CN109981344A - Scan method, device and network forwarding equipment - Google Patents

Scan method, device and network forwarding equipment Download PDF

Info

Publication number
CN109981344A
CN109981344A CN201910124318.3A CN201910124318A CN109981344A CN 109981344 A CN109981344 A CN 109981344A CN 201910124318 A CN201910124318 A CN 201910124318A CN 109981344 A CN109981344 A CN 109981344A
Authority
CN
China
Prior art keywords
address
equipment
target terminal
scanning
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910124318.3A
Other languages
Chinese (zh)
Other versions
CN109981344B (en
Inventor
代庆瑜
漆昱
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
New H3C Technologies Co Ltd
Original Assignee
New H3C Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by New H3C Technologies Co Ltd filed Critical New H3C Technologies Co Ltd
Priority to CN201910124318.3A priority Critical patent/CN109981344B/en
Publication of CN109981344A publication Critical patent/CN109981344A/en
Application granted granted Critical
Publication of CN109981344B publication Critical patent/CN109981344B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/085Retrieval of network configuration; Tracking network configuration history
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/10Active monitoring, e.g. heartbeat, ping or trace-route
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/12Network monitoring probes

Abstract

Present disclose provides a kind of scan method, device and network forwarding equipments, are related to field of communication technology, and this method is applied to network forwarding equipment, this method comprises: obtaining IP address to be scanned;Determine the corresponding network interface of IP address to be scanned;Probe messages are sent to target terminal equipment belonging to IP address to be scanned by determining network interface;Receive the response message that target terminal equipment is fed back based on probe messages;Message determines the scanning result of target terminal equipment according to response.The disclosure can not only save Internet resources, can also preferable improving sweep efficiency.

Description

Scan method, device and network forwarding equipment
Technical field
This disclosure relates to field of communication technology, more particularly, to a kind of scan method, device and network forwarding equipment.
Background technique
The network forwarding equipments such as interchanger, router are usually mounted at least one terminal device, terminal device packet Include but be not limited to PC (personal computer, personal computer) end, camera, storage equipment, AP (Access Point, Wireless access point), mobile terminal etc..In practical applications, it might have illegality equipment carry to network forwarding equipment.In order to protect Hinder internet security, most network forwarding equipment can external scanning device, the scanning device can by be equipped with scanner (one kind Scanner program) the end PC realize.Scanning device can be scanned carry in the terminal device of network forwarding equipment, be wrapped Scanning result containing terminal device information, so as to find illegality equipment.
For ease of understanding, reference can be made to a kind of network connection schematic diagram shown in FIG. 1, illustrates server, scanning device, net The connection relationship of network forwarding device and terminal device;Wherein, scanning device can be under the control of server, to carry to network The terminal device of forwarding device executes scan operation.And current scanning device is usually PC machine, and scanning device is to terminal Equipment is both needed to carry out information exchange with network forwarding equipment during being scanned, and on the one hand occupies Internet resources, another party Face information exchanging process expends the time, and scan efficiency is lower.
Disclosure
It, not only can be in view of this, the disclosure is designed to provide a kind of scan method, device and network forwarding equipment Internet resources are saved, it can also preferable improving sweep efficiency.
To achieve the goals above, the embodiment of the present disclosure the technical solution adopted is as follows:
In a first aspect, the embodiment of the present disclosure provides a kind of scan method, this method is applied to network forwarding equipment, the party Method includes: to obtain IP address to be scanned;Determine the corresponding network interface of IP address to be scanned;Pass through determining network interface Probe messages are sent to target terminal equipment belonging to IP address to be scanned;It is anti-based on probe messages to receive target terminal equipment The response message of feedback;Message determines the scanning result of target terminal equipment according to response.
Second aspect, the embodiment of the present disclosure also provide a kind of scanning means, which is applied to network forwarding equipment, network Forwarding device is connected with one or more terminal devices;The device includes: address acquisition module, for obtaining IP to be scanned Location;Interface determining module, for determining the corresponding network interface of IP address to be scanned;Message sending module, for by true Fixed network interface sends probe messages to target terminal equipment belonging to IP address to be scanned;Message receiving module, is used for Receive the response message that target terminal equipment is fed back based on probe messages;As a result determining module is determined for message according to response The scanning result of target terminal equipment.
The third aspect, the embodiment of the present disclosure provide a kind of network forwarding equipment, including processor and machine readable storage Medium, machine readable storage medium are stored with the machine-executable instruction that can be executed by processor, and processor executes machine can Execute instruction the method to realize first aspect.
Fourth aspect, the embodiment of the present disclosure provide a kind of machine readable storage medium, machine readable storage medium storage There is machine-executable instruction, when being called and being executed by processor, machine-executable instruction promotes to handle machine-executable instruction The method of device realization first aspect.
The embodiment of the present disclosure provides a kind of scan method, device and network forwarding equipment, network forwarding equipment and can obtain IP address to be scanned is taken, and sends probe messages to target terminal equipment belonging to IP address to be scanned, according to target end The response message that end equipment is fed back based on the probe messages determines scanning result.This mode is set without special setting scanning Standby, network forwarding equipment itself can execute scan operation to the terminal device of its carry, can not only save Internet resources, It can preferable improving sweep efficiency.
Other feature and advantage of the embodiment of the present disclosure will illustrate in the following description, alternatively, Partial Feature and excellent Point can deduce from specification or unambiguously determine, or the above-mentioned technology by implementing the embodiment of the present disclosure can obtain Know.
To enable the above objects, features, and advantages of the disclosure to be clearer and more comprehensible, preferred embodiment is cited below particularly, and cooperate Appended attached drawing, is described in detail below.
Detailed description of the invention
It, below will be to specific in order to illustrate more clearly of disclosure specific embodiment or technical solution in the prior art Embodiment or attached drawing needed to be used in the description of the prior art be briefly described, it should be apparent that, it is described below Attached drawing is some embodiments of the disclosure, for those of ordinary skill in the art, before not making the creative labor It puts, is also possible to obtain other drawings based on these drawings.
Fig. 1 shows a kind of network connection schematic diagram of background technique offer;
Fig. 2 shows a kind of scan method flow charts provided by the embodiment of the present disclosure;
Fig. 3 shows the network connection schematic diagram of another kind provided by the embodiment of the present disclosure;
Fig. 4 shows a kind of specific scanning process schematic diagram provided by the embodiment of the present disclosure;
Fig. 5 shows a kind of structural block diagram of scanning means provided by the embodiment of the present disclosure;
Fig. 6 shows the structural block diagram of another kind scanning means provided by the embodiment of the present disclosure;
Fig. 7 shows a kind of structural schematic diagram of network forwarding equipment provided by the embodiment of the present disclosure.
Specific embodiment
To keep the purposes, technical schemes and advantages of the embodiment of the present disclosure clearer, below in conjunction with attached drawing to the disclosure Technical solution be clearly and completely described, it is clear that described embodiment is disclosure a part of the embodiment, rather than Whole embodiments.Based on the embodiment in the disclosure, those of ordinary skill in the art are not making creative work premise Under every other embodiment obtained, belong to the disclosure protection range.
The multiple networks such as video surveillance network, company Intranet system all has higher requirement to safety, usually Scanning device can be specially disposed, and the switch/router for being usually mounted with multiple terminal equipment is enabled to connect with scanning device, is borrowed The information for helping scanning device to obtain the terminal device of carry avoids drawing to search the equipment of illegal carry and take corresponding measure It gives vent to dew information, meet with the security risks such as attack.
Need the network architecture that terminal device is scanned mostly as shown in Figure 1, not only need ancillary cost at This deployment scanning device, and need to occupy more Internet resources in scanning process and carry out information exchange, scan efficiency also compared with It is low.Based on this, present embodiment considers to change existing scanning mode, and core concept is directly to hold using network forwarding equipment Row scan operation not only executes scan operation without additional setting PC machine, has saved network cost, and can save scanning and set The standby information interactive process between network forwarding equipment also improves scan efficiency while saving Internet resources, right below The embodiment of the present disclosure describes in detail.
A kind of scan method flow chart shown in Figure 2, this method are applied to network forwarding equipment, which sets Standby may include switch or router etc., and network forwarding equipment is connected with one or more terminal devices, is referred to as follows Step S202~S210:
Step S202 obtains IP address to be scanned.
IP (Internet Protocol, Internet protocol) address be it is each access network equipment all have it is unique Logical address, can be and be made of 32 binary numbers.Typically, the IP address of different equipment is different, and network is logical Equipment positioning can be realized in letter based on IP address.
IP address to be scanned can be one or more.In practical applications, network forwarding equipment can pass through service Device obtains IP address to be scanned, locally can also be previously stored with IP address to be scanned, can also pass through server/sheet Ground obtains a certain number of IP address or IP sections, and therefrom identification selects IP address to be scanned, IP address to be scanned There are many acquisition modes, is not limited herein.In addition, network forwarding equipment can periodically acquire IP address to be scanned, IP address to be scanned can also be obtained at the time point of user preset, obtained in the scan instruction for receiving user to be scanned IP address, or simply wait for receive server issue IP address to be scanned.
Step S204 determines the corresponding network interface of IP address to be scanned.
Multiple network interfaces would generally be provided on network forwarding equipment, each network interface is with can corresponding to an IP Location, naturally it is also possible to which corresponding multiple IP address, 1 is primary ip address, remaining is secondary IP address.Network forwarding equipment can be remembered in advance Record has the corresponding relationship of network interface and IP address, is based on corresponding relationship, that is, can determine the corresponding network of IP address to be scanned Interface.
Step S206 is sent to target terminal equipment belonging to IP address to be scanned by determining network interface and is detected Message.
It is understood that the equipment of each access network is assigned an IP address, it just can be based on IP address in net Communication is realized in network.Network forwarding equipment can send message to target terminal equipment belonging to IP address based on IP agreement.? In practical application, probe messages can be realized using TCP message or UDP message etc..
Step S208 receives the response message that target terminal equipment is fed back based on probe messages.
Typically, terminal device can be directed to probe messages after the probe messages for receiving network forwarding equipment transmission Response message is generated, and response message is returned into network forwarding equipment.Different types of terminal device is reported for same detection The response message of text feedback is different, may be embodied in filling content, filling format of specific field in message etc., for example, taking the photograph It, may be for the Format Type of the response message of same probe messages feedback as head and AP both different types of terminal devices It is different.
Step S210, message determines the scanning result of target terminal equipment according to response.
Scanning result may include the type of target terminal equipment, target terminal equipment belonging to IP address to be scanned The information such as OS Type, operating system version.The terminal device of distinct device type, with different type/version behaviour The terminal device for making system is different for the response message of probe messages feedback, and network forwarding equipment can message be according to response Existing signature analysis judges the relevant information of target terminal equipment, obtains scanning result.
In some embodiments, network forwarding equipment can parse response message, get response packet in feature letter Breath, characteristic information includes content characteristic and/or format character;Then the feature of message according to response generates target terminal equipment Scanning result.It include the information of target terminal equipment in scanning result;The information of target terminal equipment include device type, One of OS Type, operating system version, MAC Address are a variety of.The scanning result of generation helps to identify extension The illegal terminal equipment being loaded on network forwarding equipment, and corresponding treatment measures are taken in time to illegal terminal equipment;Such as, Determine illegal terminal equipment by information such as device type, MAC Address in scanning result, network forwarding equipment and it is illegal eventually End equipment disconnects, or the access authority etc. of limitation illegal terminal equipment.In addition, scanning result also sets for forwarded Standby administrator checks, so that administrator understands the information of terminal device of the carry on network forwarding equipment, such as understands eventually The information such as type, the OS Type/version of end equipment.
The above-mentioned scan method that the embodiment of the present disclosure provides, network forwarding equipment can obtain IP address to be scanned, and Probe messages are sent to target terminal equipment belonging to IP address to be scanned, are reported according to target terminal equipment based on the detection The response message of text feedback determines scanning result.Scanning device is arranged without special in this mode, and network forwarding equipment itself is Scan operation can be executed to the terminal device of its carry, can not only save Internet resources, it can also preferable improving sweep efficiency.
In practical applications, network forwarding equipment obtains the step of IP address to be scanned, if may include: to reach to sweep Entry condition is retouched, IP address to be scanned is obtained.Wherein, sweep start condition includes one of the following conditions or a variety of:
Condition 1, network forwarding equipment starting.Under this condition, once network forwarding equipment starts, that is, start to obtain wait sweep The IP address retouched executes scan operation.
Condition 2 receives sweep start instruction.Under this condition, it only issues receiving the users such as administrator Sweep start instruction when, just start to obtain IP address to be scanned, execute scan operation.
Condition 3 reaches the preset sweep start time.Under this condition, only reach the preset sweep start time Start to obtain IP address to be scanned, executes scan operation.The sweep start time can preset, and such as be set as every the sky Noon 10:00,16:00 in afternoon and evening 20:00.It is of course also possible to which the sweep start time is periodically arranged, such as it is arranged every 24 Minute run-down.The sweep start time can flexible setting according to demand, be not limited herein.
When obtaining IP address to be scanned, it is referred to following (1)~(3) and executes:
(1) scanning strategy is obtained.It wherein, include specified IP address in scanning strategy;Alternatively, scanning strategy includes IP Network segment and the rule that specified IP address is parsed from IP network section.Specified IP address is to have the IP address of scanning demand. In some embodiments, resolution rules may include the mode that specified IP address is parsed from IP network section, such as by IP network All IP address in section extract IP address according to certain intervals from IP network section, will take out all as specified IP address, and such as The IP address taken is as specified IP address;Again such as, the host address in IP network section is determined as specified IP address etc..Another In a little embodiments, resolution rules may include the feature of specified IP address, such as number including specifying the specified digit of IP address Word range etc..Resolution rules can flexible setting according to demand, be not limited herein.
In addition, can also include sweep start condition in scanning strategy, when such as including the scanning of specified IP address Between etc..
It is understood that in specified IP address, there may be not online IP address, it can be understood as, not online IP The network interface of the corresponding network forwarding equipment in address does not connect with the communication of target terminal equipment belonging to the IP address.In order to mention Rise scan efficiency, can not to not online IP address execute scan operation, specifically, can be by (2) the step of, to online Terminal device be scanned operation.
(2) parsing scanning strategy obtains specified IP address, judges whether specified IP address is recorded in the forwarding being locally stored In list item.
If directly parsing scanning strategy directly comprising the specified IP address with scanning demand in scanning strategy, from In extract the specified IP address of scanning demand.If in scanning strategy including specified IP network section and from IP network section In parse the rule of specified IP address, then the rule-based screening from IP network section has the specified IP address of scanning demand.
If network forwarding equipment is router, forwarding-table item is routing table;If network forwarding equipment is interchanger, Then forwarding-table item is forwarding table.By judging whether specified IP address is recorded in the forwarding-table item being locally stored, it can be determined that Specify whether target terminal equipment belonging to IP address is connected with network forwarding equipment out.It is understood that if terminal is set Standby A is connected with network forwarding equipment by network interface a, and network forwarding equipment is executing such as data turn by network interface a When the operation such as hair, the relevant information that can be recorded in forwarding-table item about operations such as data forwardings e.g. records terminal device A Corresponding IP address.Therefore, by the IP address information recorded in forwarding-table item, you can learn that whether specified IP address is online.
(3) if being recorded in the forwarding-table item being locally stored, the specified IP address being recorded in forwarding-table item is determined For IP address to be scanned.It is understood that the specified IP address for being not recorded in forwarding-table item is considered as not online address, That is, the target terminal equipment belonging to it is not connected with network forwarding equipment, then without being carried out to the target terminal equipment belonging to it Scanning, in this way, can effectively promote sweep speed.
This gives following three kinds of exemplary approach for obtaining scanning strategy:
Mode one: scanning strategy is obtained by the server that network forwarding equipment connects.
In this approach, network forwarding equipment is connected with server, and administrator can configure scanning strategy on the server, The corresponding scanning strategy of one network forwarding equipment;Scanning strategy may include the IP address of network forwarding equipment, need net The specified IP address etc. of network forwarding device scanning.In a kind of specific embodiment, network forwarding equipment can be according to default The server that is connected to network forwarding equipment of time cycle send scan request message and (be referred to as scanning strategy request report Text);Then the back message that server is directed to scan request message feedback is received;Scanning plan is extracted from back message later Slightly.Assuming that network forwarding equipment B sends scan request message to server, server can be based on the scanning plan of administrator configurations Slightly, it in the scanning specified time of the network forwarding equipment B of administrator's setting or in the scan instruction for receiving administrator, gives Network forwarding equipment B feedback includes the back message of scanning strategy, executes scanning behaviour in other network forwarding equipment B that do not need At the time of work, server does not include scanning strategy (scanning strategy is sky) to the back message that network forwarding equipment B is fed back, or Include the command information without scanning.
Mode two: scanning strategy is received by preset user input mouth.
In this approach, administrator can directly be configured to network forwarding equipment by preset user input mouth and be scanned Strategy.
Mode three: pre-stored scanning strategy is transferred from designated storage area.
In this approach, scanning strategy can be stored in designated storage area by the network switching equipment, when needing to scan, directly It connects and transfers scanning strategy from designated storage area.
After determining scanning result, the present embodiment can also carry out following steps: according to the scanning of IP address to be scanned As a result, judging whether target terminal equipment meets one of the following conditions: the MAC Address of target terminal equipment and preset legal Information mismatch, the device type equipment corresponding with stored IP address to be scanned of target terminal equipment of MAC Address Type is different;
If meeting any of the above-described condition, it is determined that target terminal equipment is illegality equipment.In practical applications, network is handed over Exchange device oneself according to scanning result can judge whether target terminal equipment is legal, and scanning result can also be uploaded to service Device judges whether target terminal equipment is legal by server.
It is above-mentioned to judge that the whether qualified mode of target terminal equipment is alternatively referred to as violation determination strategy, it specifically can be by Administrator configures.Violation determination strategy can be allocated to server by administrator, and the network switching equipment is judging target end When whether end equipment is illegality equipment, scanning result can be uploaded to server, by server according to preconfigured violation Strategy and the scanning result that receives, judge target terminal equipment whether in violation of rules and regulations (namely, if it is legal), and receive under server The violation judging result of hair.
Certainly, violation determination strategy can also be allocated to the network switching equipment by administrator, and the network switching equipment is according to certainly In violation of rules and regulations whether the violation determination strategy of body configuration judge target terminal equipment.For ease of understanding, the present embodiment is proposed below Violation determination strategy is explained as follows:
Each terminal device itself has unique MAC Address, and MAC Address can be described as hardware address, physical address again Or link address.MAC Address can be understood as the identification identifier of terminal device, mainly be indicated using hexadecimal number, length Usually 48 bits (6 byte), the meaning of isotopic number characterization is not different, and defers to certain syntactic rule.Such as, first 24 are Organization unique identifier, to distinguish different manufacturers;24 are extended identifier afterwards, can be producer oneself distribution.If Terminal device connects with network forwarding equipment, and network forwarding equipment can get terminal device in end of scan equipment MAC Address can in specific when whether the matching with the information of preset legal MAC Address of MAC Address for determining target terminal To verify whether MAC Address matches according to regular expressions.Regular expression can be described as regular expression method or conventional representation again, It is the logical formula operated to character string, predefined character and character combination formation rule character string can be used. When using regular expression verifying MAC Address, MAC Address to be verified can be used to match the rule that regular expression is embodied Then character string.It is understood that the appearance form and regular expression matching of legal MAC Address, and the MAC of illegality equipment It is to forge that address, which may be because, and the MAC Address of forgery is usually mismatched with regular expression.
The network switching equipment can be previously stored with the corresponding device type of IP address to be scanned, in a kind of embodiment In, the device type of storage is legal device type, and such as, the corresponding legitimate network equipment of explicit ip address 1 is PC machine, and PC machine is connected with the network interface 1 of the network switching equipment, determines that target terminal equipment belonging to IP address 1 is to take the photograph if scanned As head, then illustrate that the target terminal equipment is illegal.The reason of such phenomenon occur may be that PC machine is illegally replaced with camera shooting Head;Alternatively, camera additionally accesses network, and the IP address of camera is forged into IP address 1.
In another embodiment, the device type of storage is forwarded after receiving managed network forwarding device for the first time The corresponding device type of the IP address that equipment scans, such as, the corresponding device type of IP address 1 that first scan obtains is Equipment is stored, the corresponding device type of IP address 1 that present scan obtains is the end AP, then illustrates that terminal belonging to IP address 1 is set It is standby to be replaced, alternatively, access has the illegality equipment for forging IP address 1 in network.
In order to further enhance internet security, method provided in this embodiment further include: if target terminal equipment is Illegality equipment, network forwarding equipment can be cut off between the corresponding network interface of IP address to be scanned and target terminal equipment Communication;Such as, network interface can be directly closed, network interface is no longer received and sent messages.
Alternatively, network forwarding equipment can limit IP address pair to be scanned if target terminal equipment is illegality equipment The access authority for the network interface answered.When it is implemented, the IP network section that network interface can communicate can be limited, pass through the side of filtering Formula only allows network interface transmitting-receiving to have the IP address of access authority or the data of IP network section, and will be without the IP of access authority Data in address or IP network section abandon.In this way, it is possible to prevente effectively from illegality equipment threatens network security.
In practical applications, different treatment measures can be taken according to the type of illegality equipment.Such as, if illegally set Standby is camera, then can directly cut off the communication between the network interface and camera of camera access;If illegality equipment For AP, the access authority of the network interface of AP access can be limited.In addition it is also possible to which the violation mode according to illegality equipment is taken Different treatment measures.Such as, it is unsatisfactory for the illegality equipment of regular expression for MAC Address, directly cuts off the equipment and net The communication of network interface forbids the equipment to access network.For device type with stored device type is incongruent illegally sets It is standby, the network access authority of the equipment can be limited.
For ease of understanding, the present embodiment provides a kind of specific embodiment of network switching equipment execution scan method, such as Fig. 3 Shown in another kind be connected to the network schematic diagram, the difference with Fig. 2 be the network switching equipment no longer need to by scanning device and clothes Business device connects, and the network switching equipment in Fig. 3 directly can execute scanning to the terminal device of carry under the control of server Operation.
A kind of specific scanning process schematic diagram shown in Figure 4, illustrates server, the network switching equipment, carry Interaction flow between the terminal device on the network switching equipment specifically can refer to following steps execution:
Step S402: the network switching equipment opens scanning function.
In the specific implementation, it can be the network switching equipment and automatically turn on scanning function on startup, be also possible to receive To administrator scanning function enabled instruction, reach administrator's preset scanning opening time when be then turned on scanning function.
Step S404: the network switching equipment reads pre-stored configuration file, to obtain IP address and the port of server Information.
Administrator can first pass through in advance Command Line Interface input and the IP address of the associated server of the network switching equipment and The IP address of server and port information are stored in configuration file by port information, the network switching equipment.
Step S406: it is logical to establish network with server for IP address and port information of the network switching equipment based on server Letter.
Step S408: server receives the scan instruction that administrator issues.
In the present embodiment, administrator can control the network switching equipment by server and execute scan operation, and administrator can To configure scanning strategy on the server, scan operation is executed so that server is based on the scanning strategy control network switching equipment. Scanning strategy includes that information (such as, the title and IP address of the network switching equipment), the network exchange of the network switching equipment are set Standby scanning demand information, scanning demand information can wrap containing specified IP address;The specified IP address has scanning demand IP address;Alternatively, scanning demand information may include IP network section and parse the rule of specified IP address from IP network section Deng.
Step S410: the network switching equipment to server regularly sends scanning strategy request message, and (namely aforementioned scanning is asked Seek message).The information such as title, the IP address of the network switching equipment can be carried in scanning strategy request message.
Step S412: server feeds back back message to the network switching equipment for scanning strategy request message.If needed Will the network switching equipment execute scan operation, then include scanning strategy in back message.If you do not need to the network exchange Equipment execute scan operation, then the scanning strategy in back message be sky, or in the specific field of back message label have Mark without scanning.
Step S414: after the network switching equipment gets scanning strategy, parsing scanning strategy obtains specified IP address.
Step S416: the network switching equipment searches whether specified IP address is located in forwarding-table item one by one, will be located at forwarding Specified IP address in list item is determined as online IP address.
Step S418: the network switching equipment is by the online corresponding network interface of IP address to end belonging to the IP address End equipment sends probe messages, that is, the network switching equipment executes scan operation to online IP address.
Step S420: terminal device receives probe messages, and generates response message for probe messages.
Step S422: response message is reported to network by the online corresponding network interface of IP address and handed over by terminal device Exchange device.
Step S424: the feature of network switching equipment message according to response determines the information of terminal device, obtains scanning knot Fruit.Wherein, scanning result can wrap containing terminal belonging to each IP address, the presence of each IP address, online IP address The information such as device type, OS Type, operating system version, the MAC Address of equipment.
Step S426: scanning result is reported to server by the network switching equipment.
Step S428: server generates at offending device according to scanning result and preconfigured violation determination strategy Manage message.It wherein, include the processing mode of offending device list and offending device in offending device processing message.Offending device Namely aforementioned ineligible illegality equipment.
Step S430: offending device processing message is handed down to the network switching equipment by server.
Step S432: the network switching equipment is handled offending device according to offending device processing message.Such as, it closes The network interface being connect with offending device, or the access authority of limitation network interface;When it is implemented, can set has The IP address or IP network section of access authority abandon the data of other IP address without access authority.
It should be understood that Fig. 4 only illustrates a kind of network switching equipment executes scanning behaviour under the control of server The implementation example of work, in practical applications, the network switching equipment can also directly receive the scanning strategy of administrator configurations and disobey Rule determination strategy or itself storage scanning strategy and violation determination strategy, the network switching equipment can be directly based upon scanning plan Scan operation slightly is executed to terminal device, and offending device is found out based on violation determination strategy, and take accordingly offending device Measure.
In conclusion scan method provided in this embodiment, can directly execute terminal device by the network switching equipment Scan operation no longer needs to additionally install scanning device, on the basis of saving hardware cost, also saves the network switching equipment and sweeps It retouches the occupied Internet resources of communication between devices and time, and then can effective improving sweep efficiency.
Corresponding to the scan method that the embodiment of the present disclosure provides, the present embodiment additionally provides a kind of scanning means, the device Applied to network forwarding equipment, as shown in figure 5, the device includes following module:
Address acquisition module 502, for obtaining IP address to be scanned;
Interface determining module 504, for determining the corresponding network interface of IP address to be scanned;
Message sending module 506, for passing through determining network interface to target terminal belonging to IP address to be scanned Equipment sends probe messages;
Message receiving module 508, the response message fed back for receiving target terminal equipment based on probe messages;
As a result determining module 510 determine the scanning result of target terminal equipment for message according to response.
Scanning means provided in this embodiment directly can execute scan operation to terminal device by the network switching equipment, No longer need to additionally install scanning device, on the basis of saving hardware cost, also save the network switching equipment and scanning device it Between communicate occupied Internet resources and time, and then can effective improving sweep efficiency.
In some embodiments, address above mentioned obtains module and is used for:
Obtain scanning strategy;It wherein, include specified IP address in scanning strategy;Alternatively, scanning strategy includes IP network Section and the rule that specified IP address is parsed from IP network section;
Parsing scanning strategy obtains specified IP address, judges whether specified IP address is recorded in the forwarding-table item being locally stored In;
If being recorded in the forwarding-table item being locally stored, by the specified IP address being recorded in forwarding-table item be determined as to The IP address of scanning.
Address above mentioned obtains module and is further used for turning to network according to the preset time cycle when obtaining scanning strategy The server for sending out equipment connection sends scan request message;Receive the back message that server is directed to scan request message feedback; Scanning strategy is extracted from back message.
In some embodiments, the above results determining module is used for:
Characteristic information in resolution response message;Characteristic information includes content characteristic and/or format character;
The characteristic information of message according to response generates the scanning result of target terminal equipment;Scanning result includes equipment class One of type, OS Type, operating system version, MAC Address are a variety of.Another scanning dress shown in Figure 6 The structural block diagram set, on the basis of Fig. 5, the device further include:
Judgment module 602, for the scanning result according to target terminal equipment, judge target terminal equipment whether meet with One of lower condition: the information of the MAC Address of target terminal equipment and preset legal MAC Address mismatch, target terminal are set Standby device type device type corresponding from stored IP address to be scanned is different;
Illegality equipment determining module 604 is when being, to determine that target terminal equipment is for the judging result in judgment module Illegality equipment.
Further, also illustrate that above-mentioned apparatus can also include processing module 606 in Fig. 6, if set for target terminal Standby is illegality equipment, cuts off the communication between the corresponding network interface of IP address to be scanned and target terminal equipment;Alternatively, limit Make the access authority of the corresponding network interface of IP address to be scanned.
The technical effect of device provided by the present embodiment, realization principle and generation is identical with previous embodiment, for letter It describes, Installation practice part does not refer to place, can refer to corresponding contents in preceding method embodiment.
The disclosure embodiment further provides a kind of network forwarding equipment, including processor and machine readable storage medium, Machine readable storage medium is stored with the machine-executable instruction that can be executed by processor, and processor executes the executable finger of machine It enables to realize aforementioned scan method.
A kind of structural schematic diagram of network forwarding equipment shown in Figure 7, the network forwarding equipment include: processor 70, memory 71, bus 72 and communication interface 73, the processor 70, communication interface 73 and memory 71 are connected by bus 72 It connects;Processor 70 is for executing the executable module stored in memory 71, such as computer program.
Wherein, memory 71 may include high-speed random access memory (RAM, Random Access Memory), It may further include non-labile memory (non-volatile memory), for example, at least a magnetic disk storage.By extremely A few communication interface 73 (can be wired or wireless) is realized logical between the system network element and at least one other network element Letter connection, can be used internet, wide area network, local network, Metropolitan Area Network (MAN) etc..
Bus 72 can be isa bus, pci bus or eisa bus etc..The bus can be divided into address bus, data Bus, control bus etc..Only to be indicated with a four-headed arrow convenient for indicating, in Fig. 7, it is not intended that an only bus or A type of bus.
Wherein, memory 71 is for storing program, and the processor 70 executes the journey after receiving and executing instruction Sequence, method performed by the device that the stream process that aforementioned the application any embodiment discloses defines can be applied to processor 70 In, or realized by processor 70.
Processor 70 may be a kind of IC chip, the processing capacity with signal.During realization, above-mentioned side Each step of method can be completed by the integrated logic circuit of the hardware in processor 70 or the instruction of software form.Above-mentioned Processor 70 can be general processor, including central processing unit (Central Processing Unit, abbreviation CPU), network Processor (Network Processor, abbreviation NP) etc.;It can also be digital signal processor (Digital Signal Processor, abbreviation DSP), specific integrated circuit (Application Specific Integrated Circuit, referred to as ASIC), field programmable gate array (Field-Programmable Gate Array, abbreviation FPGA) or other are programmable Logical device, discrete gate or transistor logic, discrete hardware components.It may be implemented or execute the disclosure in the application Each method, step and logic diagram.General processor can be microprocessor or the processor is also possible to any routine Processor etc..It can be embodied directly in hardware decoding processor in conjunction with the step of method disclosed in the present application and execute completion, Or in decoding processor hardware and software module combination execute completion.Software module can be located at random access memory, dodge It deposits, read-only memory, this fields such as programmable read only memory or electrically erasable programmable memory, register are mature to deposit In storage media.The storage medium is located at memory 71, and processor 70 reads the information in memory 71, completes in conjunction with its hardware The step of stating method.
For the disclosure embodiment further provides a kind of machine readable storage medium, machine readable storage medium storage is organic Device executable instruction, for machine-executable instruction when being called and being executed by processor, machine-executable instruction promotes processor real The above-mentioned scan method that the existing embodiment of the present disclosure provides.
In open provided several embodiments, it should be understood that disclosed device and method can also pass through Other modes are realized.Device embodiments described above are only schematical, for example, flow chart and frame in attached drawing Figure shows the system frame in the cards of the device of multiple embodiments according to the disclosure, method and computer program product Structure, function and operation.In this regard, each box in flowchart or block diagram can represent a module, section or code A part, a part of the module, section or code includes one or more for implementing the specified logical function Executable instruction.It should also be noted that function marked in the box can also be with not in some implementations as replacement It is same as the sequence marked in attached drawing generation.For example, two continuous boxes can actually be basically executed in parallel, they have When can also execute in the opposite order, this depends on the function involved.It is also noted that in block diagram and or flow chart Each box and the box in block diagram and or flow chart combination, can function or movement as defined in executing it is dedicated Hardware based system realize, or can realize using a combination of dedicated hardware and computer instructions.
In addition, each functional module or unit in each embodiment of the disclosure, which can integrate, forms one solely together Vertical part is also possible to modules individualism, can also be integrated to form with two or more modules one it is independent Part.
It, can be with if the function is realized in the form of SFU software functional unit and when sold or used as an independent product It is stored in a computer readable storage medium.Based on this understanding, the technical solution of the disclosure is substantially in other words The part of the part that contributes to existing technology or the technical solution can be embodied in the form of software products, the meter Calculation machine software product is stored in a storage medium, including some instructions are used so that a computer equipment (can be a People's computer, server or network equipment etc.) execute all or part of step of each embodiment the method for the disclosure Suddenly.And storage medium above-mentioned includes: USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), deposits at random The various media that can store program code such as access to memory (RAM, Random Access Memory), magnetic or disk.
Finally, it should be noted that embodiment described above, the only specific embodiment of the disclosure, to illustrate this public affairs The technical solution opened, rather than its limitations, the protection scope of the disclosure are not limited thereto, although referring to aforementioned embodiments pair The disclosure is described in detail, those skilled in the art should understand that: any technology for being familiar with the art Personnel can still modify to technical solution documented by aforementioned embodiments in the technical scope that the disclosure discloses Or variation or equivalent replacement of some of the technical features can be readily occurred in;And these modifications, variation or replacement, The spirit and scope for disclosure embodiment technical solution that it does not separate the essence of the corresponding technical solution, should all cover in this public affairs Within the protection scope opened.Therefore, the protection scope of the disclosure shall be subject to the protection scope of the claim.

Claims (14)

1. a kind of scan method, which is characterized in that the method is applied to network forwarding equipment, which comprises
Obtain IP address to be scanned;
Determine the corresponding network interface of the IP address to be scanned;
Probe messages are sent to target terminal equipment belonging to the IP address to be scanned by the determining network interface;
Receive the response message that the target terminal equipment is fed back based on the probe messages;
The scanning result of the target terminal equipment is determined according to the response message.
2. the method according to claim 1, wherein the step of obtaining IP address to be scanned, comprising:
Obtain scanning strategy;It wherein, include specified IP address in the scanning strategy;Alternatively, the scanning strategy includes IP network section and the rule that specified IP address is parsed from the IP network section;
It parses the scanning strategy and obtains specified IP address, judge whether the specified IP address is recorded in the forwarding being locally stored In list item;
If being recorded in the forwarding-table item being locally stored, by the specified IP address being recorded in the forwarding-table item be determined as to The IP address of scanning.
3. according to the method described in claim 2, it is characterized in that, the step of obtaining scanning strategy, comprising:
Scan request message is sent according to the server that the preset time cycle connects to the network forwarding equipment;
Receive the back message that the server is directed to scan request message feedback;
Scanning strategy is extracted from the back message.
4. the method according to claim 1, wherein determining the target terminal equipment according to the response message Scanning result the step of, comprising:
Analyze the response to the characteristic information in message;The characteristic information includes content characteristic and/or format character;
According to the characteristic information of the response message, the scanning result of the target terminal equipment is generated;The scanning result packet Include one of device type, OS Type, operating system version, MAC Address or a variety of.
5. method according to claim 1 or 4, which is characterized in that the method also includes:
According to the scanning result of the target terminal equipment, judge whether the target terminal equipment meets one of the following conditions: The information of the MAC Address of the target terminal equipment and preset legal MAC Address mismatches, the target terminal equipment Device type device type corresponding from the stored IP address to be scanned is different;
If so, determining that the target terminal equipment is illegality equipment.
6. according to the method described in claim 5, it is characterized in that, the method also includes:
If the target terminal equipment is illegality equipment, cut off the corresponding network interface of the IP address to be scanned with it is described Communication between target terminal equipment;Alternatively, the access authority of the corresponding network interface of the limitation IP address to be scanned.
7. a kind of scanning means, which is characterized in that described device is applied to network forwarding equipment, the network forwarding equipment connection There are one or more terminal devices;Described device includes:
Address acquisition module, for obtaining IP address to be scanned;
Interface determining module, for determining the corresponding network interface of the IP address to be scanned;
Message sending module, for passing through the determining network interface to target terminal belonging to the IP address to be scanned Equipment sends probe messages;
Message receiving module, the response message fed back for receiving the target terminal equipment based on the probe messages;
As a result determining module, for determining the scanning result of the target terminal equipment according to the response message.
8. device according to claim 7, which is characterized in that the address acquisition module is used for:
Obtain scanning strategy;It wherein, include specified IP address in the scanning strategy;Alternatively, the scanning strategy includes IP network section and the rule that specified IP address is parsed from the IP network section;
It parses the scanning strategy and obtains specified IP address, judge whether the specified IP address is recorded in the forwarding being locally stored In list item;
If being recorded in the forwarding-table item being locally stored, by the specified IP address being recorded in the forwarding-table item be determined as to The IP address of scanning.
9. device according to claim 8, which is characterized in that the address acquisition module is further used for:
Scan request message is sent according to the server that the preset time cycle connects to the network forwarding equipment;
Receive the back message that the server is directed to scan request message feedback;
Scanning strategy is extracted from the back message.
10. device according to claim 7, which is characterized in that the result determining module is used for:
Analyze the response to the characteristic information in message;The characteristic information includes content characteristic and/or format character;
According to the characteristic information of the response message, the scanning result of the target terminal equipment is generated;The scanning result packet Include one of device type, OS Type, operating system version, MAC Address or a variety of.
11. the device according to claim 7 or 10, which is characterized in that described device further include:
Judgment module judges whether the target terminal equipment meets for the scanning result according to the target terminal equipment One of the following conditions: the information of the MAC Address of the target terminal equipment and preset legal MAC Address mismatches, is described The device type of target terminal equipment device type corresponding from the stored IP address to be scanned is different;
Illegality equipment determining module, for when the judgment result of the judgment module is yes, determining the target terminal equipment For illegality equipment.
12. device according to claim 11, which is characterized in that described device further include:
It is corresponding to cut off the IP address to be scanned if being illegality equipment for the target terminal equipment for processing module Communication between network interface and the target terminal equipment;Alternatively, the corresponding network of the limitation IP address to be scanned connects The access authority of mouth.
13. a kind of network forwarding equipment, which is characterized in that described machine readable including processor and machine readable storage medium Storage medium is stored with the machine-executable instruction that can be executed by the processor, and the processor executes the machine and can hold Row instruction is to realize method as claimed in any one of claims 1 to 6.
14. a kind of machine readable storage medium, which is characterized in that the machine readable storage medium is stored with the executable finger of machine It enables, for the machine-executable instruction when being called and being executed by processor, the machine-executable instruction promotes the processor Realize method as claimed in any one of claims 1 to 6.
CN201910124318.3A 2019-02-19 2019-02-19 Scanning method, scanning device and network forwarding equipment Active CN109981344B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910124318.3A CN109981344B (en) 2019-02-19 2019-02-19 Scanning method, scanning device and network forwarding equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910124318.3A CN109981344B (en) 2019-02-19 2019-02-19 Scanning method, scanning device and network forwarding equipment

Publications (2)

Publication Number Publication Date
CN109981344A true CN109981344A (en) 2019-07-05
CN109981344B CN109981344B (en) 2022-04-08

Family

ID=67077033

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910124318.3A Active CN109981344B (en) 2019-02-19 2019-02-19 Scanning method, scanning device and network forwarding equipment

Country Status (1)

Country Link
CN (1) CN109981344B (en)

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111490910A (en) * 2020-03-27 2020-08-04 深圳融安网络科技有限公司 Device information scanning method, terminal device and computer readable storage medium
CN111526125A (en) * 2020-03-27 2020-08-11 杭州迪普科技股份有限公司 Communication apparatus and method
CN111740883A (en) * 2020-08-11 2020-10-02 杭州海康威视数字技术股份有限公司 Connection control method, system, device and electronic equipment
CN111786947A (en) * 2020-05-18 2020-10-16 北京邮电大学 Attack graph generation method and device, electronic equipment and storage medium
CN111953667A (en) * 2020-07-29 2020-11-17 新华三大数据技术有限公司 Terminal scanning method and device
CN112003862A (en) * 2020-08-24 2020-11-27 迈普通信技术股份有限公司 Terminal safety protection method, device, system and storage medium
CN112104483A (en) * 2020-08-13 2020-12-18 国网湖北省电力有限公司咸宁供电公司 Sensing method and device for intranet invisible terminal
CN112134893A (en) * 2020-09-25 2020-12-25 杭州迪普科技股份有限公司 Internet of things safety protection method and device, electronic equipment and storage medium
CN112398966A (en) * 2020-11-12 2021-02-23 北京知道创宇信息技术股份有限公司 Mapping method, device, network equipment and readable storage medium
CN112486395A (en) * 2020-12-18 2021-03-12 珠海奔图电子有限公司 Method, device and system for displaying information of scanning equipment based on domestic operating system
CN112532658A (en) * 2021-02-08 2021-03-19 腾讯科技(深圳)有限公司 Cloud network escape event scanning method and device and computer readable storage medium
CN112565248A (en) * 2020-12-02 2021-03-26 北京知道创宇信息技术股份有限公司 Network scanning scheduling method, device and control equipment
CN113032351A (en) * 2021-03-31 2021-06-25 建信金融科技有限责任公司 Recovery method and device of network file system
CN113162830A (en) * 2021-06-15 2021-07-23 杭州海康威视数字技术股份有限公司 Internet of things intelligent terminal equipment discovery method and device and electronic equipment
CN113630780A (en) * 2021-08-11 2021-11-09 迈普通信技术股份有限公司 Method for countering illegal wireless access point
CN115242669A (en) * 2022-06-30 2022-10-25 北京华顺信安科技有限公司 Network quality monitoring method
CN116455846A (en) * 2023-06-14 2023-07-18 杭州海康威视数字技术股份有限公司 Method and device for acquiring equipment information through VLAN (virtual local area network) and electronic equipment
CN117061244A (en) * 2023-10-10 2023-11-14 杭州海康威视数字技术股份有限公司 Active scanning-based video network asset management method, device and equipment
CN117150453A (en) * 2023-11-01 2023-12-01 建信金融科技有限责任公司 Network application detection method, device, equipment, storage medium and program product

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070005738A1 (en) * 2005-06-29 2007-01-04 Microsoft Corporation Automated remote scanning of a network for managed and unmanaged devices
CN101330409A (en) * 2008-08-01 2008-12-24 杭州华三通信技术有限公司 Method and system for detecting network loophole
CN102970173A (en) * 2012-12-25 2013-03-13 迈普通信技术股份有限公司 Method and network management system for discovering illegal devices
CN103929376A (en) * 2014-04-30 2014-07-16 尹志超 Terminal admission control method based on switch port management
CN106375491A (en) * 2016-08-31 2017-02-01 浙江远望信息股份有限公司 Method, device and system for discovering network equipment
CN107094088A (en) * 2016-11-10 2017-08-25 腾讯科技(深圳)有限公司 A kind of loiter network device identification method, device and system
US20180048619A1 (en) * 2016-08-15 2018-02-15 Cisco Technology, Inc. Internet protocol (ip) network virtualization of serial network endpoints
CN108521398A (en) * 2018-02-24 2018-09-11 浙江远望通信技术有限公司 A kind of video monitoring safety cut-in method based on equipment feature recognition, white list and constraint set flow control

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070005738A1 (en) * 2005-06-29 2007-01-04 Microsoft Corporation Automated remote scanning of a network for managed and unmanaged devices
CN101330409A (en) * 2008-08-01 2008-12-24 杭州华三通信技术有限公司 Method and system for detecting network loophole
CN102970173A (en) * 2012-12-25 2013-03-13 迈普通信技术股份有限公司 Method and network management system for discovering illegal devices
CN103929376A (en) * 2014-04-30 2014-07-16 尹志超 Terminal admission control method based on switch port management
US20180048619A1 (en) * 2016-08-15 2018-02-15 Cisco Technology, Inc. Internet protocol (ip) network virtualization of serial network endpoints
CN106375491A (en) * 2016-08-31 2017-02-01 浙江远望信息股份有限公司 Method, device and system for discovering network equipment
CN107094088A (en) * 2016-11-10 2017-08-25 腾讯科技(深圳)有限公司 A kind of loiter network device identification method, device and system
CN108521398A (en) * 2018-02-24 2018-09-11 浙江远望通信技术有限公司 A kind of video monitoring safety cut-in method based on equipment feature recognition, white list and constraint set flow control

Cited By (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111526125B (en) * 2020-03-27 2022-01-18 杭州迪普科技股份有限公司 Communication apparatus and method
CN111526125A (en) * 2020-03-27 2020-08-11 杭州迪普科技股份有限公司 Communication apparatus and method
CN111490910A (en) * 2020-03-27 2020-08-04 深圳融安网络科技有限公司 Device information scanning method, terminal device and computer readable storage medium
CN111786947A (en) * 2020-05-18 2020-10-16 北京邮电大学 Attack graph generation method and device, electronic equipment and storage medium
CN111953667A (en) * 2020-07-29 2020-11-17 新华三大数据技术有限公司 Terminal scanning method and device
CN111953667B (en) * 2020-07-29 2022-05-27 新华三大数据技术有限公司 Terminal scanning method and device
CN111740883B (en) * 2020-08-11 2021-01-26 杭州海康威视数字技术股份有限公司 Connection control method, system, device and electronic equipment
EP4199444A4 (en) * 2020-08-11 2024-02-21 Hangzhou Hikvision Digital Tec Connection control method, system and apparatus, and electronic device
CN111740883A (en) * 2020-08-11 2020-10-02 杭州海康威视数字技术股份有限公司 Connection control method, system, device and electronic equipment
WO2022033381A1 (en) * 2020-08-11 2022-02-17 杭州海康威视数字技术股份有限公司 Connection control method, system and apparatus, and electronic device
CN112104483A (en) * 2020-08-13 2020-12-18 国网湖北省电力有限公司咸宁供电公司 Sensing method and device for intranet invisible terminal
CN112003862A (en) * 2020-08-24 2020-11-27 迈普通信技术股份有限公司 Terminal safety protection method, device, system and storage medium
CN112003862B (en) * 2020-08-24 2022-08-12 迈普通信技术股份有限公司 Terminal safety protection method, device, system and storage medium
CN112134893A (en) * 2020-09-25 2020-12-25 杭州迪普科技股份有限公司 Internet of things safety protection method and device, electronic equipment and storage medium
CN112134893B (en) * 2020-09-25 2023-08-29 杭州迪普科技股份有限公司 Internet of things safety protection method and device, electronic equipment and storage medium
CN112398966A (en) * 2020-11-12 2021-02-23 北京知道创宇信息技术股份有限公司 Mapping method, device, network equipment and readable storage medium
CN112398966B (en) * 2020-11-12 2023-03-24 北京知道创宇信息技术股份有限公司 Mapping method, device, network equipment and readable storage medium
CN112565248B (en) * 2020-12-02 2023-06-02 北京知道创宇信息技术股份有限公司 Network scanning scheduling method, device and control equipment
CN112565248A (en) * 2020-12-02 2021-03-26 北京知道创宇信息技术股份有限公司 Network scanning scheduling method, device and control equipment
CN112486395A (en) * 2020-12-18 2021-03-12 珠海奔图电子有限公司 Method, device and system for displaying information of scanning equipment based on domestic operating system
CN112532658B (en) * 2021-02-08 2021-05-07 腾讯科技(深圳)有限公司 Cloud network escape event scanning method and device and computer readable storage medium
CN112532658A (en) * 2021-02-08 2021-03-19 腾讯科技(深圳)有限公司 Cloud network escape event scanning method and device and computer readable storage medium
CN113032351B (en) * 2021-03-31 2023-01-13 中国建设银行股份有限公司 Recovery method and device of network file system
CN113032351A (en) * 2021-03-31 2021-06-25 建信金融科技有限责任公司 Recovery method and device of network file system
CN113162830A (en) * 2021-06-15 2021-07-23 杭州海康威视数字技术股份有限公司 Internet of things intelligent terminal equipment discovery method and device and electronic equipment
CN113630780A (en) * 2021-08-11 2021-11-09 迈普通信技术股份有限公司 Method for countering illegal wireless access point
CN113630780B (en) * 2021-08-11 2024-04-16 迈普通信技术股份有限公司 Countering method for illegal wireless access point
CN115242669A (en) * 2022-06-30 2022-10-25 北京华顺信安科技有限公司 Network quality monitoring method
CN115242669B (en) * 2022-06-30 2023-10-03 北京华顺信安科技有限公司 Network quality monitoring method
CN116455846A (en) * 2023-06-14 2023-07-18 杭州海康威视数字技术股份有限公司 Method and device for acquiring equipment information through VLAN (virtual local area network) and electronic equipment
CN116455846B (en) * 2023-06-14 2023-11-14 杭州海康威视数字技术股份有限公司 Method and device for acquiring equipment information through VLAN (virtual local area network) and electronic equipment
CN117061244A (en) * 2023-10-10 2023-11-14 杭州海康威视数字技术股份有限公司 Active scanning-based video network asset management method, device and equipment
CN117061244B (en) * 2023-10-10 2024-01-30 杭州海康威视数字技术股份有限公司 Active scanning-based video network asset management method, device and equipment
CN117150453A (en) * 2023-11-01 2023-12-01 建信金融科技有限责任公司 Network application detection method, device, equipment, storage medium and program product
CN117150453B (en) * 2023-11-01 2024-02-02 建信金融科技有限责任公司 Network application detection method, device, equipment, storage medium and program product

Also Published As

Publication number Publication date
CN109981344B (en) 2022-04-08

Similar Documents

Publication Publication Date Title
CN109981344A (en) Scan method, device and network forwarding equipment
Sivanathan et al. Can we classify an iot device using tcp port scan?
KR101010302B1 (en) Security management system and method of irc and http botnet
CN101352018B (en) Method and system for network protection
US6415321B1 (en) Domain mapping method and system
CN105262738B (en) A kind of method of router and its preventing ARP aggression
CN102082690B (en) Passive finding equipment and method of network topology
CN100550739C (en) A kind of method, system and routing device of initiating authentication request for user terminal
CN103916490B (en) DNS tamper-proof method and device
CN114884738A (en) Method and device for identifying encrypted data stream
CN101917434B (en) Method for verifying intra-domain Internet protocol (IP) source address
CN103609089B (en) A kind of preventing is attached to the method and device of Denial of Service attack on the main frame of subnet
CN100499672C (en) Method for distributing service based on terminal physical position
Barrera et al. IDIoT: Securing the Internet of Things like it's 1994
CN101635730A (en) Method and system for safe management of internal network information of small and medium-sized enterprises
KR101223931B1 (en) Method for real-time detecting anomalies using dns packet
CN106817353A (en) For MAC collections and the wireless aps and method of network security audit
CN101854275A (en) Method and device for detecting Trojans by analyzing network behaviors
CN105611534A (en) Method and device for recognizing pseudo WiFi network by wireless terminal
CN104270325A (en) System and method of implementing limitation of public network access user number based on Linux for CPE (Customer Premise Equipment)
CN108616521A (en) Method for network access, device, equipment and readable storage medium storing program for executing
CN107864062A (en) A kind of container firewall system dispositions method
CN105049546B (en) A kind of Dynamic Host Configuration Protocol server is the method and device of client distribution IP address
CN106790073B (en) Blocking method and device for malicious attack of Web server and firewall
CN101577645A (en) Method and device for detecting counterfeit network equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant