CN113630387B - Method for realizing user name and password replacement in MySQL protocol authentication process based on proxy - Google Patents
Method for realizing user name and password replacement in MySQL protocol authentication process based on proxy Download PDFInfo
- Publication number
- CN113630387B CN113630387B CN202110822908.0A CN202110822908A CN113630387B CN 113630387 B CN113630387 B CN 113630387B CN 202110822908 A CN202110822908 A CN 202110822908A CN 113630387 B CN113630387 B CN 113630387B
- Authority
- CN
- China
- Prior art keywords
- data packet
- packet
- password
- data
- length
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 39
- 238000012795 verification Methods 0.000 claims abstract description 7
- 150000003839 salts Chemical class 0.000 claims description 29
- 230000005540 biological transmission Effects 0.000 claims description 3
- 230000004075 alteration Effects 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000003466 welding Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0281—Proxies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method for realizing user name and password replacement in a MySQL protocol authentication process based on an agent, which comprises the following steps: capturing a first data packet in a handshake process; then capturing a client login data packet; judging whether the client login data packet contains a password encryption string; if the client login data packet contains the password encryption string, intercepting an authentication result data packet returned by the server; if the client login data packet does not contain the password encryption string, intercepting a data packet returned by the next server; intercepting a verification data packet sent by a client, and replacing a password encryption string in the data packet; and intercepting the authentication result data packet returned by the server. The user can be distinguished and recorded without creating a large number of database accounts. The database connection account can be protected, and the risk of real database account leakage can be effectively avoided.
Description
Technical Field
The invention relates to the technical field of databases, in particular to a method for realizing user name and password replacement in a MySQL protocol authentication process based on an agent.
Background
The bastion machine is used for monitoring and recording the operation behaviors of operation and maintenance personnel on servers, network equipment, safety equipment, databases and other equipment in the network by using various technical means in order to ensure that the network and data are not invaded and damaged by external and internal users under a specific network environment so as to realize centralized alarming, timely processing, auditing and responsibility determination. However, the existing bastion machine technology is based on database account number issuing realized by a database, is not flexible enough, does not control the authority of a database user in place, often causes that one account number is allocated and can be used by multiple persons, an operator is difficult to locate when a problem occurs, and the user name and the password of the used account cannot be tampered, so that the database account and the password have the risk of leakage.
Disclosure of Invention
The invention aims to provide a method for realizing user name and password replacement in a MySQL protocol authentication process based on an agent, so as to solve the problems in the background technology.
In order to achieve the purpose, the invention provides the following technical scheme: a method for realizing user name and password replacement in a MySQL protocol authentication process based on an agent comprises the following steps:
step one, an application program issues a false user name and password pair which have a hidden transmission relation with a real database account;
step two, capturing a first data packet in a handshake process;
thirdly, capturing a client login data packet;
step four, judging whether the client login data packet contains a password encryption string;
step five, if the client login data packet contains the password encryption string, intercepting an authentication result data packet returned by the server;
step six, based on the step four, if the client login data packet does not contain the password encryption string, intercepting a data packet returned by the next server;
intercepting a verification data packet sent by the client based on the sixth step, and replacing a password encryption string in the data packet;
and step eight, intercepting the authentication result data packet returned by the server based on the step seven.
Preferably, in the second step, the first data Packet is a hello Packet sent by the Server, and the data structure of the first data Packet includes Packet Length, packet Number, protocol, version, thread ID, salt Part1, server Capabilities, server Language, extended Status, extended Server Capabilities, authentication plug Length, payload, salt Part2, and Authentication plug.
Preferably, the 5 th bit of the 2 nd byte in the Server Capabilities indicates whether the SSL authentication is supported, and the Server Capabilities [1] and 0xf7 are anded and then forwarded to the client;
and the Salt Part1 and the Salt Part2 are merged to be used as an encrypted Salt cache for replacing the password encryption string.
Preferably, the Data structure of the Client login Data Packet comprises Packet Length, packet Number, client Capabilities, extended Client Capabilities, MAX Packet, charset, username, auth Data Length, auth Data, client Auth plug, connection Attributes Length, and Connection Attributes;
preferably, the Username represents a login name used for authentication, and the program finds a corresponding real Username according to the Username and replaces the Username with the real Username;
if the client login Data Packet contains the password encryption string, encrypting a false password pair corresponding to the Username and the cached Salt according to the encryption logic corresponding to the Auth Plugin, comparing the false password pair with the password encryption string in the client login Data Packet, if the comparison result is matched, encrypting a password corresponding to the real user name and the cached Salt according to the encryption logic corresponding to the Auth Plugin, replacing Auth Data Length and Auth Data, recalculating the Length, modifying the Packet Length, forwarding the Packet Length to the server, and performing the fifth step;
and if the client login data Packet does not contain the password encryption string, recalculating the Length of the data Packet after the user name is replaced, modifying the Packet Length, forwarding the data Packet to the server, and sequentially performing the sixth step, the seventh step and the eighth step.
Preferably, the Data structure of the Data Packet returned by the next server in the sixth step includes Packet Length, packet Number, status, authentication and plug auth Method Data;
the Authentication plug is a final encryption mode selected by the server, and after caching, the Authentication plug forwards a data packet returned by the server next time to the client.
Preferably, the Data structure of the verification Data Packet sent by the client in the seventh step includes Packet Length, packet Number, and Auth Data;
and if the comparison result is matched, encrypting the password of the real user and the cached Salt by using the encryption logic corresponding to the Authentication plug, and replacing the Auth Data.
Preferably, the data structures of the authentication result data packets returned by the server in the fifth step and the eighth step include Packet Length, packet Number, and Status;
and recording an authentication result according to the value of the Status, and forwarding the data to the client. .
Compared with the prior art, the invention has the beneficial effects that: the method for replacing the user name and the password in the authentication process of the MySQL protocol based on the agent is characterized in that the MySQL protocol is analyzed, the user name and the encrypted password string in the authentication process in the handshake phase of the MySQL protocol are tampered under the condition of not using SSL authentication, and the identity of a user can be distinguished and recorded under the condition of not creating a large number of database accounts. The database connection account can be protected, and the risk of real database account leakage can be effectively avoided.
Drawings
FIG. 1 is a flow chart of the inclusion of a cryptographic string in a client login data packet;
FIG. 2 is a flow chart illustrating the absence of a cryptographic string in the client login packet.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1-2, the present invention provides the following technical solutions: a method for realizing user name and password replacement in a MySQL protocol authentication process based on an agent comprises the following steps:
step one, an application program issues a false user name and password pair which have a hidden transmission relation with a real database account;
step two, capturing a first data packet in a handshake process;
thirdly, capturing a client login data packet;
step four, judging whether the client login data packet contains a password encryption string; and judging whether the encryption string is contained according to the value of the encryption string length in the client login data packet, if the value is 0, indicating that the current client login data packet does not contain the encryption string, and if the value is not 0, indicating that the current client login data packet contains the encryption string.
Step five, if the client login data packet contains the password encryption string, intercepting an authentication result data packet returned by the server;
step six, based on the step four, if the client login data packet does not contain the password encryption string, intercepting a data packet returned by the next server;
intercepting a verification data packet sent by the client based on the sixth step, and replacing a password encryption string in the data packet;
and step eight, intercepting the authentication result data packet returned by the server based on the step seven.
Specifically, in the second step, the first data Packet is a hello Packet sent by the Server, and the data structure of the first data Packet includes Packet Length, packet Number, protocol, version, thread ID, salt Part1, server Capabilities, server Language, extended Status, extended Server Capabilities, authentication plug Length, payload, salt Part2, and Authentication plug.
The Packet Length is the Length of a data Packet, the Number of bits 3 and the Packet Number are the sequence Number of the data Packet, the Number of bits 1 and the Protocol are the Protocol Version Number, the Number of bits 1 and Version are the Version Number of a Server, the Number of bits is not fixed, the Number of bits is 0x00 ending, thread ID is the Thread Number, the Number of bits 4 and the Salt Part1 are the first Part of an encrypted Salt, the Number of bits is not fixed, the Number of bits is 0x00 ending, server Capabilities are basically set as the Server, the Number of bits 2 and the Server Language are the Server Language, the Number of bits 1 and the Extended Status are the state of the Server, the Number of bits 2 and the Extended Server Capabilities are set as additional servers, the Number of bits 2 and the Authentication plug-in Length are the Length of an Authentication plug-in, the Number of bits 1 and the Payload are additional values, the Number of bits 10 and the Salt Part2 are the second Part of the encrypted Salt, the Number of bits is not fixed, the Number of bits is 0x00 and the Authentication plug-in Length is 0x00 ending, and the fixed Length of the fixed Length is not fixed Length.
Specifically, the 5 th bit of the 2 nd byte in the Server Capabilities represents whether SSL authentication is supported or not, and the Server Capabilities [1] and 0xf7 are subjected to AND operation and then forwarded to the client;
and the Salt Part1 and the Salt Part2 are merged to be used as an encrypted Salt cache for replacing the password encryption string.
Specifically, the Data structure of the Client login Data Packet comprises Packet Length, packet Number, client Capabilities, extended Client Capabilities, MAX Packet, charset, username, auth Data Length, auth Data, client Auth plug, connection, attributes Length, and Connection Attribute;
the Packet Length is the total Length of the Data Packet, the bit Number 3 and the Packet Number are the sequence Number of the Data Packet, the bit Number 1 and the Client Capabilities are Client attributes, the bit Number 2 and the Extended Client Capabilities are Client additional attributes, the bit Number 2 and the MAX Packet are the maximum Length of the Data Packet, the bit Number 4 and the Charset are Client languages, the bit Number 1 and the Username are user names, the bit Number is of an indefinite Length, the end of 0x00 and the Auth Data Length are encryption string lengths and the bit Number 1, and if the Packet Length is 0, the current Client login Data Packet does not contain a Password encryption string, namely, the server is informed that the Client does not select an encryption mode and needs to be busy selection of the server. Auth Data is a password encryption string, the digit is consistent with Auth Data Length, client Auth plug is a Client authentication plug-in, the digit is not fixed in Length and ends at 0x00, connection Attributes Length is Connection Attribute Length, digit 1 and Connection Attributes are Connection Attributes, and the digit is consistent with Connection Attributes Length.
Specifically, the Username represents a login name used for authentication, and the program finds a corresponding real user name according to the Username and replaces the Username with the real user name;
if the client login Data Packet contains the password encryption string, encrypting a false password pair corresponding to the Username and the cached Salt according to the encryption logic corresponding to the Auth Plugin, comparing the false password pair with the password encryption string in the client login Data Packet, if the comparison result is matched, encrypting a password corresponding to the real user name and the cached Salt according to the encryption logic corresponding to the Auth Plugin, replacing Auth Data Length and Auth Data, recalculating the Length, modifying the Packet Length, forwarding the Packet Length to the server, and performing the fifth step;
and if the login data Packet of the client does not contain the password encryption string, recalculating the Length of the data Packet after replacing the Username, modifying the Packet Length, forwarding the data Packet to the server, and sequentially performing the sixth step, the seventh step and the eighth step.
Specifically, the Data structure of the Data Packet returned by the server in the step six includes Packet Length, packet Number, status, authentication, and plug auth Method Data;
packet Length is the Length of the Data Packet, the Number of bits 3 and Packet Number are the sequence Number of the Data Packet, the Number of bits 1 and Status are the Authentication state, 0xfe is failure, 0x00 is success, authentication is the name of the Authentication Method, the Number of bits is indefinite, the Number of bits is ending with 0x00 and plug auth Data is the Authentication string, the Number of bits is indefinite and ending with 0x 00.
The Authentication plug is a final encryption mode selected by the server, and after caching, the Authentication plug forwards a data packet returned by the server next time to the client.
Specifically, the Data structure of the verification Data Packet sent by the client in the seventh step includes Packet Length, packet Number, and Auth Data;
the Packet Length is the Length of the Data Packet, the bit Number 3 and the Packet Number are the sequence Number of the Data Packet, the bit Number 1 and Auth Data are the encryption strings of the password, and the bit Number is not fixed until the end of the Data Packet.
And if the comparison result is matched, encrypting the password of the real user and the cached Salt by using the encryption logic corresponding to the Authentication plug, and replacing the Auth Data.
Specifically, the data structures of the authentication result data packets returned by the server in the fifth step and the eighth step include Packet Length, packet Number, and Status;
packet Length is the Length of the data Packet, bit Number 3 and Packet Number are the sequence Number of the data Packet, bit Number 1 and Status are the authentication states, 0xfe is failure, and 0x00 is success.
And recording an authentication result according to the value of the Status, and forwarding the data to the client.
In the description of the present invention, unless otherwise expressly specified or limited, the terms "mounted," "connected," and "fixed" are to be construed broadly, e.g., as meaning either a fixed connection, a removable connection, or an integral part; can be mechanically or electrically connected; either directly or indirectly through intervening media, either internally or in any other relationship. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
The standard parts used in the invention can be purchased from the market, the special-shaped parts can be customized according to the description of the specification and the accompanying drawings, the specific connection mode of each part adopts conventional means such as bolts, rivets, welding and the like mature in the prior art, the machines, the parts and equipment adopt conventional models in the prior art, and the circuit connection adopts the conventional connection mode in the prior art, so that the detailed description is omitted.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (6)
1. A method for realizing user name and password replacement in a MySQL protocol authentication process based on an agent is characterized by comprising the following steps:
step one, an application program issues a false user name and password pair which have a hidden transmission relation with a real database account;
step two, capturing a first data packet in a handshake process;
thirdly, capturing a client login data packet;
step four, judging whether the client login data packet contains a password encryption string;
step five, if the client login data packet contains the password encryption string, intercepting an authentication result data packet returned by the server;
step six, based on the step four, if the client login data packet does not contain the password encryption string, intercepting a data packet returned by the server for the next time:
the Data structure of the Data Packet returned by the next server side comprises Packet Length, packet Number, status, authentication and PluginAuth Method Data;
packet Length is the Length of the Data Packet, the Number of bits 3 and Packet Number are the sequence Number of the Data Packet, the Number of bits 1 and Status are the Authentication states, 0xfe is failure, 0x00 is success, authentication is the name of the Authentication Method, the Number of bits is indefinite, the Length of the bits is 0x00 ending, the Number of PluginAuth Method Data is the Authentication string, the Number of bits is indefinite, and the Length of the bits is 0x00 ending;
the Authentication plug is a final encryption mode selected by the server, and after caching, the data packet returned by the next server is forwarded to the client;
intercepting a verification data packet sent by the client based on the sixth step, and replacing a password encryption string in the data packet:
the Data structure of the verification Data Packet sent by the client comprises Packet Length, packet Number and Auth Data;
calculating expected Auth Data by the cached Salt, authentication plug and false password pairs corresponding to the Username, and if the comparison results are matched, encrypting the password of the real user and the cached Salt by using the encryption logic corresponding to the Authentication plug to replace the Auth Data;
and step eight, intercepting the authentication result data packet returned by the server based on the step seven.
2. The method for realizing user name and password replacement in MySQL protocol authentication process based on the agent according to claim 1, wherein: in the second step, the first data Packet is a hello Packet sent by the Server, and the data structure of the first data Packet comprises Packet Length, packet Number, protocol, version, thread ID, salt Part1, server Capabilities, server Language, extended Status, extended Server Capabilities, authentication plug Length, payload, salt Part2 and Authentication plug.
3. The method for realizing user name and password replacement in MySQL protocol authentication process based on the agent according to claim 2, characterized in that: the 5 th bit of the 2 nd byte in the Server Capabilities represents whether SSL authentication is supported or not, and the Server Capabilities [1] and 0xf7 are subjected to AND operation and then forwarded to the client;
and the Salt Part1 and the Salt Part2 are merged to be used as an encrypted Salt cache for replacing the password encryption string.
4. The method of claim 3 for implementing user name and password replacement in MySQL protocol authentication process based on agent, which is characterized in that: the Data structure of the Client login Data Packet comprises Packet Length, packet Number, client Capabilities, extended Client Capabilities, MAX Packet, charset, username, auth Data Length, auth Data, client Auth Plugin, connection Attributes Length and Connection Attribute.
5. The method for realizing user name and password replacement in MySQL protocol authentication process based on the agent according to claim 4, characterized in that: the Username represents a login name used for authentication, a program finds a corresponding real user name according to the Username, and the Username is replaced by the real user name;
if the client login Data Packet contains the password encryption string, encrypting the false password pair corresponding to the Username and the cached Salt according to the encryption logic corresponding to the Auth Plugin, comparing the encrypted false password pair with the password encryption string in the client login Data Packet, if the comparison result is matched, encrypting the password corresponding to the real user name and the cached Salt according to the encryption logic corresponding to the Auth Plugin, replacing the Auth Data Length and the Auth Data, recalculating the Length, modifying the Packet Length, and forwarding the Packet Length to the server side, and performing the fifth step;
and if the login data Packet of the client does not contain the password encryption string, recalculating the Length of the data Packet after replacing the Username, modifying the Packet Length, forwarding the data Packet to the server, and sequentially performing the sixth step, the seventh step and the eighth step.
6. The method for realizing user name and password replacement in MySQL protocol authentication process based on the agent according to claim 1, characterized in that: the data structures of the authentication result data packets returned by the server in the fifth step and the eighth step comprise Packet Length, packet Number and Status;
and recording an authentication result according to the value of the Status, and forwarding the data to the client.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110822908.0A CN113630387B (en) | 2021-07-21 | 2021-07-21 | Method for realizing user name and password replacement in MySQL protocol authentication process based on proxy |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110822908.0A CN113630387B (en) | 2021-07-21 | 2021-07-21 | Method for realizing user name and password replacement in MySQL protocol authentication process based on proxy |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113630387A CN113630387A (en) | 2021-11-09 |
| CN113630387B true CN113630387B (en) | 2023-04-07 |
Family
ID=78380442
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110822908.0A Active CN113630387B (en) | 2021-07-21 | 2021-07-21 | Method for realizing user name and password replacement in MySQL protocol authentication process based on proxy |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113630387B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115567327B (en) * | 2022-12-05 | 2023-03-24 | 北京景安云信科技有限公司 | Method for realizing user name and password replacement in DB2 authentication process based on proxy |
| CN115632892B (en) * | 2022-12-23 | 2023-03-10 | 北京景安云信科技有限公司 | Method for replacing user name and password in ORACLE10G authentication process based on proxy |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040019786A1 (en) * | 2001-12-14 | 2004-01-29 | Zorn Glen W. | Lightweight extensible authentication protocol password preprocessing |
| CN105515758B (en) * | 2015-11-27 | 2018-08-17 | 桂林电子科技大学 | Data parallel encryption communication method and system based on Modbus agreements |
| US10484372B1 (en) * | 2015-12-14 | 2019-11-19 | Amazon Technologies, Inc. | Automatic replacement of passwords with secure claims |
| CN106355094B (en) * | 2016-07-08 | 2019-02-22 | 北京卫达信息技术有限公司 | A kind of SQL injection attack defending system and defence method based on grammer transformation |
| CN111835688B (en) * | 2019-04-22 | 2021-07-30 | 中国科学院声学研究所 | A method and system for fast forwarding of traffic based on SSL/TLS protocol |
| CN111695152B (en) * | 2020-05-26 | 2023-05-12 | 东南大学 | A MySQL database protection method based on security agent |
| CN112257086B (en) * | 2020-10-23 | 2022-02-01 | 华云数据控股集团有限公司 | User privacy data protection method and electronic equipment |
-
2021
- 2021-07-21 CN CN202110822908.0A patent/CN113630387B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN113630387A (en) | 2021-11-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Sekar et al. | A high-performance network intrusion detection system | |
| CN113630387B (en) | Method for realizing user name and password replacement in MySQL protocol authentication process based on proxy | |
| US9130826B2 (en) | System and related method for network monitoring and control based on applications | |
| US9172627B2 (en) | Device and related method for dynamic traffic mirroring | |
| CN111786949A (en) | Firewall security policy automatic adaptation system and method | |
| US6263444B1 (en) | Network unauthorized access analysis method, network unauthorized access analysis apparatus utilizing the method, and computer-readable recording medium having network unauthorized access analysis program recorded thereon | |
| KR20200033091A (en) | An apparatus for anomaly detecting of network based on artificial intelligent and method thereof, and system | |
| US20140282823A1 (en) | Device and related method for establishing network policy based on applications | |
| US20140280887A1 (en) | A device and related method for dynamic traffic mirroring policy | |
| US20140280211A1 (en) | Device and related method for application identification | |
| CN106656922A (en) | Flow analysis based protective method and device against network attack | |
| US9264509B1 (en) | Direct cache access for network input/output devices | |
| US20210185072A1 (en) | System and methods for automated computer security policy generation and anomaly detection | |
| EP3499908B1 (en) | A device and method for the determination of applications running on a network | |
| CN107135119A (en) | A kind of service response tracking and interface status monitor development system | |
| CN106656919B (en) | A method and system for session parsing based on Telnet protocol | |
| CN107992771A (en) | A kind of data desensitization method and device | |
| CN116324766A (en) | Optimizing crawling requests by browsing profiles | |
| CN107483409B (en) | A method for real-time monitoring and echoing of operation instructions for industrial control operating systems | |
| CN109995720A (en) | Heterogeneous device manages method, apparatus, system, equipment and medium concentratedly | |
| CN110691097A (en) | A system of industrial control honeypot based on hpfeeds protocol and its working method | |
| CN107124385B (en) | Mirror flow-based SSL/TLS protocol plaintext data acquisition method | |
| CN116633725A (en) | All-channel access gateway | |
| CN103236940A (en) | Method and device for content processing and network equipment | |
| CN109600395A (en) | A kind of device and implementation method of terminal network access control system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |