciously tampered with, the network configuration information of the wireless network can be restored accordingly. Of course, if it is determined that the network security level of the configuration information of the wireless network is safe, it does not need to be repaired.
另外,在本申请其他实施例中,若上述网络配置信息包括广域网WAN接口的域名系统DNS、动态主机配置协议DHCP的DNS;则上述步骤S104可以具体包括如下步骤:In addition, in other embodiments of the present application, if the above-mentioned network configuration information includes the domain name system DNS of the WAN interface of the wide area network and the DNS of the dynamic host configuration protocol DHCP; then the above-mentioned step S104 may specifically include the following steps:
客户端判断所述网络安全等级是否为危险或警告,若是,对所述网络配置信息进行修复。The client determines whether the network security level is dangerous or warning, and if so, repairs the network configuration information.
基于上述实施例提供的方法,本申请中云检测服务器可以对客户端发送的检测请求中携带的网络配置信息进行检测,通过云检测服务器来检测到需要进行修复的网络安全等级(包括对无线网络预设的URL进行篡改等)并返回至客户端,最终由客户端确定是否需要对网络配置信息进行相应地修复,从而确保无线网络的安全。Based on the methods provided by the above embodiments, the cloud detection server in this application can detect the network configuration information carried in the detection request sent by the client, and the cloud detection server can detect the network security level (including the wireless network security level) that needs to be repaired. The preset URL is tampered with, etc.) and returned to the client, and finally the client determines whether the network configuration information needs to be repaired accordingly, so as to ensure the security of the wireless network.
在图4的基础上,如图5所示在S304之前,还可以如下所示的步骤:On the basis of FIG. 4 , as shown in FIG. 5 , before S304 , the following steps may also be performed:
S303:判断云检测服务器与客户端的网络连接是否正常。S303: Determine whether the network connection between the cloud detection server and the client is normal.
在实际应用过程中,云检测服务器与客户端的网络连接经常会通信异常,云检测服务器无法将网络安全等级返回至客户端。为了解决这一问题,本实施例中在云检测服务器检测确定网络安全等级之后,通过S303来判断判断云检测服务器与客户端的网络连接是否正常,如果连接正常,则执行S304步骤;如果连接不正常,则执行S305步骤。In the actual application process, the network connection between the cloud detection server and the client is often abnormal, and the cloud detection server cannot return the network security level to the client. In order to solve this problem, in this embodiment, after the cloud detection server detects and determines the network security level, S303 is used to judge whether the network connection between the cloud detection server and the client is normal, if the connection is normal, then step S304 is performed; if the connection is abnormal , step S305 is executed.
相应地,S304包括:若所述云检测服务器与所述客户端的网络连接正常,云检测服务器将所述网络安全等级返回至客户端,供客户端对所述安全等级为待修复的网络安全等级的网络配置信息进行修复动作。Correspondingly, S304 includes: if the network connection between the cloud detection server and the client is normal, the cloud detection server returns the network security level to the client for the client to check that the security level is the network security level to be repaired The network configuration information is repaired.
S305:若所述云检测服务器与所述客户端的网络连接不正常,云检测服务器存储所述网络安全等级,并在所述云检测服务器与所述客户端的网络连接正常时,将所述网络安全等级返回至客户端。S305: If the network connection between the cloud detection server and the client is abnormal, the cloud detection server stores the network security level, and when the network connection between the cloud detection server and the client is normal, the network security The level is returned to the client.
基于上述实施例提供的方法,本申请可以对于云检测服务器与客户端网络连接不正常时,先存储网络安全等级,并在所述云检测服务器与所述客户端的网络连接正常时,将所述网络安全等级返回至客户端。从而使得客户端可以接收到云检测服务器返回的网络安全等级,更好的确保无线网络的安全。Based on the methods provided by the above embodiments, the present application can store the network security level first when the network connection between the cloud detection server and the client is abnormal, and store the network security level when the network connection between the cloud detection server and the client is normal. The network security level is returned to the client. Thus, the client can receive the network security level returned by the cloud detection server, so as to better ensure the security of the wireless network.
图6为本申请一实施例中提供的无线网络的网络配置检测修复装置的模块图,其中,该装置包含的各个单元所能实现的功能与上述方法中包含的各个步骤所能实现的功能相同,故本装置可以参照上述方法的具体内容。具体地,上述装置包括:6 is a block diagram of an apparatus for detecting and repairing a network configuration of a wireless network according to an embodiment of the present application, wherein the functions that can be implemented by each unit included in the apparatus are the same as the functions that can be implemented by each step included in the above method , so the device can refer to the specific content of the above method. Specifically, the above device includes:
获取单元101,用于获取客户端连接的无线网络的网络配置信息;其中,所述网络配置信息至少包括该无线网络预设的恶意统一资源定位符URL;The obtaining
发送单元102,用于向云检测服务器发送携带上述网络配置信息的检测请求;A sending
接收单元103,用于接收云检测服务器返回的与所述检测请求对应的网络安全等级;其中,所述网络安全等级是云检测服务器根据预先设定的安全检测规则确定的;The receiving
判断单元104,用于判断所述网络安全等级是否为待修复的网络安全等级,若是,对该无线网络的网络配置信息进行相应的修复动作。The determining
基于上述实施例提供的装置,可以根据无线网络的网络配置信息,通过云检测服务器来检测到需要进行修复的网络安全等级(包括对无线网络预设的URL进行篡改等)并返回至客户端,最终由客户端确定是否需要对网络配置信息进行相应地修复,从而确保无线网络的安全。Based on the device provided by the above embodiment, the network security level that needs to be repaired (including tampering with the preset URL of the wireless network, etc.) can be detected by the cloud detection server according to the network configuration information of the wireless network, and returned to the client, Ultimately, the client determines whether the network configuration information needs to be corrected accordingly, so as to ensure the security of the wireless network.
本申请实施例中,所述接收单元103具体用于:接收云检测服务器返回的根据云检测服务器上预设的安全检测规则确定的网络安全等级;其中,所述安全检测规则包括:如URL与云检测服务器上预存的与该无线网络对应的URL不一致,则所述网络安全等级为危险。In the embodiment of the present application, the receiving
相应地,所述判断单元104具体用于:判断所述网络安全等级是否为危险,若是,对所述网络配置信息进行修复。Correspondingly, the determining
本申请实施例中,所述网络配置信息还包括广域网WAN接口的域名系统DNS、动态主机配置协议DHCP的DNS;则,所述接收单元103具体用于:In the embodiment of the present application, the network configuration information further includes the domain name system DNS of the WAN interface of the wide area network and the DNS of the dynamic host configuration protocol DHCP; then, the receiving
接收云检测服务器返回的根据云检测服务器上预设的安全检测规则确定的网络安全等级;其中,所述安全检测规则包括:如DNS符合第一DNS安全规则,则所述网络安全等级为危险;如DNS符合第二DNS安全规则,则所述网络安全等级为安全;如DNS符合第三DNS安全规则,则所述网络安全等级为警告。Receive the network security level determined according to the security detection rules preset on the cloud detection server returned by the cloud detection server; wherein, the security detection rules include: if the DNS complies with the first DNS security rule, the network security level is dangerous; If the DNS conforms to the second DNS security rule, the network security level is safe; if the DNS conforms to the third DNS security rule, the network security level is warning.
相应地,所述判断单元104具体用于:判断所述网络安全等级是否为危险或警告,若是,对所述网络配置信息进行修复。Correspondingly, the determining
图7为本申请另一实施例中提供的无线网络的网络配置检测修复装置的模块图,其中,该装置包含的各个单元所能实现的功能与上述方法中包含的各个步骤所能实现的功能相同,故本装置可以参照上述方法的具体内容。具体地,上述装置包括:7 is a block diagram of an apparatus for detecting and repairing a network configuration of a wireless network according to another embodiment of the present application, wherein the functions that can be implemented by each unit included in the apparatus and the functions that can be implemented by each step included in the above method are the same, so the device can refer to the specific content of the above method. Specifically, the above device includes:
获取单元201,用于获取客户端连接的无线网络的网络配置信息;其中,所述网络配置信息至少包括该无线网络预设的恶意统一资源定位符URL;Obtaining
第一判断单元202,用于判断客户端与所述云检测服务器的网络连接是否正常;The
确定单元203,用于在所述客户端与所述云检测服务器的网络连接不正常时,根据本地存储的安全检测规则确定与当前获取的网络配置信息对应的网络安全等级;其中,所述安全检测规则包括:如URL与云检测服务器上预存的与该无线网络对应的URL不一致,则所述网络安全等级为危险;The determining
第二判断单元204,用于判断所述网络安全等级是否为待修复的网络安全等级,若是,对该无线网络的网络配置信息进行相应的修复动作。The
基于上述实施例提供的装置,可以根据无线网络的网络配置信息,通过云检测服务器来检测到需要进行修复的网络安全等级(包括对无线网络预设的URL进行篡改等)并返回至客户端,最终由客户端确定是否需要对网络配置信息进行相应地修复,从而确保无线网络的安全。Based on the device provided by the above embodiment, the network security level that needs to be repaired (including tampering with the preset URL of the wireless network, etc.) can be detected by the cloud detection server according to the network configuration information of the wireless network, and returned to the client, Ultimately, the client determines whether the network configuration information needs to be corrected accordingly, so as to ensure the security of the wireless network.
本申请实施例中,所述网络配置信息还包括广域网WAN接口的域名系统DNS、动态主机配置协议DHCP的DNS;则,所述确定单元203具体用于:In the embodiment of the present application, the network configuration information further includes the domain name system DNS of the WAN interface of the wide area network and the DNS of the dynamic host configuration protocol DHCP; then, the determining
若所述客户端与所述云检测服务器的网络连接不正常,根据本地存储的安全检测规则确定与当前获取的网络配置信息中的DNS对应的网络安全等级;其中,所述安全检测规则包括:如DNS符合第一DNS安全规则,则所述网络安全等级为危险;如DNS符合第二DNS安全规则,则所述网络安全等级为安全;如DNS符合第三DNS安全规则,则所述网络安全等级为警告。If the network connection between the client and the cloud detection server is abnormal, determine the network security level corresponding to the DNS in the currently obtained network configuration information according to the security detection rules stored locally; wherein, the security detection rules include: If the DNS complies with the first DNS security rule, the network security level is dangerous; if the DNS complies with the second DNS security rule, the network security level is safe; if the DNS complies with the third DNS security rule, the network security level Level is Warning.
相应地,所述判断单元104具体用于:判断所述网络安全等级是否为危险或警告,若是,对所述网络配置信息进行修复。Correspondingly, the determining
同理,基于上述实施例提供的装置,可以根据无线网络的网络配置信息,通过云检测服务器来检测到需要进行修复的网络安全等级(包括对无线网络预设的URL进行篡改等)并返回至客户端,最终由客户端确定是否需要对网络配置信息进行相应地修复,从而确保无线网络的安全。In the same way, based on the device provided by the above embodiment, the network security level that needs to be repaired (including tampering with the preset URL of the wireless network, etc.) can be detected through the cloud detection server according to the network configuration information of the wireless network and returned to The client finally determines whether the network configuration information needs to be repaired accordingly, so as to ensure the security of the wireless network.
图8为本申请另一实施例中提供的无线网络的网络配置检测修复装置的模块图,其中,该装置包含的各个单元所能实现的功能与上述方法中包含的各个步骤所能实现的功能相同,故本装置可以参照上述方法的具体内容。具体地,上述装置包括:FIG. 8 is a block diagram of an apparatus for detecting and repairing a network configuration of a wireless network according to another embodiment of the present application, wherein the functions that can be implemented by each unit included in the apparatus and the functions that can be implemented by each step included in the above method are the same, so the device can refer to the specific content of the above method. Specifically, the above device includes:
接收单元301,用于接收客户端发送的携带客户端连接无线网络时获取的网络配置信息的检测请求;其中,所述网络配置信息至少包括该无线网络预设的恶意统一资源定位符URL;A receiving
检测单元302,用于根据预设的安全检测规则确定所述网络配置信息的网络安全等级;A
返回单元303,用于将所述网络安全等级返回至客户端,供客户端对所述安全等级为待修复的网络安全等级的网络配置信息进行修复动作。The returning
基于上述实施例提供的装置,云检测服务器可以对客户端发送的检测请求中携带的网络配置信息进行检测,通过云检测服务器来检测到需要进行修复的网络安全等级(包括对无线网络预设的URL进行篡改等)并返回至客户端,最终由客户端确定是否需要对网络配置信息进行相应地修复,从而确保无线网络的安全。Based on the device provided by the above embodiment, the cloud detection server can detect the network configuration information carried in the detection request sent by the client, and the cloud detection server can detect the network security level that needs to be repaired (including the preset wireless network security level). The URL is tampered with, etc.) and returned to the client, and finally the client determines whether the network configuration information needs to be repaired accordingly, so as to ensure the security of the wireless network.
所述安全检测规则包括:如URL符合第一URL安全规则,则所述网络安全等级为危险;如URL符合第二URL安全规则,则所述网络安全等级为安全;如URL符合第三URL安全规则,则所述网络安全等级为警告。The security detection rules include: if the URL conforms to the first URL security rule, the network security level is dangerous; if the URL conforms to the second URL security rule, the network security level is safe; if the URL conforms to the third URL security rule rule, the network security level is warning.
所述网络配置信息还包括广域网WAN接口的域名系统DNS;The network configuration information also includes the domain name system DNS of the WAN interface of the wide area network;
则所述检测单元302具体用于:Then the
根据预设的安全检测规则确定所述网络配置信息的网络安全等级;其中,所述安全检测规则包括:如DNS符合第一DNS安全规则,则所述网络安全等级为危险;如DNS符合第二DNS安全规则,则所述网络安全等级为安全;如DNS符合第三DNS安全规则,则所述网络安全等级为警告。The network security level of the network configuration information is determined according to a preset security detection rule; wherein, the security detection rule includes: if the DNS complies with the first DNS security rule, the network security level is dangerous; if the DNS complies with the second DNS security rule, the network security level is dangerous; DNS security rules, the network security level is safe; if the DNS conforms to the third DNS security rule, the network security level is warning.
所述网络配置信息还包括广域网WAN接口的域名系统DNS;The network configuration information also includes the domain name system DNS of the WAN interface of the wide area network;
则所述检测单元302具体用于:Then the
根据预设的安全检测规则确定所述网络配置信息的网络安全等级;其中,所述安全检测规则包括:如DNS符合第一DNS安全规则,则所述网络安全等级为危险;如DNS符合第二DNS安全规则,则所述网络安全等级为安全;如DNS符合第三DNS安全规则,则所述网络安全等级为警告。The network security level of the network configuration information is determined according to a preset security detection rule; wherein, the security detection rule includes: if the DNS complies with the first DNS security rule, the network security level is dangerous; if the DNS complies with the second DNS security rule, the network security level is dangerous; DNS security rules, the network security level is safe; if the DNS conforms to the third DNS security rule, the network security level is warning.
在返回单元303之前,还包括:Before returning to
判断单元,用于判断云检测服务器与客户端的网络连接是否正常;a judging unit for judging whether the network connection between the cloud detection server and the client is normal;
所述返回单元具体用于:The returning unit is specifically used for:
在所述云检测服务器与所述客户端的网络连接不正常时,云检测服务器存储所述网络安全等级;并在所述云检测服务器与所述客户端的网络连接正常时,将所述网络安全等级返回至客户端,供客户端对所述安全等级为待修复的网络安全等级的网络配置信息进行修复动作。When the network connection between the cloud detection server and the client is abnormal, the cloud detection server stores the network security level; and when the network connection between the cloud detection server and the client is normal, the network security level is stored in the cloud detection server. Return to the client, for the client to perform a repair action on the network configuration information whose security level is the network security level to be repaired.
基于上述实施例提供的装置,可以对于云检测服务器与客户端网络连接不正常时,先存储网络安全等级,并在所述云检测服务器与所述客户端的网络连接正常时,将所述网络安全等级返回至客户端。从而使得客户端可以接收到云检测服务器返回的网络安全等级,更好的确保无线网络的安全。Based on the device provided by the above embodiment, when the network connection between the cloud detection server and the client is abnormal, the network security level can be stored first, and when the network connection between the cloud detection server and the client is normal, the network security level can be stored. The level is returned to the client. Thus, the client can receive the network security level returned by the cloud detection server, so as to better ensure the security of the wireless network.
本领域内的技术人员应明白,本发明的实施例可提供为方法、系统、或计算机程序产品。因此,本发明可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
本发明是参照根据本发明实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block in the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to the processor of a general purpose computer, special purpose computer, embedded processor or other programmable data processing device to produce a machine such that the instructions executed by the processor of the computer or other programmable data processing device produce Means for implementing the functions specified in a flow or flow of a flowchart and/or a block or blocks of a block diagram.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory result in an article of manufacture comprising instruction means, the instructions The apparatus implements the functions specified in the flow or flow of the flowcharts and/or the block or blocks of the block diagrams.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded on a computer or other programmable data processing device to cause a series of operational steps to be performed on the computer or other programmable device to produce a computer-implemented process such that The instructions provide steps for implementing the functions specified in the flow or blocks of the flowcharts and/or the block or blocks of the block diagrams.
在一个典型的配置中,计算设备包括一个或多个处理器(CPU)、输入/输出接口、网络接口和内存。In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
内存可能包括计算机可读介质中的非永久性存储器,随机存取存储器(RAM)和/或非易失性内存等形式,如只读存储器(ROM)或闪存(flash RAM)。内存是计算机可读介质的示例。Memory may include non-persistent memory in computer readable media, random access memory (RAM) and/or non-volatile memory in the form of, for example, read only memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
计算机可读介质包括永久性和非永久性、可移动和非可移动媒体可以由任何方法或技术来实现信息存储。信息可以是计算机可读指令、数据结构、程序的模块或其他数据。计算机的存储介质的例子包括,但不限于相变内存(PRAM)、静态随机存取存储器(SRAM)、动态随机存取存储器(DRAM)、其他类型的随机存取存储器(RAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、快闪记忆体或其他内存技术、只读光盘只读存储器(CD-ROM)、数字多功能光盘(DVD)或其他光学存储、磁盒式磁带,磁带磁磁盘存储或其他磁性存储设备或任何其他非传输介质,可用于存储可以被计算设备访问的信息。按照本文中的界定,计算机可读介质不包括暂存电脑可读媒体(transitory media),如调制的数据信号和载波。Computer-readable media includes both persistent and non-permanent, removable and non-removable media, and storage of information may be implemented by any method or technology. Information may be computer readable instructions, data structures, modules of programs, or other data. Examples of computer storage media include, but are not limited to, phase-change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read only memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), Flash Memory or other memory technology, Compact Disc Read Only Memory (CD-ROM), Digital Versatile Disc (DVD) or other optical storage, Magnetic tape cartridges, magnetic tape magnetic disk storage or other magnetic storage devices or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, computer-readable media does not include transitory computer-readable media, such as modulated data signals and carrier waves.
还需要说明的是,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、商品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、商品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个…...”限定的要素,并不排除在包括所述要素的过程、方法、商品或者设备中还存在另外的相同要素。It should also be noted that the terms "comprising", "comprising" or any other variation thereof are intended to encompass a non-exclusive inclusion such that a process, method, article or device comprising a series of elements includes not only those elements, but also Other elements not expressly listed, or which are inherent to such a process, method, article of manufacture, or apparatus are also included. Without further limitation, an element defined by the phrase "comprising a..." does not preclude the presence of additional identical elements in a process, method, article of manufacture or apparatus that includes the element.
本领域技术人员应明白,本申请的实施例可提供为方法、系统或计算机程序产品。因此,本申请可采用完全硬件实施例、完全软件实施例或结合软件和硬件方面的实施例的形式。而且,本申请可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。It will be appreciated by those skilled in the art that the embodiments of the present application may be provided as a method, a system or a computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
以上所述仅为本申请的实施例而已,并不用于限制本申请。对于本领域技术人员来说,本申请可以有各种更改和变化。凡在本申请的精神和原理之内所作的任何修改、等同替换、改进等,均应包含在本申请的权利要求范围之内。The above descriptions are merely examples of the present application, and are not intended to limit the present application. Various modifications and variations of this application are possible for those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of this application shall be included within the scope of the claims of this application.
Claims (8)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510982427.0A CN106912039B (en) | 2015-12-23 | 2015-12-23 | Method and device for network configuration detection and repair of wireless network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510982427.0A CN106912039B (en) | 2015-12-23 | 2015-12-23 | Method and device for network configuration detection and repair of wireless network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106912039A CN106912039A (en) | 2017-06-30 |
| CN106912039B true CN106912039B (en) | 2020-07-07 |
Family
ID=59206065
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510982427.0A Active CN106912039B (en) | 2015-12-23 | 2015-12-23 | Method and device for network configuration detection and repair of wireless network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106912039B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103634786A (en) * | 2013-11-14 | 2014-03-12 | 北京奇虎科技有限公司 | Method and system for security detection and repair of wireless network |
| CN103888480A (en) * | 2014-04-18 | 2014-06-25 | 北京奇虎科技有限公司 | Cloud monitoring based network information security identification method and cloud device |
| CN104980446A (en) * | 2015-06-30 | 2015-10-14 | 百度在线网络技术(北京)有限公司 | Detection method and system for malicious behavior |
| CN105100048A (en) * | 2015-05-26 | 2015-11-25 | 北京奇虎科技有限公司 | WiFi network security identification method, server, client device and system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9015833B2 (en) * | 2012-11-07 | 2015-04-21 | Trusteer, Ltd. | Defense against DNS DoS attack |
-
2015
- 2015-12-23 CN CN201510982427.0A patent/CN106912039B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103634786A (en) * | 2013-11-14 | 2014-03-12 | 北京奇虎科技有限公司 | Method and system for security detection and repair of wireless network |
| CN103888480A (en) * | 2014-04-18 | 2014-06-25 | 北京奇虎科技有限公司 | Cloud monitoring based network information security identification method and cloud device |
| CN105100048A (en) * | 2015-05-26 | 2015-11-25 | 北京奇虎科技有限公司 | WiFi network security identification method, server, client device and system |
| CN104980446A (en) * | 2015-06-30 | 2015-10-14 | 百度在线网络技术(北京)有限公司 | Detection method and system for malicious behavior |
Non-Patent Citations (1)
| Title |
|---|
| 《云安全模式下恶意URL实时检测系统的设计与测试》;许杰;《中国优秀硕士学位论文全文数据库 信息科技辑》;20150415;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106912039A (en) | 2017-06-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103634786B (en) | A kind of method and system for security detection and repair of wireless network | |
| US8799309B2 (en) | Verifying network delivery of information to a device based on physical characteristics | |
| WO2022247751A1 (en) | Method, system and apparatus for remotely accessing application, device, and storage medium | |
| US9398028B1 (en) | System, device and method for detecting a malicious attack based on communcations between remotely hosted virtual machines and malicious web servers | |
| US10326730B2 (en) | Verification of server name in a proxy device for connection requests made using domain names | |
| KR102460696B1 (en) | System for controlling network access based on controller and method of the same | |
| US10230691B2 (en) | Systems, devices, and methods for improved domain name system firewall protection | |
| CN103607385A (en) | Method and apparatus for security detection based on browser | |
| CN104239577A (en) | Method and device for detecting authenticity of webpage data | |
| WO2013100967A1 (en) | Web authentication using client platform root of trust | |
| WO2015007231A1 (en) | Method and device for identification of malicious url | |
| US8763120B1 (en) | Exploitation detection | |
| US20180191520A1 (en) | Gateway and diagnosing method thereof | |
| US9781601B1 (en) | Systems and methods for detecting potentially illegitimate wireless access points | |
| WO2014165640A1 (en) | Resilient and restorable dynamic device identification | |
| US20250023857A1 (en) | System for controlling network access on basis of controller, and method therefor | |
| CN104662871A (en) | Method and device for securely accessing a web service | |
| KR102514618B1 (en) | System for controlling network access based on controller and method of the same | |
| KR102460692B1 (en) | System for controlling network access based on controller and method of the same | |
| KR102749334B1 (en) | System for controlling network access of node connected to network node and method of the same | |
| US11736528B2 (en) | Low latency cloud-assisted network security with local cache | |
| WO2023020606A1 (en) | Method, system and apparatus for hiding source station, and device and storage medium | |
| CN106912064B (en) | Network configuration detection and repair method and device for wireless network | |
| CN112291204B (en) | Access request processing method and device and readable storage medium | |
| CN107968769A (en) | Webpage security detection method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee after: Beijing Qizhi Business Consulting Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co.,Ltd. |
|
| CP01 | Change in the name or title of a patent holder | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220322 Address after: 100020 1773, 15 / F, 17 / F, building 3, No.10, Jiuxianqiao Road, Chaoyang District, Beijing Patentee after: Sanliu0 Digital Security Technology Group Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Beijing Qizhi Business Consulting Co.,Ltd. |
|
| TR01 | Transfer of patent right |