CN101465764A - Inspection method for internet service business place information safety management - Google Patents
Inspection method for internet service business place information safety management Download PDFInfo
- Publication number
- CN101465764A CN101465764A CN 200810208196 CN200810208196A CN101465764A CN 101465764 A CN101465764 A CN 101465764A CN 200810208196 CN200810208196 CN 200810208196 CN 200810208196 A CN200810208196 A CN 200810208196A CN 101465764 A CN101465764 A CN 101465764A
- Authority
- CN
- China
- Prior art keywords
- place
- information
- test
- business
- check
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a testing method of information security management for internet access service business places; the method mainly performs under a detection platform and includes the following steps: (1) detection environment is established; (2) a detected system is installed; (3) test cases are designed; (4) system functional test unit adopts test cases designed in step (3) to test the information security management function of business places. The method can evaluate and test the function and performance of information security management system of internet access service business places.
Description
Technical field:
The present invention relates to a kind of inspection technology, particularly a kind of method of inspection of internet service business place information safety management to the internet access service providing site connecting internet system.
Background technology:
Because the networking is in vogue, internet access service providing site is in continuous increase, and there is very big leak in these places of business for various information security managements.
Also do not have at present a kind of to the internet service business place information safety management method of testing can be effectively at the content of safety management for information about in industry standards of public safety GA557-2005 internet service business place information safety management code, GA558-2005 internet service business place information safety management system data DIF and the place of business end functional requirement of GA559-2005 internet service business place information safety management system.
Summary of the invention:
The present invention is directed to above-mentioned prior art and net the existing problem in service information security management check aspect, place of business on the internet, and a kind of method that can carry out related check to the internet service business place information safety management function is provided.
In order to achieve the above object, the technical solution used in the present invention:
The method of inspection of internet service business place information safety management, this method is mainly carried out under detection platform, and it mainly may further comprise the steps:
(1) makes up testing environment, requirement according to " internet service business place information safety management system test detailed rules for the implementation ", make up test environment, be included as test required software and hardware configuration and network configuration and installation internet service business place information safety management system management end interface test module;
(2) detected system is installed, the system that needs detect is installed according to the system product specification;
(3) design test case, treat the test case that examining system adapts according to each bar test basis design of contrast with this, this test case must comprise use-case sequence number, use-case author, design date and concrete input/output information, so that reduce the uncertainty of test, and when reviewing mistake, it can be reproduced;
(4) System Functional Test utilizes the test case of step (3) design that place of business information security management function is tested.
When making up testing environment in the described step (1), because the difference of access mechanism, system under test (SUT) place of business end equipment generally has the form of two kinds of connecting systems, and mode one is a series form, and place of business end equipment is connected to network exit with the form of gateway/bridge; Mode two is parallel form, and place of business end equipment operates on hub/switch with listen mode.
The method that adopts equivalence class to divide during described step (3) design test case is done more comprehensive coverage test to reach; Should adopt the method for boundary value to test as far as possible to test simultaneously with critical value.
The check of information security management function comprises the check of harmful information filtration and the check of internet log management in the described step (4).
The method of inspection of described harmful information filtration may further comprise the steps:
(11) hold management end that filtering policy is set in place of business, and whether check can filter to harmful information; This filtering policy comprises filtercondition and filter action;
(12) can the filtering policy of check place of business end setting promptly check the place of business end that corresponding filtering rule storehouse (filtering policy storehouse) is set, and the default clauses and subclauses be no less than 100,000;
(13) check place of business end filters index, and when being 100,000 as if rule entries, the harmful information filtration rate must not be lower than 98%, and legal network address mistake filter rate must not be higher than 2%.
Described filtercondition is meant specific URL or specific I P address.
The method of inspection of described internet log management may further comprise the steps:
(21) the automatic online personnel diary that generates of check place of business end, whether the log information that check generates is stored in the non-loss storage medium of local power down, and the daily record sensitive information obtains safekeeping, must not lose, damage; Check the content of log record simultaneously;
(22) whether check place of business end can store online personnel diary information in 60 days;
(23) whether check place of business end can prevent log information by anyone modification, increase, deletion, and the bookkeepings such as backup, deletion that whether can carry out regular internet log information automatically;
(24) whether check place of business end can guarantee that log information is not by unauthorized access;
(25) whether check place of business end supports authorized user to hold long-range log information inquiry, supports simultaneously the individual event inquiry of log information, multinomial query composition, fuzzy query.
The keyword in described when inquiry should comprise online personnel name, online personnel's type of credential and number, surf time section, access terminals Intranet IP address, access terminals number, access terminals MAC Address, purpose IP address, COS at least.
Can evaluate and test and check the function and the performance of internet service business place information safety management system according to this method that technique scheme obtains.
The combine closely demand of Ministry of Public Security regulation internet access service providing site of platform is followed function and the performance requirement of the Ministry of Public Security to the internet service business place information safety management system technically fully.The high efficiency of the test that this method can guarantee, consistency, reproducibility and comparativity.High efficiency: since detailed regulation method of testing and test case, the time of testing shortens greatly, efficient improves greatly; Consistency: each test result unanimity of identical product; Reproducibility: certain test result of certain product can accessiblely be reproduced; Comparativity: the test request of different product is identical with input, so the result has comparativity.
Description of drawings:
Further specify the present invention below in conjunction with the drawings and specific embodiments.
Fig. 1 is the topological diagram of test environment of the present invention.
Fig. 2 is the flow chart of steps of the inventive method.
Embodiment:
For technological means, creation characteristic that the present invention is realized, reach purpose and effect is easy to understand, below in conjunction with concrete diagram, further set forth the present invention.
This detection method is concrete on detection platform implements concrete steps following (as shown in Figure 2):
The first step, platform user are according to the requirement of " internet service business place information safety management system test detailed rules for the implementation ", make up test environment (as shown in Figure 1), be included as test required software and hardware configuration and network configuration and installation internet service business place information safety management system management end interface test module.
As shown in Figure 1, two kinds of access sides can be arranged among the present invention: gateway is connected in series or is installed on same main frame with system under test (SUT) place of business end during a mode; Gateway connecting hub during the b mode.
For the difference of access mechanism, system under test (SUT) place of business end equipment generally has the form of two kinds of connecting systems, and a mode is a series form, and place of business end equipment is connected to network exit with the form of gateway/bridge; The b mode is parallel form, and place of business end equipment operates on hub/switch with listen mode.For other access waies, should be adjusted testing environment according to himself characteristic.
Each system's place of business end uses an Intemet outlet simultaneously, but can should realize the application of this service on internal server in the Intemet of its application of internal simulation service for some as far as possible, as: WEB, FTP, Mail etc.Topological diagram according to shown in Figure 1 builds testing environment, and each test suite is as shown in table 1 among Fig. 1:
The explanation of table 1 test suite
2. prepare before detecting
Detection person prepares:
Knowledge expertise:
Before carrying out the detection of internet service business place information safety management system, the inspector must learn and on top of following knowledge, software and instrument:
(1) Windows 2000 Professional, Windows XP Professional simplified form of Chinese Character version operating system;
(2) network environment based on ICP/IP protocol makes up and analyzes;
(3) principle and the basic configuration of application layer protocol such as HTTP, FTP, SMTP, POP/POP3, IMAP, TELNET, NNTP, RSTP, MMS and service;
(4) Windows 2000 Server and IIS 5.0, Redhat Linux 9.0 and Sendmail;
(5) protocol analyzer;
(6) stopwatch.
The inspector must learn and can use following application program:
(1) media play software: Realplayer10.5, Windows Media Player 10 etc.;
(2) Mail Clients: Outlook6 simplified Chinese edition, Foxmail 6.0 etc.;
(3) MSN: MSN Messenger 8.5, ICQ V5.04, Yahoo Messenger 7.5, UC2005, QQ 2008, Sina Web click-through V1.3.0.0, AOL Instant Messenger 5.9, POPO 2008, search the logical V4.20 of Q V3.6, E words etc.;
(4) network game client: connection crowd, legend 3, China online, the Xuanyuan sword Online etc. that plays;
(5) WEB browser: IE 6.0 simplified Chinese editions etc.
Testing environment is prepared:
Before detecting beginning, detection person must carry out following preparation:
(1) explanation is ready to detect needed hardware device according to table 1 test suite, and install corresponding operating system and software for it (except that terminating machine E, F, any main frame should not installed unnecessary software and services, in order to avoid systemic-function and performance index are had a negative impact);
(2) build test network according to Fig. 1 testing environment network topology structure figure, and the service for preparing network attribute such as corresponding IP address for it and need;
(3) be foundation with distribution of censorship system and operation document, censorship internet service business place information safety management system is installed;
(4) if the system under test (SUT) place of business end A of censorship is a software, then the main frame software and hardware of preparing for this system of installation can be configured according to demand fully, simultaneously configuring condition is charged to the detection original record;
(5) system clock of All hosts in the synchronous good testing environment;
(6) confirm whether the censorship system can normally move, after obtaining confirming, preparation is finished, and can begin to detect.
Standard is prepared:
When detecting, detection person still needs and is ready to following standard, and reads over standard, and basic grasp standard content is so that inquiry.
(1) GA557-2005 internet service business place information safety management code;
(2) GA558-2005 internet service business place information safety management system data DIF;
(3) GA559-2005 internet service business place information safety management system place of business end functional requirement;
(4) GA560-2005 internet service business place information safety management system place of business end and place of business system of operation and management interfacing requirement;
(5) GA561-2005 internet service business place information safety management system management end functional requirement;
(6) GA562-2005 internet service business place information safety management system management end interface specification requirement;
(7) GB/T 2260 administrative regional division of the People's Republic of China's codes
(8) GB 2312-1980 Chinese Character Set Code for Informati baseset
(9) expansion of GB 18030-2000 information technology Chinese Character Set Code for Informati baseset
(10) GA/Z02-2005 public business basic data element code collection
Second step, system under test (SUT) is installed according to product description;
The 3rd the step, according to method of testing and test case sample design test case according to design of Platform;
Make the test case that is fit to system to be detected characteristics according to each bar test basis.Test case must comprise use-case sequence number, use-case author, design date and concrete input/output information, so that reduce the uncertainty of test, and it can be reproduced when reviewing mistake.
When test case is write, have following principle and the method can reference:
(1) need scrutinize the standard implication, analyze each situation that may occur in actual conditions, the method that adopts equivalence class to divide is then done more comprehensive coverage test;
(2) should adopt the method for boundary value to test as far as possible to test with critical value;
(3) according to the experience that detects at ordinary times, can append some test cases with mistake supposition method;
(4) suggestion is put every pairing standard feature point of Business Stream in order according to the rule of Business Stream, detects according to Business Stream, will detect the minimizing workload owing to having avoided duplicate detection to compare by the standard pointwise.
The 4th goes on foot, place of business information security management function is tested with sample according to the test of design, and it is divided into two parts, i.e. the check of the check of harmful information filtration and internet log management.
(1) harmful information filtration check
Test basis:
The place of business end can filter harmful information according to the filtering policy that management end is provided with.Filtering policy comprises filtercondition and filter action.Filtercondition is meant specific URL or specific I P address etc.
The place of business end is provided with filtering policy.According to the harmful information of relevant laws, rules and regulations, the place of business end can be provided with corresponding filtering rule storehouse (filtering policy storehouse), and the default clauses and subclauses are no less than 100,000;
The place of business end filters index.When rule entries was 100,000, the harmful information filtration rate must not be lower than 98%, and legal network address mistake filter rate must not be higher than 2%.
Inspection principle:
The content that can be divided into following several parts about the test basis of harmful information filtration in principle:
(1) filters validity;
(2) filter the storehouse scale;
(3) rate of failing to report;
(4) rate of false alarm;
Therefore, in design verification method, also need design at above content.Corresponding relation is as follows:
The basic principle that corresponding test case is followed is then done following classification:
| Basic principle | Method is sorted out |
| Directly checking | E |
| Equivalence class is divided | A、B、C、D |
| Boundary value | |
| Mistake is inferred | A |
The method of inspection:
The filtering policy of URL and IP address is set and is issued to place of business end A at management end B, whether URL that is filtered in the Test Strategy on terminal A or IP address can be visited.If the harmful information that system is provided with in can not filtering rule, this is judged to defective.
The default filtering rule storehouse of formulating according to the classification of the harmful information of relevant laws, rules and regulations.If 100,000 of no default filtering rule storehouse or default clauses and subclauses less thaies, this is judged to defective.
Check default filtering rule storehouse, use the regular testing harmful information filtration rate that exists in the storehouse, use non-existent regular testing legal information mistake filter rate in the storehouse.Adopting the selective examination method, be that radix is tested with 1000, if the harmful information filtration rate less than 98% or legal information miss the filter rate greater than 2%, this is judged to defective.If manual sampling observation, radix can suitably reduce.
Test according to above-mentioned principle design is as shown in table 2 with sample:
Table 2 harmful information filtration
The test case that this table provides is to test at place of business end system harmful information filtration, the filtering policy of URL and IP address is set and is issued to place of business end A at management end B during this sample test, whether URL that is filtered in the Test Strategy on terminal A or IP address can be visited.If the harmful information that system is provided with in can not filtering rule, this is judged to defective.Resulting test result is logged into the corresponding column in the table.
2. internet log management check
Test basis:
The content of internet log information comprises: the online personnel information about recording internet personnel basic condition and internet content such as log-on message, online personnel operation summary info of surfing the Net in this place of business;
The place of business end generates the online personnel diary automatically, and the log information of generation is stored in the non-loss storage medium of local power down, and the daily record sensitive information obtains safekeeping, must not lose, damage; Log record should comprise the content of table 3 and table 4 at least;
Table 3
Table 4
The place of business end is stored online personnel diary information in 60 days;
Take technical measures, prevent that log information is by anyone modification, increase, deletion; System carries out bookkeepings such as the backup, deletion of regular internet log information automatically;
Unauthorized user must not inquiry log information, takes technical measures to guarantee that log information is not by unauthorized access;
Authorized user carries out log management in this locality, support authorized user to hold long-range log information inquiry;
Support is to the individual event inquiry of log information, multinomial query composition, fuzzy query.Searching keyword should comprise the content of table 5 at least.
Table 5
| Sequence number | Searching keyword |
| 1 | Online personnel name |
| 2 | Online personnel type of credential and number |
| 3 | The surf time section |
| 4 | Access terminals Intranet IP address |
| 5 | Access terminals number |
| 6 | The access terminals MAC Address |
| 7 | Purpose IP address |
| 8 | COS |
Inspection principle:
The content that can be divided into following several parts about the test basis of internet log management in principle:
(1) log content;
(2) daily record generation and storage mode;
(3) log data structures;
(4) the daily record term of validity;
(5) log management;
(6) log query;
Therefore, in design verification method, also need design at above content.Corresponding relation is as follows:
The basic principle that corresponding test case is followed is then done following classification:
| Basic principle | Method is sorted out |
| Directly checking | B、C、D、G |
| Equivalence class is divided | A、E、F |
| Boundary value | |
| Mistake is inferred | A、E、F |
The method of inspection:
The process (from entering the place of business log-on message) of simulation personnel online; the agreement and the instrument that relate in the table 4 have been contained during internet usage; the relevant daily record that inquiry place of business end generates automatically; whether the check daily record is stored in the non-loss storage medium of local power down; the daily record sensitive information obtains safekeeping, and whether log content has comprised all requirements of table 3 and the main contents of table 4.If journal file is not stored in the non-loss storage medium of local power down, the daily record sensitive information does not obtain safekeeping, and perhaps the content of daily record does not meet all requirements of table 3 and the main contents of table 4, and this is judged to defective.
Place of business end developer provides document, describes the preservation timeliness of journal file, the technical measures of protection log information in detail, according to document, and the operation that journal file is increased, deletes, changes.The parameter of automated back-up, deletion daily record is set, and checking system carries out the function of log management automatically.If the developer can not provide document, or document description and actual conditions are not inconsistent, and this is judged to defective.If the measure of journal file unprotect, system can not automated back-up, the deletion daily record, and this also is judged to defective.
The access control mechanisms that place of business end developer provides document to describe log information in detail is simultaneously with unauthorized user inquiry log information.If the developer can not provide document, or document description and actual conditions are not inconsistent, and this is judged to defective.If not authorized user can be visited, inquiry log information, this is judged to defective.
Carry out log management in this locality with authorized user; Long-range log management parameter is set, carries out long-range log query with authorized user.If authorized user can not carry out log management in this locality or can not inquire about long-range, this is judged to defective.
With keyword listed in the table 5 log information is carried out individual event inquiry, multinomial query composition, fuzzy query.If log information can not carry out individual event inquiry, multinomial query composition, fuzzy query, or can not inquire about according to the keyword in the table 5, this is judged to defective.
Internet log management of test cases sample is as shown in table 6:
Table 6 log query
The test case that provides in this table is at the detection of place of business end system to terminating machine E, F internet log query function, has provided 9 test cases in this table:
1, carry out the internet log inquiry at management end B, the input name: Zhang San, expection will be exported Zhang San in the whole internet records of terminating machine E, F, if after the practical operation, the unanimity of waiting until as a result then is up to the standards, otherwise defective.
2, carry out the internet log inquiry at management end B, the input type of credential: 111, number: 110101197704140028, expection will be exported Zhang San in the whole internet records of terminating machine E, F, if after the practical operation, the unanimity of waiting until as a result then is up to the standards, otherwise defective.
3, carry out internet log inquiry at management end B, the input type of credential: 111, number: 110101197704140028 and the surf time section: 1/1/2006 3:05 PM-1/1/2006 6:15 PM; According to these information, expection will be exported the whole internet records of Zhang San at 1/1/2006 3:05 PM-1/1/2006 6:15 PM, if after the practical operation, the unanimity of waiting until as a result then is up to the standards, otherwise defective.
4, carry out internet log inquiry at management end B, input information IP=192.168.0.1, according to this information, whole internet logs that expection will outlet terminal machine E are if after the practical operation, the unanimity of waiting until as a result then is up to the standards, otherwise defective.
5, carry out the internet log inquiry at management end B, the input information machine number: 0001, surf time section: 1/1/2006 3:05 PM-1/1/2006 6:15 PM; According to this information, expection will outlet terminal machine E in whole internet records of 1/1/2006 3:05 PM-1/1/2006 6:15 PM, if after the practical operation, the unanimity of waiting until as a result then is up to the standards, otherwise defective.
6, carry out internet log inquiry, input information MAC Address: 00061BD93BD4, surf time section: 1/1/2006 3:05 PM-1/1/2006 6:15 PM at management end B; According to this information, expection will outlet terminal machine E in whole internet records of 1/1/2006 3:05 PM-1/1/2006 6:15 PM, if after the practical operation, the unanimity of waiting until as a result then is up to the standards, otherwise defective.
7, carry out internet log inquiry, input information name: Zhang San, destination address: 202.127.0.99 at management end B; According to this information, expection will be exported whole internet records that Zhang San connects 202.127.0.99, if after the practical operation, the unanimity of waiting until as a result then is up to the standards, otherwise defective.
8, carry out the internet log inquiry at management end B, the input information name: Zhang San, destination address: 202.127.0.99, service: http; According to these information, expection will be exported whole internet records that Zhang San http connects 202.127.0.99, if after the practical operation, the unanimity of waiting until as a result then is up to the standards, otherwise defective.
9, carry out the unisonance fuzzy query at management end B, the input name: open to loose, according to these information, expection will export loose, chapter three, Zhang San ... whole internet records, if after the practical operation, the unanimity of waiting until as a result then is up to the standards, otherwise defective.
The result of above-mentioned test case is charged in the table, and judge according to the result whether end system this function in place of business is qualified.
More than show and described basic principle of the present invention and principal character and advantage of the present invention.The technical staff of the industry should understand; the present invention is not restricted to the described embodiments; that describes in the foregoing description and the specification just illustrates principle of the present invention; without departing from the spirit and scope of the present invention; the present invention also has various changes and modifications, and these changes and improvements all fall in the claimed scope of the invention.The claimed scope of the present invention is defined by appending claims and equivalent thereof.
Claims (8)
1, the method for inspection of internet service business place information safety management, this method is mainly carried out under detection platform, it is characterized in that, and this method mainly may further comprise the steps:
(1) makes up testing environment, as requested, make up test environment, be included as test required software and hardware configuration and network configuration and installation internet service business place information safety management system management end interface test module;
(2) detected system is installed, the system that needs detect is installed according to the system product specification;
(3) design test case, treat the test case that examining system adapts according to each bar test basis design of contrast with this, this test case must comprise use-case sequence number, use-case author, design date and concrete input/output information, so that reduce the uncertainty of test, and when reviewing mistake, it can be reproduced;
(4) System Functional Test utilizes the test case of step (3) design that place of business information security management function is tested.
2, the method for inspection of internet service business place information safety management according to claim 1, it is characterized in that, when making up testing environment in the described step (1), because the difference of access mechanism, system under test (SUT) place of business end equipment generally has the form of two kinds of connecting systems, mode one is a series form, and place of business end equipment is connected to network exit with the form of gateway/bridge; Mode two is parallel form, and place of business end equipment operates on hub/switch with listen mode.
3, the method for inspection of internet service business place information safety management according to claim 1 is characterized in that, the method that adopts equivalence class to divide during described step (3) design test case is done more comprehensive coverage test to reach; Should adopt the method for boundary value to test as far as possible to test simultaneously with critical value.
4, the method for inspection of internet service business place information safety management according to claim 1 is characterized in that, the check of information security management function comprises the check of harmful information filtration and the check of internet log management in the described step (4).
5, the method for inspection of internet service business place information safety management according to claim 4 is characterized in that, the method for inspection of described harmful information filtration may further comprise the steps:
(11) hold management end that filtering policy is set in place of business, and whether check can filter to harmful information; This filtering policy comprises filtercondition and filter action;
(12) can the filtering policy of check place of business end setting promptly check the place of business end that corresponding filtering rule storehouse (filtering policy storehouse) is set, and the default clauses and subclauses be no less than 100,000;
(13) check place of business end filters index, and when being 100,000 as if rule entries, the harmful information filtration rate must not be lower than 98%, and legal network address mistake filter rate must not be higher than 2%.
6, the method for inspection of internet service business place information safety management according to claim 5 is characterized in that, described filtercondition is meant specific URL or specific I P address.
7, the method for inspection of internet service business place information safety management according to claim 4 is characterized in that, the method for inspection of described internet log management may further comprise the steps:
(21) the automatic online personnel diary that generates of check place of business end, whether the log information that check generates is stored in the non-loss storage medium of local power down, and the daily record sensitive information obtains safekeeping, must not lose, damage; Check the content of log record simultaneously;
(22) whether check place of business end can store online personnel diary information in 60 days;
(23) whether check place of business end can prevent log information by anyone modification, increase, deletion, and the bookkeepings such as backup, deletion that whether can carry out regular internet log information automatically;
(24) whether check place of business end can guarantee that log information is not by unauthorized access;
(25) whether check place of business end supports authorized user to hold long-range log information inquiry, supports simultaneously the individual event inquiry of log information, multinomial query composition, fuzzy query.
8, the method for inspection of internet service business place information safety management according to claim 7, it is characterized in that the keyword in described when inquiry should comprise online personnel name, online personnel's type of credential and number, surf time section, access terminals Intranet IP address, access terminals number, access terminals MAC Address, purpose IP address, COS at least.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200810208196 CN101465764B (en) | 2008-12-30 | 2008-12-30 | Inspection method for internet service business place information safety management |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200810208196 CN101465764B (en) | 2008-12-30 | 2008-12-30 | Inspection method for internet service business place information safety management |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101465764A true CN101465764A (en) | 2009-06-24 |
| CN101465764B CN101465764B (en) | 2013-01-02 |
Family
ID=40806139
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200810208196 Active CN101465764B (en) | 2008-12-30 | 2008-12-30 | Inspection method for internet service business place information safety management |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101465764B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103916291A (en) * | 2014-04-14 | 2014-07-09 | 中国联合网络通信集团有限公司 | Testing method and device for internet log retaining system |
| TWI603600B (en) * | 2014-11-26 | 2017-10-21 | 惠普發展公司有限責任合夥企業 | Determine vulnerability using runtime agent and network sniffer |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100464518C (en) * | 2005-02-03 | 2009-02-25 | 杭州华三通信技术有限公司 | Green internet-accessing system based on concentrated management and dictributed control, and method therefor |
| CN100375451C (en) * | 2005-03-21 | 2008-03-12 | 中兴通讯股份有限公司 | Automatic test method for network protection system of optical SDH |
-
2008
- 2008-12-30 CN CN 200810208196 patent/CN101465764B/en active Active
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103916291A (en) * | 2014-04-14 | 2014-07-09 | 中国联合网络通信集团有限公司 | Testing method and device for internet log retaining system |
| TWI603600B (en) * | 2014-11-26 | 2017-10-21 | 惠普發展公司有限責任合夥企業 | Determine vulnerability using runtime agent and network sniffer |
| US10182068B2 (en) | 2014-11-26 | 2019-01-15 | Entit Software Llc | Determine vulnerability using runtime agent and network sniffer |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101465764B (en) | 2013-01-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107818150B (en) | Log auditing method and device | |
| US5787253A (en) | Apparatus and method of analyzing internet activity | |
| CN103023710B (en) | A kind of safety test system and method | |
| CN104378283B (en) | A kind of sensitive mail filtering system and method based on customer end/server mode | |
| CN101924757B (en) | Method and system for reviewing Botnet | |
| CN103152229B (en) | Monitor control index item Dynamic Configuration | |
| Gaertler et al. | Dynamic analysis of the autonomous system graph | |
| CN109241461A (en) | A kind of user draws a portrait construction method and device | |
| CN107229556A (en) | Log Analysis System based on elastic components | |
| CN106452955B (en) | A kind of detection method and system of abnormal network connection | |
| JP2002515152A (en) | Method and apparatus for automated network-wide surveillance and security breach intervention | |
| CN102158360A (en) | Network fault self-diagnosis method based on causal relationship positioning of time factors | |
| CN110505235A (en) | A kind of detection system and method for the malicious requests around cloud WAF | |
| CN107579874B (en) | Method and device for detecting data collection missing report of flow collection equipment | |
| CN107493208A (en) | Full the link performance monitoring method and system of a kind of medium-and-large-sized operation system | |
| CN110225062A (en) | A kind of method and apparatus monitoring network attack | |
| CN107895039B (en) | Method for constructing log database of campus network authentication system | |
| CN113810358A (en) | Access limiting method, device, computer equipment and storage medium | |
| CN102271331B (en) | Method and system for detecting reliability of service provider (SP) site | |
| CN101465764B (en) | Inspection method for internet service business place information safety management | |
| CN106326280B (en) | Data processing method, device and system | |
| CN115333966B (en) | Topology-based Nginx log analysis method, system and equipment | |
| CN104811418B (en) | The method and device of viral diagnosis | |
| CN111031025B (en) | Method and device for automatically detecting and verifying Webshell | |
| CN107332731A (en) | A kind of test system and test envelope for network security monitoring device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |