CN102271168A - Method of shielding and hijacking internet popup window by modifying approach of DNS (domain name system) replying IP (internet protocol) - Google Patents
Method of shielding and hijacking internet popup window by modifying approach of DNS (domain name system) replying IP (internet protocol) Download PDFInfo
- Publication number
- CN102271168A CN102271168A CN2011102698828A CN201110269882A CN102271168A CN 102271168 A CN102271168 A CN 102271168A CN 2011102698828 A CN2011102698828 A CN 2011102698828A CN 201110269882 A CN201110269882 A CN 201110269882A CN 102271168 A CN102271168 A CN 102271168A
- Authority
- CN
- China
- Prior art keywords
- window
- dns
- server
- internet
- code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
The invention relates to a method of shielding and hijacking an internet popup window by modifying an approach of a DNS (domain name system) replying an IP (internet protocol), and the method comprises the following specific steps: firstly, a user requests to access a webpage from a WEB server; secondly, the WEB server returns the contents of the webpage; and then, the user executes the contents of the webpage; a response is replied through a DNS server; the user requests a DNS manager leaping window code server to obtain a leaping window code; the user executes the leaping window code and sends leaping window advertisement contents to a DNS manager popup content server; and finally, the leaping window advertisement contents are popped up when the user accessing to an internet executes the webpage. By utilizing the method of shielding and hijacking the internet popup window by modifying the approach of the DNS replying the IP, an operator can carry out the leaping window of the internet through controlling the DNS server, and also can pop up the contents appointed by the operator through redirecting the leaping window of the internet, and the method is high in mission success rate and is easy to implement.
Description
Technical field
The present invention relates to the field of the Internet, especially a kind of DNS that revises replys the means shielding of IP and the method for kidnapping the Internet bullet window.
Background technology
The DNS name is used for TCP/IP networks such as Internet, by user-friendly name lookup computer and service.When the user imported dns name and claims in application program, the DNS service can be other associated information with this name resolving, as the IP address, because, the network address of input when you surf the Net again is to resolve by domain name analysis system to have found corresponding IP address, could surf the Net like this.In fact, the final sensing of domain name is IP.
As you know, when we in online time, input is as network address usually, a domain name that Here it is in fact, and the computer on our computer network each other can only be with the identification mutually of IP address.For another example, we remove the request one WEB page in the WEB server, we can import network address or corresponding IP address in browser, for example we will go up Sina website, we can import network address in the address field of IE, also can import the IP address, but so IP address we do not remember or say so and be difficult to remember, so the saying of domain name has been arranged, such domain name can be easy to remember by let us.
The paging window setting technique is that the page that sees through at webpage embeds specific Script code, carries out the code that is embedded in the webpage when opening webpage, and the webpage of this code call ad-agency ejects the advertisement of the script realization page and ejects.Operation flow: 1. at first the user as WEB server requests accessed web page; 2.WEB server returns web page contents, comprises the code that calls advertisement alliance that inserts in advance in the content; 3. the user carries out the content of webpage, goes the redirect code server request of advertisement alliance to jump the window code simultaneously; 4. obtain to jump the window code; 5. the user carries out and jumps the window code, and request advertiser's Advertisement Server sends jumping window ad content; 6. obtain to jump the window ad content, and carry out, simultaneously pop-up advertisement.
Be full of epoch of the Internet in malice advertisement, pop-up advertisement, the netizen 90% or more still be that wish can the advertisement of interceptor window, and the mode that many moneys browser producer and antivirus software producer take to shield execution pop-up window code by browser shields the bullet window.These means are to stop in the execution ejection behavior after the user obtains pop-up advertisement information.
At present, adopt the mode of Browser Hijack pop-up window, it must be specific browser, perhaps need to install certain browser plug-in, and all relevant plug-in unit of most of users' browser or do not support to play window and kidnap function, this mode is subjected to the restriction of user's PC software environment to be difficult for rapid large-scale promotion; Also has a kind of mode that adopts Browser Hijack, do not support to play the window redirection function, playing window redirected is only to refer to when the user can eject certain advertisement according to normal flow, what allow the user ejects by certain technological means is not original advertising page, but other page is notified or other content of pages for one such as a bulletin.
Summary of the invention
The technical problem to be solved in the present invention is: in order to overcome the problem that exists in above-mentioned, provide means shielding that a kind of DNS of modification replys IP and the method for kidnapping the Internet bullet window, can realize shielding and purpose that redirected the Internet ejects.
The technical solution adopted for the present invention to solve the technical problems is: a kind of DNS that revises replys the means shielding of IP and the method for kidnapping the Internet bullet window, and its concrete steps are as follows:
A. the Internet user sends the instruction request accessed web page to website master's WEB server;
B. website master's WEB server returns the webpage that calls advertisement alliance code that inserts in advance;
C. the user carries out after the content of webpage by send the DNS request to dns server and searches advertisement alliance and jump the window code server, find its IP address through after the dns resolution, dns server is to be used for domain name mapping, revise certain domain name simultaneously and reply the result, certain domain name is meant the domain name of advertisement alliance redirect code server;
D. dns server being sent answer after the DNS request replys and be sent to two addresses: one of them is inaccessible IP address, can make the user can not find advertisement alliance code server, so far avoided jumping the generation of window incident, kidnapped the result that window is jumped in the Internet thereby reached; Another can allow the user go to visit and ask to jump the window code after the DNS manager jumps the window code server for the address that the DNS manager jumps the window code server;
E. the user asks the DNS manager to jump the window code server and obtains to jump the window code;
F. the user carries out to jump the window code and eject content server to the DNS manager and sends jumping window ad content;
Eject when g. the Internet user carries out webpage and jump the window ad content, so just a Internet can be jumped on the jumping window page that is redirected to DNS manager appointment of window success.
It is to be used to deposit the code server that is redirected the jumping window that described DNS manager jumps the window code server.
It is to be used to deposit the WEB server that is redirected the ejection content that described DNS manager ejects content server.
Be redirected to be exactly to forward the diverse network request direction that fixes again to other position by various methods.
The beneficial effect that modification of the present invention DNS replys the means shielding of IP and kidnaps the method for the Internet bullet window is: utilize the DNS manager to jump the combination that window code server and DNS manager eject content server, operator can carry out the jumping window of the Internet by the control dns server, also can jump window simultaneously by being redirected the Internet, eject the content of operator's appointment, so far need not on user's PC, to install any software, just can realize the effect that shields and kidnap, it is high and implement easily that it has success rate.
Description of drawings
The present invention is further described below in conjunction with drawings and Examples.
Fig. 1 is that modification DNS of the present invention replys the means shielding of IP and kidnaps the structured flowchart of the method for the Internet bullet window.
Embodiment
In conjunction with the accompanying drawings, the present invention is further detailed explanation.These accompanying drawings are the schematic diagram of simplification, basic structure of the present invention only is described in a schematic way, so it only show the formation relevant with the present invention.
Modification DNS as shown in Figure 1 replys the means shielding of IP and the method for kidnapping the Internet bullet window, and its concrete steps are as follows: a. Internet user sends the instruction request accessed web page to website master's WEB server; B. website master's WEB server returns the webpage that calls advertisement alliance code that inserts in advance; C. the user carries out after the content of webpage by send the DNS request to dns server and searches advertisement alliance and jump the window code server, does dns resolution and find its IP address when searching; The d.DNS server is replied and is replied, if according to normal DNS flow process, DNS can reply the address that the window code server is jumped by advertisement alliance.But the present invention needs the control dns server to reply not according to normal response content in this step, but reply an inaccessible IP address such as an interior net address, this situation user just can not find advertisement alliance code server, just can not take place so jump the window incident, promptly reach and kidnapped the result that window is jumped in the Internet; If the address of replying is DNS manager redirect code server address, the user will go to visit to be used to deposit and be redirected the DNS manager who jumps window and jump the request of window code server and jump the window code so; E. the user asks the DNS manager to jump the window code server and obtains to jump the window code; F. the user carries out and jumps the window code and eject content server transmission jumping window ad content to being used to deposit the DNS manager of being redirected the ejection content; Eject to jump the window ad content when g. the Internet user carries out webpage, so just can be successfully on the jumping window page with the redirected DNS manager formulation of a Internet bullet window success.
Modification DNS of the present invention replys the means shielding of IP and the method for kidnapping the Internet bullet window: because internet communication is undertaken by the IP address, and remembeing certain server, people just remember their domain name rather than IP address usually, want to visit Baidu such as us, we can import www.baidu.com, here just relate to a domain name mapping problem, the user imports www.baidu.com in browser, browser can send a DNS request as dns server, convert www.baidu.com to the IP address, by obtaining IP address visit Baidu, DNS is exactly an equipment of being responsible for this translation then.
The Internet user who describes by Fig. 1 needs to visit advertisement alliance before playing window bullet window code server, it need convert the domain name of the bullet window code server of advertisement alliance to the IP address, remove to seek this server by the IP address then, the conversion domain name will send the DNS request to the DNS service, if a non-existent IP address is replied in the DNS request, the user just obtains less than playing the window ad code so, also pop-up window normally just; If dns server is replied the address that a DNS manager jumps the window code server, the user will obtain one section other jumping window code so, ejection is by the ejection port of fresh code control, simultaneously, the Internet user ejects content server by the DNS manager and ejects the purpose that content realizes the Internet bullet window.
With above-mentioned foundation desirable embodiment of the present invention is enlightenment, and by above-mentioned description, the related work personnel can carry out various change and modification fully in the scope that does not depart from this invention technological thought.The technical scope of this invention is not limited to the content on the specification, must determine its technical scope according to the claim scope.
Claims (3)
1. revise the means shielding of DNS answer IP and the method for kidnapping the Internet bullet window for one kind, it is characterized in that: its concrete steps are as follows:
A. the Internet user sends the instruction request accessed web page to website master's WEB server;
B. website master's WEB server returns the webpage that calls advertisement alliance code that inserts in advance;
C. the user carries out after the content of webpage by send the DNS request to dns server and searches advertisement alliance and jump the window code server;
D. dns server being sent answer after the DNS request replys and be sent to two addresses: one of them is inaccessible IP address, and another jumps the address of window code server for the DNS manager;
E. the user asks the DNS manager to jump the window code server and obtains to jump the window code;
F. the user carries out to jump the window code and eject content server to the DNS manager and sends jumping window ad content;
Eject when g. the Internet user carries out webpage and jump the window ad content.
2. modification DNS according to claim 1 replys the means shielding of IP and the method for kidnapping the Internet bullet window, it is characterized in that: it is to be used to deposit redirected code server of jumping window that described DNS manager jumps the window code server.
3. modification DNS according to claim 1 replys the means shielding of IP and the method for kidnapping the Internet bullet window, it is characterized in that: it is to be used to deposit the redirected WEB server that ejects content that described DNS manager ejects content server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011102698828A CN102271168A (en) | 2011-09-14 | 2011-09-14 | Method of shielding and hijacking internet popup window by modifying approach of DNS (domain name system) replying IP (internet protocol) |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011102698828A CN102271168A (en) | 2011-09-14 | 2011-09-14 | Method of shielding and hijacking internet popup window by modifying approach of DNS (domain name system) replying IP (internet protocol) |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102271168A true CN102271168A (en) | 2011-12-07 |
Family
ID=45053328
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011102698828A Pending CN102271168A (en) | 2011-09-14 | 2011-09-14 | Method of shielding and hijacking internet popup window by modifying approach of DNS (domain name system) replying IP (internet protocol) |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102271168A (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102868773A (en) * | 2012-08-22 | 2013-01-09 | 北京奇虎科技有限公司 | Method, device and system for detecting domain name system (DNS) black hole hijack |
| CN102968590A (en) * | 2012-10-23 | 2013-03-13 | 北京奇虎科技有限公司 | Pop window suppression method and system |
| CN102999636A (en) * | 2012-12-19 | 2013-03-27 | 北京奇虎科技有限公司 | Method and browser for carrying out interception treatment on popup window in webpage |
| CN103034727A (en) * | 2012-12-19 | 2013-04-10 | 北京奇虎科技有限公司 | System for intercepting pop-up window in webpage |
| CN103716286A (en) * | 2012-09-29 | 2014-04-09 | 联想(北京)有限公司 | Advertisement intercepting method and electronic equipment |
| WO2017004947A1 (en) * | 2015-07-07 | 2017-01-12 | 安一恒通(北京)科技有限公司 | Method and apparatus for preventing domain name hijacking |
| CN103685604B (en) * | 2013-12-20 | 2017-07-11 | 北京奇安信科技有限公司 | A kind of domain name pre-parsed method and device |
| CN106953865A (en) * | 2017-03-29 | 2017-07-14 | 福建中金在线信息科技有限公司 | A kind of method and apparatus for preventing that Internet advertising from being shielded |
| CN107360187A (en) * | 2017-08-21 | 2017-11-17 | 网宿科技股份有限公司 | A kind of processing method of network abduction, apparatus and system |
| CN108881146A (en) * | 2017-12-28 | 2018-11-23 | 北京安天网络安全技术有限公司 | Recognition methods, device, electronic equipment and the storage medium that domain name system is kidnapped |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101023419A (en) * | 2004-05-14 | 2007-08-22 | 模比莱普斯有限公司 | Method of providing a web page with inserted content |
-
2011
- 2011-09-14 CN CN2011102698828A patent/CN102271168A/en active Pending
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101023419A (en) * | 2004-05-14 | 2007-08-22 | 模比莱普斯有限公司 | Method of providing a web page with inserted content |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102868773B (en) * | 2012-08-22 | 2015-04-15 | 北京奇虎科技有限公司 | Method, device and system for detecting domain name system (DNS) black hole hijack |
| CN102868773A (en) * | 2012-08-22 | 2013-01-09 | 北京奇虎科技有限公司 | Method, device and system for detecting domain name system (DNS) black hole hijack |
| CN103716286A (en) * | 2012-09-29 | 2014-04-09 | 联想(北京)有限公司 | Advertisement intercepting method and electronic equipment |
| CN102968590A (en) * | 2012-10-23 | 2013-03-13 | 北京奇虎科技有限公司 | Pop window suppression method and system |
| CN102968590B (en) * | 2012-10-23 | 2015-08-05 | 北京奇虎科技有限公司 | Play window suppressing method and system |
| CN103034727A (en) * | 2012-12-19 | 2013-04-10 | 北京奇虎科技有限公司 | System for intercepting pop-up window in webpage |
| CN102999636A (en) * | 2012-12-19 | 2013-03-27 | 北京奇虎科技有限公司 | Method and browser for carrying out interception treatment on popup window in webpage |
| CN102999636B (en) * | 2012-12-19 | 2016-11-16 | 北京奇虎科技有限公司 | Pop-up in webpage is carried out method and the browser of intercept process |
| CN103685604B (en) * | 2013-12-20 | 2017-07-11 | 北京奇安信科技有限公司 | A kind of domain name pre-parsed method and device |
| WO2017004947A1 (en) * | 2015-07-07 | 2017-01-12 | 安一恒通(北京)科技有限公司 | Method and apparatus for preventing domain name hijacking |
| CN106953865A (en) * | 2017-03-29 | 2017-07-14 | 福建中金在线信息科技有限公司 | A kind of method and apparatus for preventing that Internet advertising from being shielded |
| CN106953865B (en) * | 2017-03-29 | 2020-09-25 | 福建中金在线信息科技有限公司 | Method and device for preventing internet advertisement from being shielded |
| CN107360187A (en) * | 2017-08-21 | 2017-11-17 | 网宿科技股份有限公司 | A kind of processing method of network abduction, apparatus and system |
| CN108881146A (en) * | 2017-12-28 | 2018-11-23 | 北京安天网络安全技术有限公司 | Recognition methods, device, electronic equipment and the storage medium that domain name system is kidnapped |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102271168A (en) | Method of shielding and hijacking internet popup window by modifying approach of DNS (domain name system) replying IP (internet protocol) | |
| US10212175B2 (en) | Attracting and analyzing spam postings | |
| CN102882991B (en) | A kind of browser and carry out the method for domain name mapping | |
| US10498847B2 (en) | System and method for mobile application deep linking | |
| CN103150513B (en) | The method of the implantation information in interception application program and device | |
| CN102932356B (en) | Malice network address hold-up interception method and device in multi-core browser | |
| CN102930211A (en) | Method for intercepting malicious URLs in multi-kernel browser and multi-kernel browser | |
| CN110119469A (en) | A kind of data collection and transmission and method towards darknet | |
| CN102843445A (en) | Browser and domain name resolution method thereof | |
| CN102647482A (en) | Method and system for accessing website | |
| CN102957694A (en) | Method and device for judging phishing websites | |
| CN1537377A (en) | System and method for preventing automatic research program intrusion weeb site | |
| CN103389983A (en) | Webpage content grabbing method and device applied to network crawler system | |
| CN102932352A (en) | Method and server for communicating with client | |
| CN102917059A (en) | Client end and method for downloading application | |
| CN102882993A (en) | Computing device and downloading method thereof | |
| CN106453216A (en) | Malicious website interception method, malicious website interception device and client | |
| CN102890724A (en) | Webpage loading method and device | |
| CN102904765B (en) | The method and apparatus that data report | |
| CN102938766B (en) | Maliciously website prompt method and device | |
| CN104980446A (en) | Detection method and system for malicious behavior | |
| US20130179791A1 (en) | System and method for real-time data in a graphical user interface | |
| CN110266661A (en) | A kind of authorization method, device and equipment | |
| CN102957693A (en) | Method and device for judging phishing websites | |
| CN103577427A (en) | Browser kernel based web page crawling method and device and browser containing device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| DD01 | Delivery of document by public notice |
Addressee: Wu Xingli Document name: the First Notification of an Office Action |
|
| DD01 | Delivery of document by public notice |
Addressee: Wu Xingli Document name: Notification that Application Deemed to be Withdrawn |
|
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20111207 |