CN111538994A - System security detection and repair method, device, storage medium and terminal - Google Patents

System security detection and repair method, device, storage medium and terminal Download PDF

Info

Publication number
CN111538994A
CN111538994A CN202010312208.2A CN202010312208A CN111538994A CN 111538994 A CN111538994 A CN 111538994A CN 202010312208 A CN202010312208 A CN 202010312208A CN 111538994 A CN111538994 A CN 111538994A
Authority
CN
China
Prior art keywords
security
host
security vulnerability
detection
repairing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010312208.2A
Other languages
Chinese (zh)
Inventor
谢冬
赵江伟
秦东明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
3Clear Technology Co Ltd
Original Assignee
3Clear Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 3Clear Technology Co Ltd filed Critical 3Clear Technology Co Ltd
Priority to CN202010312208.2A priority Critical patent/CN111538994A/en
Publication of CN111538994A publication Critical patent/CN111538994A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action

Abstract

The invention discloses a system security detection and repair method, a system security detection and repair device, a storage medium and a terminal, wherein the method comprises the following steps: the method comprises the steps that a detection subprogram of a main program for detecting whether a system of a current host has a security vulnerability or not is operated for any host to be detected, wherein the main program also comprises a repairing subprogram for repairing the security vulnerabilities existing in two or more host systems; under the condition that the security vulnerability exists in the current system, judging the detection type of the security vulnerability existing in the current system and the position of the security vulnerability; and repairing the security vulnerability through a repairing subprogram according to the detection type of the security vulnerability and the position of the security vulnerability to obtain a repaired host system. Therefore, by adopting the embodiment of the application, under the condition that the security vulnerability exists in the system of the current host computer, the existing security vulnerability can be automatically repaired through the repairing subprogram of the main program to obtain the repaired host computer system, so that the automatic repairing of the security vulnerability is realized.

Description

System security detection and repair method, device, storage medium and terminal
Technical Field
The invention relates to the technical field of computers, in particular to a system security detection and restoration method, a system security detection and restoration device, a storage medium and a terminal.
Background
At present, a plurality of tools for evaluating network security levels mainly aim at network security problems, such as tampering of server host passwords, loss, leakage and damage of data in a database and the like. The tool scans for host servers, detects many non-compliant and risky network security vulnerabilities, and prints out a detection report. And then informing related personnel to repair the detected vulnerability according to the detection report.
The existing BurPSoite tool is an online network security detection tool and is a widely-used webpage vulnerability scanning program at present. The method mainly aims at scanning security vulnerabilities on the level of an operating system on a host computer and carrying out penetration scanning on a system platform to obtain a scanning result. The main component structure of the tool is as follows: the lower part of the total program is divided into a webpage permeating layer and a host scanning layer. And the webpage permeation layer scans the system platform by calling a system platform permeation program in the tool, and the scanning result is formatted and output to form a webpage version security vulnerability scanning report. The host scanning layer scans the host operating system layer by calling a host operating system scanning program in the tool, and the scanning result is output in a formatted form to a webpage version host security vulnerability scanning report.
At present, tools for detecting network security are tools operated on a single Windows system, and the existing tools can only detect possible network security vulnerabilities and print out corresponding detection reports.
Disclosure of Invention
The embodiment of the application provides a system security detection and repair method, a system security detection and repair device, a storage medium and a terminal. The following presents a simplified summary in order to provide a basic understanding of some aspects of the disclosed embodiments. This summary is not an extensive overview and is intended to neither identify key/critical elements nor delineate the scope of such embodiments. Its sole purpose is to present some concepts in a simplified form as a prelude to the more detailed description that is presented later.
In a first aspect, an embodiment of the present application provides a system security detection and repair method, where the method includes:
the method comprises the steps that a detection subprogram of a main program for detecting whether a security vulnerability exists in a system of a current host computer or not is operated for any host computer to be detected, wherein the main program further comprises a repairing subprogram for repairing the security vulnerability existing in two or more host computer systems;
under the condition that the security vulnerability exists in the current system, judging the detection type of the security vulnerability existing in the current system and the position of the security vulnerability;
and repairing the security vulnerability through the repairing subprogram according to the detection type of the security vulnerability and the position of the security vulnerability to obtain a repaired host system.
In a second aspect, an embodiment of the present application provides a system security detection and repair apparatus, where the apparatus includes:
the system comprises a detection module, a detection module and a detection module, wherein the detection module is used for running a detection subprogram of a main program for detecting whether a system of a current host has a security vulnerability or not aiming at any host to be detected, and the main program also comprises a repair subprogram for repairing the security vulnerabilities existing in two or more host systems;
the processing module is used for judging the detection type of the security vulnerability existing in the current system and the position of the security vulnerability under the condition that the detection module detects that the security vulnerability exists in the current system;
and the repairing module is used for repairing the security vulnerability through the repairing subprogram according to the detection type of the security vulnerability obtained by the processing module and the position of the security vulnerability to obtain a repaired host system.
In a third aspect, embodiments of the present application provide a computer storage medium storing a plurality of instructions adapted to be loaded by a processor and to perform the above-mentioned method steps.
In a fourth aspect, an embodiment of the present application provides a terminal, which may include: a processor and a memory; wherein the memory stores a computer program adapted to be loaded by the processor and to perform the above-mentioned method steps.
The technical scheme provided by the embodiment of the application can have the following beneficial effects:
in the embodiment of the application, under the condition that the security vulnerability exists in the current system, the detection type of the security vulnerability existing in the current system and the position of the security vulnerability are judged; and repairing the security vulnerability through a repairing subprogram according to the detection type of the security vulnerability and the position of the security vulnerability to obtain a repaired host system. According to the scheme provided by the application, under the condition that the security vulnerability exists in the system of the current host computer, the existing security vulnerability can be automatically repaired through the repairing subprogram to obtain the repaired host computer system, and therefore the automatic repairing of the security vulnerability is achieved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the invention, as claimed.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and together with the description, serve to explain the principles of the invention.
Fig. 1 is a schematic flowchart of a system security detection and repair method according to an embodiment of the present disclosure;
fig. 2 is a schematic diagram illustrating detection and repair of security vulnerabilities existing in different hosts in a specific application scenario according to an embodiment of the present application;
fig. 3 is a schematic flowchart of a system security detection and repair method in another specific application scenario provided in the embodiment of the present application;
fig. 4 is a schematic flowchart of a host system security detection method according to an embodiment of the present application;
fig. 5 is a schematic flowchart of a host system bug fixing method provided in the embodiment of the present application;
fig. 6 is a schematic structural diagram of a system security detection and repair device according to an embodiment of the present disclosure;
fig. 7 is a schematic structural diagram of a terminal according to an embodiment of the present application.
Detailed Description
The following description and the drawings sufficiently illustrate specific embodiments of the invention to enable those skilled in the art to practice them.
It should be understood that the described embodiments are only some embodiments of the invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present invention. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the invention, as detailed in the appended claims.
In the description of the present invention, it is to be understood that the terms "first," "second," and the like are used for descriptive purposes only and are not to be construed as indicating or implying relative importance. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art. In addition, in the description of the present invention, "a plurality" means two or more unless otherwise specified. "and/or" describes the association relationship of the associated objects, meaning that there may be three relationships, e.g., a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship.
Until now, tools for detecting network security aspects are tools running on a single Windows system, and the current tools can only detect possible network security vulnerabilities and print out corresponding detection reports. The existing tool for detecting network security can only detect the possible network security loophole and cannot automatically repair the existing network security loophole. Therefore, the application provides a system security detection and repair method, device, storage medium and terminal to solve the above related technical problems in the prior art. In the technical solutions provided in the present application, the following detailed description is made with exemplary embodiments.
The system security detection and repair method provided by the embodiment of the present application will be described in detail below with reference to fig. 1 to 5. The method can be realized by relying on a computer program and can be operated on a system safety detection and repair device. The computer program may be integrated into the application or may run as a separate tool-like application.
Referring to fig. 1, a schematic flow chart of a system security detection and repair method is provided in the embodiment of the present application. As shown in fig. 1, the method of the embodiment of the present application may include the steps of:
s101, aiming at any host to be detected, running a detection subprogram of a main program for detecting whether a security vulnerability exists in a system of the current host, wherein the main program further comprises a repairing subprogram for repairing the security vulnerability existing in two or more host systems.
In this step, the main program may detect the detection type of the security vulnerability existing in the current host system through the detection subprogram, and the main program may further perform vulnerability repair on any detected type of security vulnerability through the repair subprogram.
In the embodiment of the present application, when the detection subprogram of the main program detects that the system of the current host has a security vulnerability, the main program may also repair any detected security vulnerability through the repair subprogram of the main program.
In the embodiment of the application, the repairing subprogram of the main program can repair not only the network security vulnerabilities existing in the Windows system, but also the network security vulnerabilities existing in the Linux system.
In this step, the detection subprogram of the main program may detect the network security vulnerabilities under other types of systems in addition to the network security vulnerabilities under the two types of systems, which is not described herein again.
Specifically, the method for detecting the network security vulnerability under the above-mentioned type of system by the detection subprogram of the main program is an existing conventional method. In a Windows system, there are different types of common security vulnerabilities, and for the different types of security vulnerabilities, the vulnerabilities are configured in respective root directories under corresponding folders, which is a conventional technique and is not described herein again. Similarly, in the Linux system, there are also common different types of security vulnerabilities, and for the different types of security vulnerabilities, the vulnerabilities are configured in each root directory under the corresponding folder, which is a conventional technique and is not described herein again in detail. The main program firstly identifies the type of the current system, namely a Windows system or a Linux system. After the fact that the current system is the Windows system is determined, the detection type of the security vulnerabilities existing in the current system is continuously detected, and after the detection type of the security vulnerabilities existing in the current system is detected, unqualified detection items are output. After the detection function of the detection subprogram is executed, executing a repair flow of the repair subprogram, repairing the host bugs, selecting a repair host, listing various repair items of the current host, and executing the repair function of the repair subprogram aiming at the various repair items. Based on the fact that the current system is a Windows system, after various repair items of the current host are obtained, the current repair items are automatically located under the specified folder of the repair items under the Windows system, codes, application programs, configuration settings or text documents and the like under the specified folder which possibly make mistakes are modified or replaced, and the specific repair process is not repeated herein.
If the current system is a Linux system, the procedures of detecting the vulnerability type through the detection subprogram of the main program and repairing the vulnerability through the repair subprogram of the main program are similar to the detection and repair procedures under the Windows system, and detailed description is omitted, and please refer to the related contents in the foregoing.
Fig. 2 is a schematic diagram illustrating detection and repair of security vulnerabilities existing in different hosts in a specific application scenario according to an embodiment of the present application.
As can be seen from fig. 2, any host from the host group from the host a to the host N may be selected as a host to be detected, and the host security detection is performed first to obtain a detection result including the existing network security vulnerability information; and according to the detection result, the host computer bug repairing is performed in a targeted manner aiming at the existing network security bug information, so that the bug repairing accuracy and repairing efficiency are improved.
As shown in fig. 2, the host group to be detected and repaired includes a plurality of hosts, from host a to host N.
In an optional embodiment, in order to distinguish different hosts and implement orderly detection and repair of the different hosts, before running a detection subroutine of a main program for detecting whether a security vulnerability exists in a system of a current host according to any host to be detected, the method further includes the following steps:
any host to be detected is selected from two or more host sets, and the host name of the current host to be detected is identified.
S102, under the condition that the security vulnerability exists in the current system, the detection type and the location of the security vulnerability existing in the current system are judged.
In this step, the detection type may be a first detection type for detecting a vulnerability of the login node, the detection type may also be a second detection type for detecting a vulnerability of the management node, or the detection type may be a third detection type for detecting a vulnerability of the application server. The three detection types listed above are detection types of common security vulnerabilities, and may also be detection types for other security vulnerabilities, and the detection functions of the corresponding detection subroutines are configured, which are not described in detail herein.
In this step, under the condition that the current system is a Windows system, the location of any security hole is as follows: in the Windows system, the first configuration file of the security vulnerability default is located in the first directory position.
In addition, under the condition that the current system is a Linux system, the position of any security hole is as follows: in the Linux system, the security vulnerability default second configuration file is located in a second directory location.
S103, repairing the security vulnerability through a repairing subprogram according to the detection type of the security vulnerability and the position of the security vulnerability to obtain a repaired host system.
Specifically, according to the detection type and the position of the security vulnerability, the method for repairing the security vulnerability through the repairing subprogram comprises the following steps:
responding to a first repairing instruction used for partial repairing of a user, and performing partial repairing of partial security vulnerabilities through a repairing subprogram according to the detection type of the security vulnerabilities and the positions of the security vulnerabilities; in this way, in order to realize the rapid repair of the existing security vulnerabilities, the targeted security vulnerability repair can be performed only on the items to be repaired related to the first repair instruction of the user in response to the first repair instruction of the user for repairing part of the security vulnerabilities; and other types of security vulnerabilities are not repaired for a while, so that the repairing time is shortened, and the repairing efficiency is improved.
In an optional implementation manner, in addition to the partial repairing manner, repairing the security vulnerability by the repairing subroutine according to the detection type of the security vulnerability and the location of the security vulnerability further includes the following steps:
responding to a second repairing instruction used for repairing all the security vulnerabilities of the user, and performing all the repairing of all the security vulnerabilities through a repairing subprogram according to the detection type of the security vulnerabilities and the positions of the security vulnerabilities; therefore, in order to realize the running stability of the current host system, all possible security vulnerabilities are thoroughly repaired, and all detected security vulnerabilities are completely repaired.
In an optional embodiment, before the security vulnerability is repaired by the repairing sub-program according to the detection type of the security vulnerability and the location of the security vulnerability, the method further includes the following steps:
selecting any host to be repaired from two or more host sets, and reading various security vulnerability data to be repaired of the current host; in this way, after the detection type of any one current security vulnerability is determined, the configuration file where the security vulnerability is located is found according to the location of the security vulnerability (the location is the directory location of the default configuration file of the system), and the security vulnerability is repaired through the repairing subprogram of the main program.
In an optional implementation manner, in order to improve ordered and targeted vulnerability repair, before reading each item of security vulnerability data to be repaired of the current host, the method further includes the following steps:
and establishing an incidence relation between any host in two or more host sets and at least one item of security vulnerability data to be repaired corresponding to the host.
In an optional embodiment, before the security vulnerability is repaired by the repairing sub-program according to the detection type of the security vulnerability and the location of the security vulnerability, the method further includes the following steps:
the type of detection of the security breach is read,
wherein the detection type at least comprises one of the following items:
the detection type is a first detection type for detecting the vulnerability of the login node, the detection type is a second detection type for detecting the vulnerability of the management node, and the detection type is a third detection type for detecting the vulnerability of the application server.
The above lists only common detection types of detected security vulnerabilities, and there may be other detection types, and detection methods for detecting other types of security vulnerabilities may be added according to different application scenarios, which are not described in detail herein.
Fig. 3 is a schematic flow chart of a system security detection and repair method in another specific application scenario provided in the embodiment of the present application.
As shown in fig. 3, the detection subprogram of the main program performs a detection function of detecting a security vulnerability existing in the system. Selecting a detection host, and filling host information of the current detection host, wherein the host information may be a name of the current host, MAC address information of the current host, or device number information of the current host. However, the host information is not limited to the above information, and the current host can be precisely located through the host information. And then, aiming at the current host, executing the detection function of the main program to obtain each unqualified detection item, and outputting a detection result comprising each unqualified detection item, wherein the detection function of the main program is completed through the detection subprogram of the main program.
The host bug can be repaired through the repairing function of the main program, the repairing host is selected firstly, and similarly, host information of the current host to be repaired is obtained, specifically, the host information can be the name of the current host, the MAC address information of the current host, or the equipment number information of the current host. However, the host information is not limited to the above information, and the current host can be precisely located through the host information. And then according to each listed repair item of the host, executing the repair function of the main program, performing partial repair or total repair, and finally obtaining the repaired current host system, wherein the repair function of the main program is completed through a repair subprogram of the main program.
In the system security detection and repair method provided by the embodiment of the present disclosure, in response to a first detection instruction of a user, a security vulnerability of each login node that may exist is detected (the security vulnerability of the type corresponds to a first detection type), where the first detection instruction is used to detect whether a security vulnerability of any login node exists in a current system.
In the system security detection and repair method provided in the embodiment of the present disclosure, a second detection instruction of a user may also be responded to, and a security vulnerability of each management node that may exist is detected (the security vulnerability of the type corresponds to a second detection type), where the second detection instruction is used to detect whether a security vulnerability of any management node exists in a current system.
In the system security detection and repair method provided in the embodiment of the present disclosure, a third detection instruction of a user may also be responded to, and a security vulnerability of each possible application server is detected (the security vulnerability of the type corresponds to a third detection type), where the third detection instruction is used to detect whether a security vulnerability of any application server exists in a current system.
In the system security detection and repair method provided by the embodiment of the disclosure, not only can any one of the repair items with security vulnerabilities detected by the detection subprogram of the main program be automatically repaired by default, but also all the repair items can be selectively repaired in response to the repair instruction of the user; in a specific application scene, in response to any touch operation of a user (the touch operation is used for checking repair items to be repaired on an interactive interface), one or more repair items can be selectively selected for repairing on the interactive interface displaying all types of repair items; therefore, the repairing time of automatic repairing can be shortened, and the repairing efficiency of automatic repairing is improved.
Fig. 4 is a schematic flowchart of a host system security detection method according to an embodiment of the present application.
As shown in fig. 4, the host system security detection method provided in the embodiment of the present application includes the following steps:
selecting a detection host;
filling in the information of the detection host, wherein the information of the detection host can be the name of the current host to be detected, or can be the MAC address information of the current host to be detected, or can be the equipment number information of the current host to be detected. However, the information of the detection host is not limited to the above information, and the host to be detected can be accurately located through any of the above information of the detection host.
And executing the detection function of the main program, wherein the detection function of the main program is completed through the detection subprogram of the main program.
The following three detection types can be executed through the detection subprogram of the main program;
specifically, the detection type is a first detection type for detecting the vulnerability of the login node, the detection type is a second detection type for detecting the vulnerability of the management node, and the detection type is a third detection type for detecting the vulnerability of the application server.
Fig. 5 is a schematic flowchart of a host system bug fixing method provided in the embodiment of the present application.
As shown in fig. 5, the host system bug fixing method provided in the embodiment of the present application includes the following steps:
before the host bug is repaired, a detection result is read, wherein the detection result is obtained by executing the detection function of the main program.
By reading the above detection results, it is possible to know that: the type of the security vulnerability to be repaired of different hosts to be repaired is specifically the vulnerability of a login node, the vulnerability of a management node, the vulnerability of an application server or other types of vulnerabilities. Here, the type of the security vulnerability may be added according to different application scenarios, and a new detection type for the added security vulnerability is obtained, which is not described herein again.
And according to the obtained detection result, selecting any host from the detection hosts as a repairing host, listing all repairing items of the repairing host, and executing the repairing function of the main program according to all the repairing items to obtain a repaired host system, wherein the repairing function of the main program is completed through a repairing subprogram of the main program.
In an actual application scenario, according to a received user repair instruction, all repairs of all the repair items described above may be performed, or partial repairs of partial repair items may be performed, and a specific repair process is not described any more.
In the embodiment of the application, the script for detecting the vulnerability and the script for repairing the vulnerability are called and connected through a shell technology. The Shell technology is conventional and will not be described in detail herein.
In the embodiment of the application, under the condition that the security vulnerability exists in the current system, the detection type of the security vulnerability existing in the current system and the position of the security vulnerability are judged; and repairing the security vulnerability through a repairing subprogram according to the detection type of the security vulnerability and the position of the security vulnerability to obtain a repaired host system. According to the scheme provided by the application, under the condition that the security vulnerability exists in the system of the current host computer, the existing security vulnerability can be automatically repaired through the repairing subprogram to obtain the repaired host computer system, and therefore the automatic repairing of the security vulnerability is achieved.
The following are embodiments of the apparatus of the present invention that may be used to perform embodiments of the method of the present invention. For details which are not disclosed in the embodiments of the apparatus of the present invention, reference is made to the embodiments of the method of the present invention.
Referring to fig. 6, a schematic structural diagram of a system security detection and repair apparatus according to an exemplary embodiment of the present invention is shown. The apparatus may be implemented as all or a portion of the terminal in software, hardware, or a combination of both. The apparatus includes a detection module 10, a processing module 20, and a repair module 30.
The detection module 10 is configured to run, for any host to be detected, a detection subprogram of a main program that detects whether a system of a current host has a security vulnerability, where the main program further includes a repair subprogram that is used to repair two or more security vulnerabilities existing in the host system;
the processing module 20 is configured to, when the detection module 10 detects that a security vulnerability exists in the current system, determine a detection type of the security vulnerability existing in the current system and a location of the security vulnerability;
and the repairing module 30 is configured to repair the security vulnerability through a repairing subroutine according to the detection type of the security vulnerability and the location of the security vulnerability obtained through processing by the processing module 20, so as to obtain a repaired host system.
Optionally, the repair module 30 is specifically configured to:
responding to a first repairing instruction used for partial repairing of a user, and performing partial repairing of partial security vulnerabilities through a repairing subprogram according to the detection type of the security vulnerabilities and the positions of the security vulnerabilities; alternatively, the first and second electrodes may be,
and responding to a second repairing instruction used for repairing all the security vulnerabilities of the user, and performing all the repairing of all the security vulnerabilities through a repairing subprogram according to the detection type of the security vulnerabilities and the positions of the security vulnerabilities.
Optionally, the processing module 20 is further configured to:
before the repairing agent module repairs the security vulnerability through the repairing subprogram according to the detection type and the location of the security vulnerability, any host to be repaired is selected from two or more host sets, and various security vulnerability data to be repaired of the current host are read.
Optionally, the processing module 20 is further configured to:
before reading each item of security vulnerability data to be repaired of the current host, establishing an association relationship between any host in two or more host sets and at least one item of security vulnerability data to be repaired corresponding to the host.
Optionally, the apparatus further comprises:
a reading module (not shown in fig. 6) for reading the detection type of the security vulnerability by the repairing module 30 before the security vulnerability is repaired by the repairing sub-program according to the detection type of the security vulnerability and the location of the security vulnerability,
the detection type read by the reading module at least comprises one of the following items:
the detection type is a first detection type for detecting the vulnerability of the login node, the detection type is a second detection type for detecting the vulnerability of the management node, and the detection type is a third detection type for detecting the vulnerability of the application server.
Optionally, the processing module 20 is further configured to:
before the detection module 10 runs the detection subprogram of the main program for detecting whether the system of the current host has the security vulnerability according to any host to be detected, any host to be detected is selected from two or more host sets, and the host name of the current host to be detected is identified.
Optionally, the host system for repairing by the repair subprogram at least includes one of the following items:
windows system, Linux system.
It should be noted that, in the system security detection and recovery apparatus provided in the foregoing embodiment, only the division of the functional modules is illustrated in the foregoing, and in practical applications, the functions may be distributed by different functional modules according to needs, that is, the internal structure of the apparatus may be divided into different functional modules to complete all or part of the functions described above. In addition, the system security detection and repair device and the system security detection and repair method provided by the above embodiments belong to the same concept, and the details of the implementation process are referred to as method embodiments, which are not described herein again.
In the embodiment of the application, under the condition that the detection module detects that the current system has the security vulnerability, the processing module judges the detection type of the security vulnerability existing in the current system and the position of the security vulnerability; and the repairing module repairs the security loophole through a repairing subprogram according to the detection type of the security loophole and the position of the security loophole, which are obtained by processing of the processing module, so as to obtain a repaired host system. According to the scheme provided by the application, under the condition that the detection module detects that the system of the current host has the security vulnerability, the existing security vulnerability can be automatically repaired through the repair subprogram of the repair module to obtain the repaired host system, and therefore the automatic repair of the security vulnerability is achieved.
The invention also provides a computer readable medium, on which program instructions are stored, and when the program instructions are executed by a processor, the system security detection and repair method provided by the above method embodiments is implemented.
The present invention also provides a computer program product containing instructions, which when run on a computer, causes the computer to execute the system security detection and repair method described in the above method embodiments.
Please refer to fig. 7, which provides a schematic structural diagram of a terminal according to an embodiment of the present application. As shown in fig. 7, the terminal 1000 can include: at least one processor 1001, at least one network interface 1004, a user interface 1003, memory 1005, at least one communication bus 1002.
Wherein a communication bus 1002 is used to enable connective communication between these components.
The user interface 1003 may include a Display screen (Display) and a Camera (Camera), and the optional user interface 1003 may also include a standard wired interface and a wireless interface.
The network interface 1004 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface), among others.
Processor 1001 may include one or more processing cores, among other things. The processor 1001, which is connected to various parts throughout the electronic device 1000 using various interfaces and lines, performs various functions of the electronic device 1000 and processes data by executing or executing instructions, programs, code sets, or instruction sets stored in the memory 1005 and calling data stored in the memory 1005. Alternatively, the processor 1001 may be implemented in at least one hardware form of Digital Signal Processing (DSP), Field-Programmable Gate Array (FPGA), and Programmable Logic Array (PLA). The processor 1001 may integrate one or more of a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), a modem, and the like. Wherein, the CPU mainly processes an operating system, a user interface, an application program and the like; the GPU is used for rendering and drawing the content required to be displayed by the display screen; the modem is used to handle wireless communications. It is understood that the modem may not be integrated into the processor 1001, but may be implemented by a single chip.
The Memory 1005 may include a Random Access Memory (RAM) or a Read-Only Memory (ROM). Optionally, the memory 1005 includes a non-transitory computer-readable medium. The memory 1005 may be used to store an instruction, a program, code, a set of codes, or a set of instructions. The memory 1005 may include a stored program area and a stored data area, wherein the stored program area may store instructions for implementing an operating system, instructions for at least one function (such as a touch function, a sound playing function, an image playing function, etc.), instructions for implementing the various method embodiments described above, and the like; the storage data area may store data and the like referred to in the above respective method embodiments. The memory 1005 may optionally be at least one memory device located remotely from the processor 1001. As shown in fig. 7, a memory 1005, which is a kind of computer storage medium, may include therein an operating system, a network communication module, a user interface module, and a system security detection and repair application program.
In the terminal 1000 shown in fig. 7, the user interface 1003 is mainly used as an interface for providing input for a user, and acquiring data input by the user; and the processor 1001 may be configured to call an application stored in the memory 1005, and specifically perform the following operations:
the method comprises the steps that a detection subprogram of a main program for detecting whether a system of a current host has a security vulnerability or not is operated for any host to be detected, wherein the main program also comprises a repairing subprogram for repairing the security vulnerabilities existing in two or more host systems;
under the condition that the security vulnerability exists in the current system, judging the detection type of the security vulnerability existing in the current system and the position of the security vulnerability;
and repairing the security vulnerability through a repairing subprogram according to the detection type of the security vulnerability and the position of the security vulnerability to obtain a repaired host system.
In an embodiment, when the processor 1001 repairs the security vulnerability through the repair subroutine according to the detection type of the security vulnerability and the location of the security vulnerability, the following operations are specifically performed:
responding to a first repairing instruction used for partial repairing of a user, and performing partial repairing of partial security vulnerabilities through a repairing subprogram according to the detection type of the security vulnerabilities and the positions of the security vulnerabilities; alternatively, the first and second electrodes may be,
and responding to a second repairing instruction used for repairing all the security vulnerabilities of the user, and performing all the repairing of all the security vulnerabilities through a repairing subprogram according to the detection type of the security vulnerabilities and the positions of the security vulnerabilities.
In one embodiment, before performing the fixing of the security vulnerability by the fixing subroutine according to the detection type and the location of the security vulnerability, the processor 1001 further performs the following operations:
selecting any host to be repaired from two or more host sets, and reading various security vulnerability data to be repaired of the current host.
In one embodiment, before performing the reading of the security vulnerability data to be repaired of the current host, the processor 1001 further performs the following operations:
and establishing an association relationship between any host in two or more host sets and at least one item of data of the security vulnerability item to be repaired corresponding to the host.
In one embodiment, before performing the fixing of the security vulnerability by the fixing subroutine according to the detection type and the location of the security vulnerability, the processor 1001 further performs the following operations: the type of detection of the security breach is read,
wherein the detection type at least comprises one of the following items:
the detection type is a first detection type for detecting the vulnerability of the login node, the detection type is a second detection type for detecting the vulnerability of the management node, and the detection type is a third detection type for detecting the vulnerability of the application server.
In one embodiment, before executing the detection subroutine of the main program that detects whether a security vulnerability exists in the system of the current host according to any host to be detected, the processor 1001 further performs the following operations:
any host to be detected is selected from two or more host sets, and the host name of the current host to be detected is identified.
In one embodiment, when the processor 1001 executes the operation to detect whether the system of the current host has a security vulnerability, the host system to be repaired by the repair subprogram executed by the processor comprises at least one of the following:
windows system, Linux system.
In the embodiment of the application, under the condition that the security vulnerability exists in the current system, the detection type of the security vulnerability existing in the current system and the position of the security vulnerability are judged; and repairing the security vulnerability through a repairing subprogram according to the detection type of the security vulnerability and the position of the security vulnerability to obtain a repaired host system. According to the scheme provided by the application, under the condition that the security vulnerability exists in the system of the current host computer, the existing security vulnerability can be automatically repaired through the repairing subprogram to obtain the repaired host computer system, and therefore the automatic repairing of the security vulnerability is achieved. It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a read-only memory or a random access memory.
The above disclosure is only for the purpose of illustrating the preferred embodiments of the present application and is not to be construed as limiting the scope of the present application, so that the present application is not limited thereto, and all equivalent variations and modifications can be made to the present application.

Claims (10)

1. A system security detection and repair method, the method comprising:
the method comprises the steps that a detection subprogram of a main program for detecting whether a security vulnerability exists in a system of a current host computer or not is operated for any host computer to be detected, wherein the main program further comprises a repairing subprogram for repairing the security vulnerability existing in two or more host computer systems;
under the condition that the security vulnerability exists in the current system, judging the detection type of the security vulnerability existing in the current system and the position of the security vulnerability;
and repairing the security vulnerability through the repairing subprogram according to the detection type of the security vulnerability and the position of the security vulnerability to obtain a repaired host system.
2. The method of claim 1, wherein the repairing, by the repair subroutine, the security vulnerability according to the detection type of the security vulnerability and the location of the security vulnerability comprises:
responding to a first repairing instruction used for partial repairing of a user, and performing partial repairing of partial security vulnerabilities through the repairing subprogram according to the detection type of the security vulnerabilities and the positions of the security vulnerabilities; alternatively, the first and second electrodes may be,
and responding to a second repairing instruction used for repairing all the security vulnerabilities of the user, and performing all the repairing of all the security vulnerabilities through the repairing subprogram according to the detection type of the security vulnerabilities and the positions of the security vulnerabilities.
3. The method according to claim 1 or 2, wherein before the fixing the security vulnerability by the fixing subprogram according to the detection type of the security vulnerability and the location of the security vulnerability, the method further comprises:
selecting any host to be repaired from two or more host sets, and reading various security vulnerability data to be repaired of the current host.
4. The method according to claim 3, wherein before the reading of the security vulnerability data to be repaired of the current host, the method further comprises:
and establishing an incidence relation between any host in two or more host sets and at least one item of security vulnerability data to be repaired corresponding to the host.
5. The method according to claim 1 or 2, wherein before the fixing the security vulnerability by the fixing subprogram according to the detection type of the security vulnerability and the location of the security vulnerability, the method further comprises:
reading the detection type of the security breach,
wherein the detection type includes at least one of:
the detection type is a first detection type for detecting the vulnerability of the login node, the detection type is a second detection type for detecting the vulnerability of the management node, and the detection type is a third detection type for detecting the vulnerability of the application server.
6. The method according to claim 1, wherein before the running, according to any host to be detected, a detection subprogram of a main program for detecting whether a security vulnerability exists in a system of a current host, the method further comprises:
any host to be detected is selected from two or more host sets, and the host name of the current host to be detected is identified.
7. The method of claim 1, wherein the host system for repair by the repair subroutine comprises at least one of:
windows system, Linux system.
8. A system security detection and repair device, the device comprising:
the system comprises a detection module, a detection module and a detection module, wherein the detection module is used for running a detection subprogram of a main program for detecting whether a system of a current host has a security vulnerability or not aiming at any host to be detected, and the main program also comprises a repair subprogram for repairing the security vulnerabilities existing in two or more host systems;
the processing module is used for judging the detection type of the security vulnerability existing in the current system and the position of the security vulnerability under the condition that the detection module detects that the security vulnerability exists in the current system;
and the repairing module is used for repairing the security vulnerability through the repairing subprogram according to the detection type of the security vulnerability obtained by the processing module and the position of the security vulnerability to obtain a repaired host system.
9. A computer storage medium, characterized in that it stores a plurality of instructions adapted to be loaded by a processor and to carry out the method steps according to any one of claims 1 to 7.
10. A terminal, comprising: a processor and a memory; wherein the memory stores a computer program adapted to be loaded by the processor and to perform the method steps of any of claims 1 to 7.
CN202010312208.2A 2020-04-20 2020-04-20 System security detection and repair method, device, storage medium and terminal Pending CN111538994A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010312208.2A CN111538994A (en) 2020-04-20 2020-04-20 System security detection and repair method, device, storage medium and terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010312208.2A CN111538994A (en) 2020-04-20 2020-04-20 System security detection and repair method, device, storage medium and terminal

Publications (1)

Publication Number Publication Date
CN111538994A true CN111538994A (en) 2020-08-14

Family

ID=71973015

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010312208.2A Pending CN111538994A (en) 2020-04-20 2020-04-20 System security detection and repair method, device, storage medium and terminal

Country Status (1)

Country Link
CN (1) CN111538994A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112286571A (en) * 2020-09-25 2021-01-29 长沙市到家悠享网络科技有限公司 Vulnerability repairing method and device and storage medium
CN112698846A (en) * 2020-12-30 2021-04-23 麒麟软件有限公司 Method and system for automatically installing patch in Linux system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105471919A (en) * 2016-01-15 2016-04-06 成都智扬易方软件有限公司 Network security vulnerability scanning and managing system
CN108712396A (en) * 2018-04-27 2018-10-26 广东省信息安全测评中心 Networked asset management and loophole governing system
CN109977673A (en) * 2017-12-27 2019-07-05 航天信息股份有限公司 A kind of loophole restorative procedure and system based on web site system safety
CN110460571A (en) * 2019-07-05 2019-11-15 深圳壹账通智能科技有限公司 Operation system loophole processing method, device, computer equipment and storage medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105471919A (en) * 2016-01-15 2016-04-06 成都智扬易方软件有限公司 Network security vulnerability scanning and managing system
CN109977673A (en) * 2017-12-27 2019-07-05 航天信息股份有限公司 A kind of loophole restorative procedure and system based on web site system safety
CN108712396A (en) * 2018-04-27 2018-10-26 广东省信息安全测评中心 Networked asset management and loophole governing system
CN110460571A (en) * 2019-07-05 2019-11-15 深圳壹账通智能科技有限公司 Operation system loophole processing method, device, computer equipment and storage medium

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112286571A (en) * 2020-09-25 2021-01-29 长沙市到家悠享网络科技有限公司 Vulnerability repairing method and device and storage medium
CN112698846A (en) * 2020-12-30 2021-04-23 麒麟软件有限公司 Method and system for automatically installing patch in Linux system
CN112698846B (en) * 2020-12-30 2024-04-09 麒麟软件有限公司 Method and system for automatically installing patches in Linux system

Similar Documents

Publication Publication Date Title
CN108427731B (en) Page code processing method and device, terminal equipment and medium
CN105787364B (en) Automatic testing method, device and system for tasks
CN109376078B (en) Mobile application testing method, terminal equipment and medium
CN107357558B (en) Method and device for constructing codes
CN110929264B (en) Vulnerability detection method and device, electronic equipment and readable storage medium
JP2020160611A (en) Test scenario generation device and test scenario generation method and test scenario generation program
CN111309505B (en) Page exception handling method and device and electronic equipment
CN109828780B (en) Open source software identification method and device
CN109815697B (en) Method and device for processing false alarm behavior
CN111538994A (en) System security detection and repair method, device, storage medium and terminal
CN109063481B (en) Risk detection method and device
CN110806965A (en) Automatic test method, device, equipment and medium
CN107621963B (en) Software deployment method, software deployment system and electronic equipment
CN112738094A (en) Expandable network security vulnerability monitoring method, system, terminal and storage medium
CN110135163B (en) Security detection method, device and system based on target application
CN115203698A (en) Security vulnerability scanning task processing method based on RPA and AI and related equipment
CN116055102A (en) Method for updating necessary repair loopholes, method for scanning necessary repair loopholes and related equipment
JP4215255B2 (en) Degradation confirmation inspection method, degradation confirmation inspection system, and program therefor
CN108959931B (en) Vulnerability detection method and device, information interaction method and equipment
CN113360379B (en) Program test environment creation method and program test environment creation apparatus
CN115643044A (en) Data processing method, device, server and storage medium
CN115510508A (en) Page information protection method and device and electronic equipment
CN115373916A (en) Abnormality detection method, abnormality detection device, electronic apparatus, and computer-readable storage medium
CN109560964B (en) Equipment compliance checking method and device
CN108875349B (en) Verification code generation method and device based on pinyin

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20200814