CN102306258B - 一种基于可配置知识库的unix主机安全配置审计方法 - Google Patents
一种基于可配置知识库的unix主机安全配置审计方法 Download PDFInfo
- Publication number
- CN102306258B CN102306258B CN2011102859618A CN201110285961A CN102306258B CN 102306258 B CN102306258 B CN 102306258B CN 2011102859618 A CN2011102859618 A CN 2011102859618A CN 201110285961 A CN201110285961 A CN 201110285961A CN 102306258 B CN102306258 B CN 102306258B
- Authority
- CN
- China
- Prior art keywords
- security
- unix
- knowledge base
- audit
- host
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 33
- 238000004458 analytical method Methods 0.000 claims abstract description 10
- 230000003014 reinforcing effect Effects 0.000 claims abstract description 7
- 238000012550 audit Methods 0.000 claims description 38
- 238000012360 testing method Methods 0.000 claims description 16
- 230000008569 process Effects 0.000 claims description 14
- 238000013515 script Methods 0.000 claims description 8
- 238000001514 detection method Methods 0.000 claims description 6
- 239000003999 initiator Substances 0.000 claims description 6
- 238000004891 communication Methods 0.000 claims description 5
- 238000006243 chemical reaction Methods 0.000 claims description 4
- 238000005516 engineering process Methods 0.000 claims description 4
- 230000008859 change Effects 0.000 claims description 2
- 230000008878 coupling Effects 0.000 claims description 2
- 238000010168 coupling process Methods 0.000 claims description 2
- 238000005859 coupling reaction Methods 0.000 claims description 2
- 238000012113 quantitative test Methods 0.000 claims 2
- 238000013475 authorization Methods 0.000 claims 1
- 238000004451 qualitative analysis Methods 0.000 claims 1
- 238000012216 screening Methods 0.000 abstract description 2
- 230000009286 beneficial effect Effects 0.000 abstract 1
- 238000001914 filtration Methods 0.000 abstract 1
- 238000012502 risk assessment Methods 0.000 abstract 1
- 238000012545 processing Methods 0.000 description 4
- 230000000694 effects Effects 0.000 description 3
- 238000012423 maintenance Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 230000015572 biosynthetic process Effects 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000012552 review Methods 0.000 description 1
- 238000009781 safety test method Methods 0.000 description 1
- 238000010408 sweeping Methods 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
Description
Claims (1)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2011102859618A CN102306258B (zh) | 2011-09-23 | 2011-09-23 | 一种基于可配置知识库的unix主机安全配置审计方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2011102859618A CN102306258B (zh) | 2011-09-23 | 2011-09-23 | 一种基于可配置知识库的unix主机安全配置审计方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102306258A CN102306258A (zh) | 2012-01-04 |
CN102306258B true CN102306258B (zh) | 2013-09-25 |
Family
ID=45380118
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2011102859618A Active CN102306258B (zh) | 2011-09-23 | 2011-09-23 | 一种基于可配置知识库的unix主机安全配置审计方法 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102306258B (zh) |
Families Citing this family (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104732149B (zh) * | 2013-12-18 | 2018-04-06 | 国家电网公司 | 操作系统的加固方法及装置 |
CN103839008A (zh) * | 2014-03-21 | 2014-06-04 | 彭岸峰 | 一句话脚本后门和php变量函数后门免疫安全服务 |
CN105245392A (zh) * | 2014-06-27 | 2016-01-13 | 北京新媒传信科技有限公司 | 基线检查修复方法及装置 |
CN104346574A (zh) * | 2014-10-23 | 2015-02-11 | 武汉大学 | 基于配置规范的主机安全配置漏洞自动修复方法及系统 |
CN104270389A (zh) * | 2014-10-23 | 2015-01-07 | 国网湖北省电力公司电力科学研究院 | 一种路由器/交换机安全配置漏洞自动修复方法及系统 |
CN105791265A (zh) * | 2016-01-08 | 2016-07-20 | 国家电网公司 | 一种网元安全性检测方法及系统 |
CN107146150A (zh) * | 2017-04-12 | 2017-09-08 | 国家电网公司 | 审计对象的审计方法、装置、存储介质及处理器 |
CN108183887B (zh) * | 2017-12-12 | 2020-12-29 | 杭州安恒信息技术股份有限公司 | 一种基于自主授权的云端漏洞扫描策略配置方法及装置 |
CN109033840B (zh) * | 2018-06-28 | 2021-08-03 | 成都飞机工业(集团)有限责任公司 | 一种对计算机终端进行保密检查的方法 |
CN109271809A (zh) * | 2018-12-03 | 2019-01-25 | 南方电网科学研究院有限责任公司 | 一种数据库加固的方法、系统及相关装置 |
CN110188089B (zh) * | 2019-05-31 | 2021-07-27 | 杭州安恒信息技术股份有限公司 | 一种数据库运维管控方法及装置 |
CN111027100A (zh) * | 2019-11-15 | 2020-04-17 | 内蒙古电力(集团)有限责任公司内蒙古电力科学研究院分公司 | 一种信息系统安全配置自动加固方法 |
CN111382437A (zh) * | 2020-03-03 | 2020-07-07 | 思客云(北京)软件技术有限公司 | 基于配置分析引擎的缺陷检测方法、设备和计算机可读存储介质 |
CN113672923A (zh) * | 2021-08-20 | 2021-11-19 | 北京安天网络安全技术有限公司 | 一种安全检测方法、装置、电子设备及存储介质 |
CN115277204A (zh) * | 2022-07-28 | 2022-11-01 | 国网安徽省电力有限公司电力科学研究院 | 一种电力监控系统便携式网络安全配置核查加固设备 |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1761208A (zh) * | 2005-11-17 | 2006-04-19 | 郭世泽 | 网络信息系统的安全性及生存性评估的系统和方法 |
CN101833621A (zh) * | 2010-04-27 | 2010-09-15 | 广州广电运通金融电子股份有限公司 | 终端安全审计方法及系统 |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6988226B2 (en) * | 2002-10-17 | 2006-01-17 | Wind River Systems, Inc. | Health monitoring system for a partitioned architecture |
-
2011
- 2011-09-23 CN CN2011102859618A patent/CN102306258B/zh active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1761208A (zh) * | 2005-11-17 | 2006-04-19 | 郭世泽 | 网络信息系统的安全性及生存性评估的系统和方法 |
CN101833621A (zh) * | 2010-04-27 | 2010-09-15 | 广州广电运通金融电子股份有限公司 | 终端安全审计方法及系统 |
Non-Patent Citations (2)
Title |
---|
《基于知识库的Unix主机配置安全审计软件的设计与实现》;朱世顺等;《计算机与现代化》;20110915(第9期);第137-139页 * |
朱世顺等.《基于知识库的Unix主机配置安全审计软件的设计与实现》.《计算机与现代化》.2011,(第9期),第137-139页. |
Also Published As
Publication number | Publication date |
---|---|
CN102306258A (zh) | 2012-01-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102306258B (zh) | 一种基于可配置知识库的unix主机安全配置审计方法 | |
CN108737425B (zh) | 基于多引擎漏洞扫描关联分析的脆弱性管理系统 | |
CN106411578B (zh) | 一种适应于电力行业的网站监控系统及方法 | |
KR101883400B1 (ko) | 에이전트리스 방식의 보안취약점 점검 방법 및 시스템 | |
CN103391216B (zh) | 一种违规外联报警及阻断方法 | |
CN104767757A (zh) | 基于web业务的多维度安全监测方法和系统 | |
CN105119750A (zh) | 一种基于大数据的分布式信息安全运维管理平台 | |
CN105138920A (zh) | 一种内网终端安全管理的实现方法 | |
CN103150511B (zh) | 一种安全防护系统 | |
CN106982194A (zh) | 漏洞扫描方法及装置 | |
US10671723B2 (en) | Intrusion detection system enrichment based on system lifecycle | |
Buschle et al. | A Tool for automatic Enterprise Architecture modeling | |
CN107273748A (zh) | 一种基于漏洞poc实现安卓系统漏洞检测的方法 | |
WO2023216641A1 (zh) | 一种电力终端安全防护方法及系统 | |
CN105391687A (zh) | 一种向中小企业提供信息安全运维服务的系统与方法 | |
CN101808093A (zh) | 一种对web安全进行自动化检测的系统和方法 | |
CN102333090A (zh) | 一种内控堡垒主机及安全访问内网资源的方法 | |
CN103049702A (zh) | 一种基于服务器层的安全加固策略 | |
CN106230857A (zh) | 一种面向工控系统的主动式漏洞检测系统和检测方法 | |
CN113407949A (zh) | 一种信息安全监控系统、方法、设备及存储介质 | |
KR100918370B1 (ko) | 웹관리시스템 및 그 방법 | |
CN114285761B (zh) | 一种基于视频录屏与ocr技术的跳板机违规操作检测方法 | |
KR20090044202A (ko) | 웹페이지의 우회침입 탐지 및 매개변수 변조 침입 탐지를이용한 웹 보안 서비스 방법 및 그 시스템 | |
CN110162978A (zh) | 一种终端安全风险评估管理方法、装置及系统 | |
KR101226693B1 (ko) | 접근 제어 시스템으로 가상 패치하여 공개된 보안 취약점을 제거하는 데이터베이스 보안 관리 방법 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
ASS | Succession or assignment of patent right |
Owner name: NANJING NARI CO., LTD. STATE ELECTRIC NET CROP. Free format text: FORMER OWNER: NANJING NARI CO., LTD. Effective date: 20130206 |
|
C41 | Transfer of patent application or patent right or utility model | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20130206 Address after: Nan Shui Road Gulou District of Nanjing city of Jiangsu Province, No. 8 210003 Applicant after: State Grid Electric Power Research Insititute Applicant after: Nanjing Nari Co., Ltd. Applicant after: State Grid Corporation of China Address before: Nan Shui Road Gulou District of Nanjing city of Jiangsu Province, No. 8 210003 Applicant before: State Grid Electric Power Research Insititute Applicant before: Nanjing Nari Co., Ltd. |
|
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20171114 Address after: 211106 Jiangning City, Nanjing Province, the integrity of the road No. 19, Co-patentee after: NARI Technology Development Co., Ltd. Patentee after: State Grid Electric Power Research Insititute Co-patentee after: State Grid Corporation of China Address before: Nan Shui Road Gulou District of Nanjing city of Jiangsu Province, No. 8 210003 Co-patentee before: Nanjing Nari Co., Ltd. Patentee before: State Grid Electric Power Research Insititute Co-patentee before: State Grid Corporation of China |