The content of the invention
In view of the above problems, it is proposed that the present invention so as to provide one kind overcome the problems referred to above or at least in part solve on
The analytic method and a kind of corresponding resolver of DNS of a kind of DNS of problem are stated, and, a kind of browser.
According to one aspect of the present invention, there is provided a kind of analytic method of DNS, including:
When browser side monitors the dns resolution mistake for the first webpage, by the original dns server of present terminal
Address resets to the dns server address specified;
The dns resolution request of first webpage is sent to the dns server address specified, the dns resolution please
Asking includes the domain name of first webpage;The dns server specified is used for according to described in the dns resolution request analysis
Corresponding one or more IP address of domain name of first webpage;
Receive one or more IP address that the dns server specified is returned;
When one or more IP address for verifying the dns server return specified are legal, it is described legal to extract
IP address.
Alternatively, the dns server address that present terminal is original resets to the step of the dns server address specified
Suddenly include:
DNS is carried out in preset dns server address white list using the address of the original dns server of present terminal
The matching of the address of server;
When the match is successful, the original dns server address is reset to into the dns server address of acquiescence;
When it fails to match, the original dns server address is reset in the dns server address white list
Dns server address.
Alternatively, it is described when one or more IP address for verifying the dns server return specified are legal, extract
The step of legal IP address, includes:
The matching of IP address is carried out in preset IP address white list using one or more of IP address;
When the match is successful, the IP address that the match is successful is extracted;
And/or,
The matching of IP address is carried out in preset IP address blacklist using one or more of IP address;
When the match is successful, the IP address beyond the IP address that the match is successful is extracted.
Alternatively, carry when one or more IP address for verifying the dns server return specified are legal described
After the step of taking the legal IP address, also include:
Legitimate ip address mapping table is generated or updated using the legal IP address and its corresponding domain name.
Alternatively, also include:
When the load request of the second webpage is received, the domain name in the load request is extracted;
The matching of domain name is carried out in the legitimate ip address mapping table using the domain name in the load request;
When the match is successful, the corresponding legal IP address of domain name is extracted.
Alternatively, also include:
Domain name and its corresponding IP address that the reception server side sends;
The legitimate ip address mapping table is updated using domain name and its corresponding IP address.
Alternatively, extract when one or more IP address for verifying the specified dns server return are legal described
After the step of legal IP address, also include:
Dns server is carried out in preset dns server address blacklist using the dns server address of present terminal
The matching of address;
When the match is successful, the dns server address of present terminal is reset to into the dns server address specified.
Alternatively, also include:
The dns server address specified is stored in DNS CACHE.
Alternatively, also include:
When present terminal uses DHCP service, the dns server ground of the peripheral equipment that the DHCP service is provided is obtained
Location;
The dns server address of the peripheral equipment is carried out into dns server in the dns server address blacklist
The matching of address;
When the match is successful, the dns server address of the peripheral equipment is reset to into the dns server ground specified
Location.
Alternatively, also include:
By the legal IP address and its terminal of corresponding domain name, the ID of active user and present terminal
Mark is uploaded to the corresponding server side in browser side.
Alternatively, also include:
When the load request of the 3rd webpage is received, according to the load request from the corresponding server side in browser side
Obtain ID, the corresponding legal IP of domain name of the 3rd webpage of the terminal iidentification of present terminal and instruction of active user
Address.
According to a further aspect in the invention, there is provided a kind of resolver of DNS, including:
First dns server address resets module, is suitable to monitor the dns resolution mistake for the first webpage in browser side
Mistake, the original dns server address of present terminal is reset to the dns server address specified;
Dns resolution request module, is suitable to send the DNS solutions of first webpage to the dns server address specified
Analysis request, the dns resolution request includes the domain name of first webpage;The dns server specified is used for according to institute
State corresponding one or more IP address of domain name of the first webpage described in dns resolution request analysis;
IP address receiver module, is suitable to receive one or more IP address that the dns server specified is returned;
First IP address extraction module, is suitable to verifying one or more IP ground that the dns server specified is returned
When location is legal, the legal IP address is extracted.
Alternatively, the dns server address resets module and is further adapted for:
DNS is carried out in preset dns server address white list using the address of the original dns server of present terminal
The matching of the address of server;
When the match is successful, the original dns server address is reset to into the dns server address of acquiescence;
When it fails to match, the original dns server address is reset in the dns server address white list
Dns server address.
Alternatively, the legitimate ip address extraction module is further adapted for:
The matching of IP address is carried out in preset IP address white list using one or more of IP address;
When the match is successful, the IP address that the match is successful is extracted;
And/or,
The matching of IP address is carried out in preset IP address blacklist using one or more of IP address;
When the match is successful, the IP address beyond the IP address that the match is successful is extracted.
Alternatively, also include:
Legitimate ip address mapping table management module, be suitable for use with the legal IP address and its corresponding domain name generate or
Update legitimate ip address mapping table.
Alternatively, also include:
Domain name extraction module, is suitable to, when the load request of the second webpage is received, extract the domain in the load request
Name;
Domain name matching module, be suitable for use with the domain name in the load request is carried out in the legitimate ip address mapping table
The matching of domain name;
Second IP address extraction module, is suitable to, when the match is successful, extract the corresponding legal IP address of domain name.
Alternatively, also include:
Domain name and IP address receiver module, are suitable to the domain name and its corresponding IP address of the transmission of the reception server side;
Legitimate ip address mapping table update module, is suitable for use with domain name and its corresponding IP address updates described legal
IP address mapping table.
Alternatively, also include:
Dns server address blacklist matching module, is suitable for use with the dns server address of present terminal preset
The matching of dns server address is carried out in dns server address blacklist;
Second dns server address resets module, is suitable to when the match is successful, by the dns server address of present terminal
Reset to the dns server address specified.
Alternatively, also include:
Dns server address is stored in module, is suitable to that the dns server address specified is stored in DNS CACHE.
Alternatively, also include:
Dns server address acquisition module, is suitable to, when present terminal uses DHCP service, obtain and provide the DHCP clothes
The dns server address of the peripheral equipment of business;
Dns server address blacklist matching module, is suitable to the dns server address of the peripheral equipment described
The matching of dns server address is carried out in dns server address blacklist;
3rd dns server address resets module, when being suitable to that the match is successful, by the dns server ground of the peripheral equipment
Location resets to the dns server address specified.
Alternatively, also include:
Transmission module in information, is suitable to the legal IP address and its corresponding domain name, the ID of active user
And the terminal iidentification of present terminal is uploaded to the corresponding server side in browser side.
Alternatively, also include:
IP address acquisition module, is suitable to when the load request of the 3rd webpage is received, according to the load request from clear
The corresponding server side in device side of looking at obtains the ID of active user, the 3rd webpage of the terminal iidentification of present terminal and instruction
The corresponding legal IP address of domain name.
According to a further aspect in the invention, there is provided a kind of browser, including:
First dns server address resets module, is suitable to monitor the dns resolution mistake for the first webpage in browser side
Mistake, the original dns server address of present terminal is reset to the dns server address specified;
Dns resolution request module, is suitable to send the DNS solutions of first webpage to the dns server address specified
Analysis request, the dns resolution request includes the domain name of first webpage;The dns server specified is used for according to institute
State corresponding one or more IP address of domain name of the first webpage described in dns resolution request analysis;
IP address receiver module, is suitable to receive one or more IP address that the dns server specified is returned;
First IP address extraction module, is suitable to verifying one or more IP ground that the dns server specified is returned
When location is legal, the legal IP address is extracted.
The present invention can when there is the situation of dns resolution failure, especially temporarily when dns server cannot connect,
Secondary parsing is carried out to specified dns server, so as to complete the parsing of DNS, the chance of success of dns resolution is considerably increased,
Improve Consumer's Experience.
The present invention will can be stored in local in browser side or server side through the IP address of legitimacy verifies
In caching, directly the loading of webpage carried out using the IP address in caching when user browses webpage again, it is to avoid enter again
The parsing of row DNS, reduces the operation burden of server, improves the efficiency of web page access.
The present invention can by the way that the malicious DNS server address of present terminal is reset to into the dns server address specified,
Can effectively contain that the dns server address of client is tampered, achieve reduction lawless person by distorting dns server
Address and give user's network access risk such as bring phishing, privacy to steal, so as to improve user's Internet Security.
The present invention can will be stored in the individual subscriber of server side through the IP address and terminal iidentification of legitimacy verifies
In information, directly obtaining corresponding IP address to server side when user browses webpage again carries out the loading of webpage, it is to avoid
The parsing of DNS is again carried out, the operation burden of server is reduced, the efficiency of web page access is improve.Also, according to terminal
Mark carries out the association of IP address so that web page access has higher success rate.
And after the security identification for having accessed for IP address so that safety has more preferable raising.
Described above is only the general introduction of technical solution of the present invention, in order to better understand the technological means of the present invention,
And can be practiced according to the content of description, and in order to allow above and other objects of the present invention, specify and advantage can
Become apparent, below especially exemplified by the specific embodiment of the present invention.
Specific embodiment
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although showing the disclosure in accompanying drawing
Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure and should not be by embodiments set forth here
Limited.On the contrary, there is provided these embodiments are able to be best understood from the disclosure, and can be by the scope of the present disclosure
Complete conveys to those skilled in the art.
To make those skilled in the art more fully understand the application, below to domain name system(DNS)Correlation technique carry out
Explanation.
Domain name system(DNS)It is that one kind is used for TCP(Transmission Control Protocol, pass transport control protocol
View)The distributed data base of/IP application programs, it provides the transitional information between host name and IP address.Generally, network is used
Family passes through udp protocol(User Datagram Protocol, User Datagram Protocol)Communicated with dns server, serviced
Device returns the relevant information needed for user in specific 53 port snoop.
DNS point is Client(Client)And Server(Server), Client plays the part of the role of question, that is, asks
Mono- Domain Name of Server(Domain name)Real IP address, Server to answer this Domain Name real IP ground
Location.Generally, local DNS can first look into the information bank of oneself, if real IP of the information bank of oneself without this Domain Name
Address, then dns server that can be set toward on the DNS is inquired, after the real IP address of this Domain Name is obtained according to this,
The corresponding real IP address of the Domain Name is stored away, and answers client.
Dns server can record each name data under the affiliated domain, this name according to different empowered zones (Zone)
Title data includes:Secondary domain name and Hostname under domain, there is a cache in each dns name claims server
Buffer area (Cache), the main purpose of this cache buffer area is the title that checked out the name server and relative
IP address record in cache buffer area, when next time also have another client go on this server inquire about identical
During title, server is just not used in on other main frame looking for, and corresponding name directly can be found from cache buffer area
Claim record material, client is returned to, so as to accelerate speed of the client to name query.
For example, when DNS client is to a certain Hostname on specified dns server inquiry the Internet, DNS clothes
Business device can look for the title specified by user in the information bank, if it did not, the server can be in the cache buffer area of oneself
Middle inquiry whether there is the pseudonym claims record, if finding corresponding title record, from dns server directly by it is corresponding to IP
Address is returned to client, if name server can not find out in data logging, and also without corresponding name in cache buffer area
Claim record, server just can be to the desired title of other name server queries.
Or such as, DNS client works as dns server to certain Hostname on specified dns server inquiry the Internet
When the data logging can not find the title specified by user, the cache buffer area that can turn to the server looks for whether have the money
Material, when cache buffer area also can not find, can go to require the IP address that the title is looked in help to immediate name server,
Identical action executing inquiry operation is also used on another server, the source clothes for requiring inquiry originally can be replied after inquiring
Business device, the source dns server after the result for receiving the inquiry of another dns server, first by the Hostname for being inquired
And correspondence IP address recorded in cache buffer area, finally the result for being inquired replied to into client.
With reference to Fig. 1, flow the step of show a kind of analytic method embodiment 1 of DNS according to an embodiment of the invention
Cheng Tu, specifically may comprise steps of:
Step 101 is original by present terminal when browser side monitors the dns resolution mistake for the first webpage
Dns server address resets to the dns server address specified;
In application is realized, browser monitors that getaddrinfo functions return mistake, indicates dns resolution mistake, specifically
Can include:
1)Dns server arranges mistake;
2)Dns server cannot connect;
3)Dns server cannot complete the parsing of certain domain name.
It should be noted that present terminal can be the equipment that browser is located, for server, the equipment can
To be referred to as client.Original dns server address can be the dns server address set by present terminal.Specify
Dns server address can be the address of the public dns server by detections such as safety, practicality, and for example, certain company carries
For dns server address " 8.8.8.8 ", the dns server address " 114.114.114.114 " etc. that provides of another company.
In one preferred embodiment of the invention, the step 101 can specifically include following sub-step:
Sub-step S11, using the address of the original dns server of present terminal in the preset white name of dns server address
The matching of the address of dns server is carried out in list;
Sub-step S12, when the match is successful, by the original dns server address dns server of acquiescence is reset to
Address;
Sub-step S13, when it fails to match, by the original dns server address dns server ground is reset to
Dns server address in the white list of location.
In actual applications, dns server address white list can record the dns server address specified.When original
Dns server address when being the dns server address of specifying of storing in dns server address white list, show DNS clothes
Business device address is not tampered with, then the original dns server address of present terminal can be reset to the dns server ground of acquiescence
Location;When original dns server address not for the dns server address of specifying of storing in dns server address white list when,
Show that the NS server address is tampered, there is the possibility of malicious DNS server address, then can be original by present terminal
Dns server address resets to the dns server address specified, and can be specifically to reset in order, or random replacement
Etc..
Step 102, to the dns server address specified the dns resolution request of first webpage is sent, described
Dns resolution request includes the domain name of first webpage;The dns server specified is used for please according to the dns resolution
Solve corresponding one or more IP address of domain name of analysis first webpage;
In actual applications, browser side can generate dns resolution request, and in the dns resolution request first can be included
The domain name of webpage.When specified dns server is one, directly DNS solutions can be sent to this dns server specified
Analysis request;When specified dns server is multiple, I/O Completion port mechanism can be passed through(Completing port)Adopt
Dns resolution request is sent with the mode of asynchronism and concurrency to multiple dns servers specified.
On the internet, the final position of host machine for determining access webpage is not domain name, nor the MAC ground of computer
Location, but IP address.And DNS service, or domain name service, domain name resolution service are, just it is to provide the phase of domain name and IP address
Mutually conversion, it may also be said to be a kind of correspondence(Mapping)Association.Reflecting for a domain name and IP address is generally had in the dns server
Firing table, so that user is either input into server name(Equivalent to domain name), or the IP address of server can obtain in time
Conversion, finds corresponding server.The service that dns server is provided can complete for host name and domain name to be converted to IP
The work of address.
Realize that connection is but the only IP ground possessed in a network by every computer between computer on network
Location is so accomplished by having a solution between the IP address that the address and computer that user easily remembers is capable of identify that come what is completed
Analysis, dns server just act as the key player of address resolution.
Domain name mapping has saying for resolution and reverse resolution, and resolution is exactly to translate domain names into corresponding IP address
Process, it be applied in browser address bar be input into website domain name when situation;And reverse resolution is by IP address conversion
Into the process of correspondence domain name, but reverse resolution need not be carried out when website is accessed, even if what is be input in browser address bar is
Website server IP address, because what the positioning of internet host was inherently carried out by IP address, simply on same IP ground
Needs when multiple domain names are mapped under location.In addition reverse resolution Jing is often used by some background programs, and user can't see.
In addition to positive, reverse resolution, also a kind of parsing for being referred to as " recursive query "." recursive query " contains substantially
When justice is exactly to search on certain dns server less than corresponding domain name and IP address corresponding relation, other one is automatically brought to
Inquired about on dns server.The root dns server of another dns server corresponding domain that usual recurrence is arrived.Because for carrying
For internet domain name parsing Internet service business, no matter from performance, or from safety for, be impossible to only one
Dns server, but by one or two root dns servers(Two root dns servers are typically mirror image relationship), Ran Houzai
Many estrade dns servers are configured with below carrys out equally loaded(Each sub- dns server is replicated from root dns server
Query Information), root dns server typically do not receive the direct inquiry of user, only receives the recursive query of sub- dns server,
To guarantee the availability of whole domain name server system.
When user accesses certain website, website is being have input(Which includes domain name)Afterwards, just there is a head first
Sub- dns server is selected to be parsed, if inquiring the IP address of corresponding website in its domain name and IP address mapping table,
Then can access immediately, if not finding the IP address corresponding to corresponding domain name on current sub- dns server, it will
Automatically inquiry request is gone to and inquired about on root dns server.If the domain name of corresponding domain name service provider, in root DNS clothes
It is can to inquire corresponding domain name/IP address certainly in business device, if what is accessed is not the net under corresponding domain name service provider domain name
Stand, then respective queries can be gone on the name server of correspondence domain name service provider.
Step 103, receives one or more IP address that the dns server specified is returned;
There are different network environments, such as telecommunications, Netcom, education network etc. in the Internet.In order that in different network environments
In can provide dns resolution for the website of the servers such as telecommunications, Netcom, education network, allow telecommunication user access telecommunications server,
The user of Netcom accesses the server of Netcom, and the user of education network accesses the server of education network, so as to reach what is interconnected
Effect, the name server of domain name service business would generally arrange the IP address that multiple different network environments are used.Additionally, in order to anti-
The appearance of the failures such as machine of only delaying, the name server of domain name service business can also be provided with standby IP address.And in practical application
In, DNS round-robin techniques can be passed through(Load balancing techniques)Realize that a domain name corresponds to multiple IP address.
Step 104, when one or more IP address for verifying the dns server return specified are legal, extracts institute
State legal IP address.
It should be noted that legal IP address can be the IP address that can normally access the webpage.
In one preferred embodiment of the invention, the step 104 can specifically include following sub-step:
Sub-step S21, IP address is carried out using one or more of IP address in preset IP address white list
Matching;
Sub-step S22, when the match is successful, extracts the IP address that the match is successful;
And/or,
Sub-step S23, IP address is carried out using one or more of IP address in preset IP address blacklist
Matching;
Sub-step S24, when the match is successful, extracts the IP address beyond the IP address that the match is successful.
It is not that each IP address can be accessed normally for different network environments, such as presence access time delay is big, visit
Ask the situations such as time-out, connection failure.Also, can also there is the name server of the domain name service provider situation such as break down causes IP
Address can not normally using access.For this purpose, IP address white list can be arranged, for recording different network environments in can be normal
The IP address for using, can also arrange IP address blacklist, for recording different network environments in can not normally use IP ground
Location.And IP address white list and IP address blacklist can be with used aloneds, it is also possible to while use, the embodiment of the present invention to this not
It is any limitation as.
After legal IP address is extracted, can access the legal IP address carries out the loading of the first webpage.
The present invention can when there is the situation of dns resolution failure, especially temporarily when dns server cannot connect,
Secondary parsing is carried out to specified dns server, so as to complete the parsing of DNS, the chance of success of dns resolution is considerably increased,
Improve Consumer's Experience.
To make those skilled in the art more fully understand the application, carry out in a Chrome browser presented below preset
Dns server address handover operation example come illustrate the present invention carrying out practically process.
(1), the domain name mapping of the first webpage is asked using getaddrinfo functions to original dns server;
(2), when parsing failure, the dns server request specified to carries out the secondary parsing of the first webpage, specifically
DnsQuery API can be used(One general-purpose interface that name server is called by BIND analysis programs storehouse, the program
Support carrys out nslookup server using some inquiry operation codes.)To complete.Wherein, the parameter for parsing is done, specific example can be with
It is as follows:
Wherein, PVOID pExtra can be used for configuring the dns server specified, and specifically, can adopt dns server
Address white list completes parsing.
With reference to Fig. 2, flow the step of show a kind of analytic method embodiment 2 of DNS according to an embodiment of the invention
Cheng Tu, specifically may comprise steps of:
Step 201 is original by present terminal when browser side monitors the dns resolution mistake for the first webpage
Dns server address resets to the dns server address specified;
Step 202, to the dns server address specified the dns resolution request of first webpage is sent, described
Dns resolution request includes the domain name of first webpage;The dns server specified is used for please according to the dns resolution
Solve corresponding one or more IP address of domain name of analysis first webpage;
Step 203, receives one or more IP address that the dns server specified is returned;
Step 204, when one or more IP address for verifying the dns server return specified are legal, extracts institute
State legal IP address;
Step 205, generates or updates legitimate ip address mapping table using the legal IP address and its corresponding domain name;
In embodiments of the present invention, can be by the result of verification(I.e. legal IP address and its corresponding domain name)It is buffered in
Locally, directly used when being and be directed to the dns resolution of the webpage next time.
When first by verification result cache new legitimate ip address mapping table is generated when local, then;As high-ranking officers again
The result cache tested updates existing legitimate ip address mapping table when local, then.
Step 206, domain name and its corresponding IP address that the reception server side sends;
Using the embodiment of the present invention, the dns resolution service that the corresponding server side in browser side can be provided, to some heat
After the legal IP address of the webpage such as door, popular, conventional is collected, browser side is sent to.
Step 207, using domain name and its corresponding IP address the legitimate ip address mapping table is updated;
Browser side can adopt the domain name and its corresponding IP address of server side transmission to supplement legitimate ip address mapping
Table.
Step 208, when the load request of the second webpage is received, extracts the domain name in the load request;
It should be noted that can be adding outside the load request for the first webpage for the load request of the second webpage
Request is carried, and the second webpage can be identical with the first webpage, it is also possible to differ with the first webpage.Similarly, second webpage
The domain name of the second webpage can be included in load request.
Step 209, using the domain name in the load request carry out in the legitimate ip address mapping table domain name
Match somebody with somebody;
Step 210, when the match is successful, extracts the corresponding legal IP address of domain name.
The domain name of the second webpage for extracting is carried out into the matching of domain name in legitimate ip address mapping table, when the match is successful
When, show the IP address of the second webpage has carried out first legitimacy verifies(Can be browser side verified, or
The corresponding server side in browser side is verified), directly can be entered using the IP address described in legitimate ip address mapping table
The loading of the webpage of row second.
The present invention will can be stored in local in browser side or server side through the IP address of legitimacy verifies
In caching, directly the loading of webpage carried out using the IP address in caching when user browses webpage again, it is to avoid enter again
The parsing of row DNS, reduces the operation burden of server, improves the efficiency of web page access.
With reference to Fig. 3, flow the step of show a kind of analytic method embodiment 3 of DNS according to an embodiment of the invention
Cheng Tu, specifically may comprise steps of:
Step 301 is original by present terminal when browser side monitors the dns resolution mistake for the first webpage
Dns server address resets to the dns server address specified;
Step 302, to the dns server address specified the dns resolution request of first webpage is sent, described
Dns resolution request includes the domain name of first webpage;The dns server specified is used for please according to the dns resolution
Solve corresponding one or more IP address of domain name of analysis first webpage;
Step 303, receives one or more IP address that the dns server specified is returned;
Step 304, when one or more IP address for verifying the dns server return specified are legal, extracts institute
State legal IP address;
Step 305, is carried out using the dns server address of present terminal in preset dns server address blacklist
The matching of dns server address;
In practice, lawless person is usually distorted the dns server address arranged in client for malicious DNS server
Address, lawless person can be by malicious DNS server address normal network address analysis to fishing website or by illegal point
On the main frame of son control, to reach the purpose gained user's wealth by cheating or steal privacy of user.
Dns server address blacklist can be the malicious DNS server address list collected in advance.For example, DNS service
Device address blacklist can be the one group of illegal dns server address collected in advance by security firm, the malice of the advance collection
Dns server address list can be the malicious DNS server address list collected in advance in client database, or also may be used
Think the malicious DNS server address list being downloaded to from website in client database.
Step 306, when the match is successful, by the dns server address of present terminal the DNS service specified is reset to
Device address;
If the match is successful, the dns server address for illustrating client is the dns server address of malice, then will dislike
Meaning dns server address is revised as the dns server address specified.For example, by edit the registry key assignments, make its sensing legal
Dns server address, so as to reach edit the registry in key assignments purpose;If matching is unsuccessful, the DNS service of letting pass
Device address, can access corresponding website.
Step 307, the dns server address specified is stored in DNS CACHE;
Restart DNS CACHE(NDS client services)Equivalent to being updated to DNS CACHE, so as to specified DNS
Server address is stored in DNS CACHE.
If being stored with malicious DNS server address in DNS CACHE, the DNS service specified can be updated to
Device address.DNS CACHE be used for it is temporary parse for the first time after dns server address, when user asks again, DNS can be with
Directly dns server address is obtained from DNS CACHE, so as to improve inquiry of the domain name efficiency.
Specifically, when the request of dns resolution next time is reached, the dns resolution request of corresponding functional query can be called
Whether corresponding dns server address is in local caching.If inquiring, the parsing data through encrypting storing are carried out
Decryption, and user is returned to, if not inquiring, to dns server analysis request is proposed.Because rogue program is attacked to internal memory
Hitting difficulty can be more than the attack difficulty to file, so the DNS by the way that buffer setting in internal memory, can be met caching parsing
Response demand, while attack of the rogue program to caching can be avoided.
Step 308, when present terminal uses DHCP service, obtains the DNS of the peripheral equipment for providing the DHCP service
Server address;
At present, there is provided DHCP(Dynamic Host Configuration Protocol, DHCP)Clothes
The peripheral equipment of business is increasingly popularized, and the peripheral equipment of the offer DHCP service being related in the embodiment of the present invention include but not
It is limited to:Router(Including but not limited to radio network router, intelligence flow control router, dynamic speed limit router, virtual flow-line
Device or broadband router etc.), gateway etc..Wherein, router can realize addressing, Route Selection, segmentation/conjunction section, storage-turn
Send out, the function such as packet filtering.Increasing family and enterprise realize the network interconnection using router.However, in router
Configuration on, therefore there are security breaches in default username and password that substantial amounts of user is also provided using manufacturer.Illegal point
Son can just distort easily any setting on router, arrange including DNS.So, it is all to be connected to by illegal point
Son distorted arrange router on client all by risk.In practice, lawless person usually will set on router
The dns server address put is distorted as malicious DNS server address, so as to malicious DNS server will be normal network address solution
Analyse on fishing website or the main frame by lawless person's control, to reach the mesh gained user's wealth by cheating or steal privacy of user
's.
In implementing, can judge whether client makes by the network interface ID in acquisition client registers table
With DHCP service.Because what is recorded in registration table is accurate dhcp server ip address, in this way can be with
Judge whether client has used DHCP service exactly.For example, can by the HKLM in the registration table of reading client
SYSTEM CurrentControlSet Services Tcpip Parameters Interfaces { GUID }
Numerical value in EnableDHCP whether used DHCP service on network interface to check.Wherein, it is generally the case that if
Numerical value in EnableDHCP is 1, then it represents that DHCP service has been used on network interface, has illustrated that client is from DHCP service
The DNS configurations of acquisition.
Furthermore, it is also possible to by the DNS clothes for obtaining the peripheral equipment with DHCP functions provided by network equipment vendor
It is engaged in device address to judge whether client has used DHCP service.It is as the peripheral equipment with DHCP functions using router
Example, the default DNS server address of the router that some producers provide is 192.168.0.1 or 192.168.1.1 etc..Cause
This, can pass through to check that the default DNS server address of router can also judge whether client has used DHCP service.
Further, it is also possible to pass through to obtain the IP address pointed by the gateway of client to judge whether client uses
DHCP service.
In one preferred embodiment of the invention, step 308 can specifically include following sub-step:
Sub-step S31, when present terminal uses DHCP service, obtains from present terminal registration table and provides DHCP service
Peripheral equipment IP address;
In actual applications, can by the HKLM from registration table SYSTEM CurrentControlSet
Services Tcpip Parameters Interfaces { GUID } DhcpServer read and DHCP service is provided outreaches
The IP address of equipment.
Sub-step S32, sets up the network connection with present terminal, by the company by the IP address of the peripheral equipment
The HTTP header data in the packet of return are connect, the model of the peripheral equipment that DHCP service is provided is obtained;
In actual applications, can be by being connected to the peripheral equipment IP address of the offer DHCP service(For example:
http://RouterIP), it is connected so as to obtain with the IP address of the peripheral equipment for providing DHCP service, and receive from the address
Returned data bag, the returned data bag includes HTTP header data, and HTTP header data include being provided with the outer of DHCP functions
The model of connection equipment.By taking TP-LINK R860 routers as an example, include in the HTTP header data of returned data bag:WWW-
Authenticate:Basic realm=" TP-LINK Router R860 ", according to this information the type of router can be obtained
Number.
Sub-step S33, using the IP address and model of the peripheral equipment, accesses the DHCP configuration pages of the peripheral equipment
Face, obtains the dns server address of the peripheral equipment from the configuration page.
According to the IP address of the network access device of acquired offer DHCP service and the outer of DHCP service can be provided
The model of connection equipment, using corresponding username and password, you can access the DHCP configurations of the peripheral equipment that DHCP service is provided
The page.For example, by taking TP-LINK routers as an example, username and password is admin, and the DHCP configuration pages of access are:
http:// 192.168.1.1/userRpm/LanDhcpServerRpm.htm, by the page DNS of router can be obtained
IP address.
Step 309, the dns server address of the peripheral equipment is carried out in the dns server address blacklist
The matching of dns server address;
In the embodiment of the present invention, the dns server address to peripheral equipment is needed to carry out the verification of legitimacy, specifically can be with
It is the matching that malicious DNS server address is carried out using dns server address blacklist.
Step 310, when the match is successful, by the dns server address of the peripheral equipment DNS for specifying is reset to
Server address.
Specifically, specified dns server address can be sent to the peripheral equipment for providing DHCP service, this outreaches and sets
For in response to specified dns server address, the DNS service that the dns server address of the peripheral equipment is revised as specifying
Device address.Wherein, specified dns server address can be built into specific data before transmitting.Further specifically,
Because the configuration page of the dns server address of the peripheral equipment of the offer DHCP service of different manufacturers production is different, institute
To need for specified dns server address to be built into the data being consistent therewith(For example:The configuration page), then the data are sent out
The peripheral equipment that DHCP service is provided is delivered to, the network access device of the offer DHCP service is received after the data, automatically
The dns server address that malicious DNS server address is revised as specifying by ground.
By taking router as an example, this modification process can show as being modified by webpage.Specifically, it is logical in client
Crossing browser submits to the configuration page, router to receive after the configuration page, and the processor in router can be run to route
The software that device is configured and managed, is automatically revised as legal dns server address by malicious DNS server address.
By taking TP-LINK routers as an example, by specified router dns server address send to:http://
192.168.1.1/userRpm/LanDhcpServerRpm.htm?dhcpserver=1&ip1=192.168.1.100&ip2=
192.168.1.199&Lease=120&gateway=0.0.0.0&domain=&d nsserver=101.226.4.6&
Dnsserver2=8.8.8.8&Submit=%B1%A3+%B4%E6, so as to pass through to change DNS clothes of the corresponding configuration router
Repair normal in business device address.
The present invention can by the way that the malicious DNS server address of present terminal is reset to into the dns server address specified,
Can effectively contain that the dns server address of client is tampered, achieve reduction lawless person by distorting dns server
Address and give user's network access risk such as bring phishing, privacy to steal, so as to improve user's Internet Security.
With reference to Fig. 4, flow the step of show a kind of analytic method embodiment 4 of DNS according to an embodiment of the invention
Cheng Tu, specifically may comprise steps of:
Step 401 is original by present terminal when browser side monitors the dns resolution mistake for the first webpage
Dns server address resets to the dns server address specified;
Step 402, to the dns server address specified the dns resolution request of first webpage is sent, described
Dns resolution request includes the domain name of first webpage;The dns server specified is used for please according to the dns resolution
Solve corresponding one or more IP address of domain name of analysis first webpage;
Step 403, receives one or more IP address that the dns server specified is returned;
Step 404, when one or more IP address for verifying the dns server return specified are legal, extracts institute
State legal IP address;
Step 405, by the legal IP address and its corresponding domain name, the ID of active user and current end
The terminal iidentification at end is uploaded to the corresponding server side in browser side;
In the embodiment of the present invention, can be by legal IP address and its corresponding domain name and the terminal iidentification one of present terminal
Rise bound after, uploaded with the personal information of the browser client, so as to user in specified equipment automatically
The parsing that calling the analysis result carries out IP address is used.
Specifically, for different application scene, terminal iidentification can have different implications.For example, it is wired for common
Online, terminal iidentification can be terminal unit number(The device number of such as computer)+ static ip address;For WIFI(Wireless network
Road communication technology)Scene, terminal iidentification can be terminal unit number(Such as device number of the equipment such as mobile phone, PAD)+ access
Device number+static ip address of WIFI equipment, etc..
Step 406, it is corresponding from browser side according to the load request when the load request of the 3rd webpage is received
It is corresponding that server side obtains the ID of active user, the domain name of the 3rd webpage of the terminal iidentification of present terminal and instruction
Legal IP address.
It should be noted that can be adding outside the load request for the first webpage for the load request of the 3rd webpage
Request is carried, and the 3rd webpage can be identical with the first webpage, it is also possible to differ with the first webpage.
Similarly, the domain name of the 3rd webpage can be included in the load request of the 3rd webpage.Specifically, browser side can be with
To the legal IP address of server side acquisition request, the request includes the ID of active user, the terminal of present terminal
Identify and indicate the domain name of corresponding 3rd webpage;Server side is used to search user's mark of active user according to the request
The corresponding legal IP address of domain name of knowledge, the terminal iidentification of present terminal and corresponding 3rd webpage of instruction, then sends
To browser side.
When browser side gets the legal IP address, then the legal IP address can be accessed, load the 3rd net
Page.
The present invention can will be stored in the individual subscriber of server side through the IP address and terminal iidentification of legitimacy verifies
In information, directly obtaining corresponding IP address to server side when user browses webpage again carries out the loading of webpage, it is to avoid
The parsing of DNS is again carried out, the operation burden of server is reduced, the efficiency of web page access is improve.Also, according to terminal
Mark carries out the association of IP address so that web page access has higher success rate.
It should be noted that for embodiment of the method, in order to be briefly described, therefore it to be all expressed as a series of action group
Close, but those skilled in the art should know, and the application is not limited by described sequence of movement, because according to this Shen
Please, some steps can adopt other orders or while carry out.Secondly, those skilled in the art also should know, description
Described in embodiment belong to preferred embodiment, necessary to involved action not necessarily the application.
With reference to Fig. 5, a kind of resolver embodiment of DNS according to an embodiment of the invention is shown, specifically can be with
Including such as lower module:
First dns server address resets module 501, is suitable to monitor to be solved for the DNS of the first webpage in browser side
During analysis mistake, the original dns server address of present terminal is reset to the dns server address specified;
Dns resolution request module 502, is suitable to send the DNS of first webpage to the dns server address specified
Analysis request, the dns resolution request includes the domain name of first webpage;The dns server specified is used for foundation
Corresponding one or more IP address of the domain name of the first webpage described in the dns resolution request analysis;
IP address receiver module 503, is suitable to receive one or more IP address that the dns server specified is returned;
First IP address extraction module 504, is suitable to verifying one or more IP that the dns server specified is returned
When address is legal, the legal IP address is extracted.
In one preferred embodiment of the invention, the dns server address resets module and can be adapted to:
DNS is carried out in preset dns server address white list using the address of the original dns server of present terminal
The matching of the address of server;
When the match is successful, the original dns server address is reset to into the dns server address of acquiescence;
When it fails to match, the original dns server address is reset in the dns server address white list
Dns server address.
In one preferred embodiment of the invention, the legitimate ip address extraction module can be adapted to:
The matching of IP address is carried out in preset IP address white list using one or more of IP address;
When the match is successful, the IP address that the match is successful is extracted;
And/or,
The matching of IP address is carried out in preset IP address blacklist using one or more of IP address;
When the match is successful, the IP address beyond the IP address that the match is successful is extracted.
In one preferred embodiment of the invention, can also include such as lower module:
Legitimate ip address mapping table management module, be suitable for use with the legal IP address and its corresponding domain name generate or
Update legitimate ip address mapping table.
In one preferred embodiment of the invention, can also include such as lower module:
Domain name extraction module, is suitable to, when the load request of the second webpage is received, extract the domain in the load request
Name;
Domain name matching module, be suitable for use with the domain name in the load request is carried out in the legitimate ip address mapping table
The matching of domain name;
Second IP address extraction module, is suitable to, when the match is successful, extract the corresponding legal IP address of domain name.
In one preferred embodiment of the invention, can also include such as lower module:
Domain name and IP address receiver module, are suitable to the domain name and its corresponding IP address of the transmission of the reception server side;
Legitimate ip address mapping table update module, is suitable for use with domain name and its corresponding IP address updates described legal
IP address mapping table.
In one preferred embodiment of the invention, can also include such as lower module:
Dns server address blacklist matching module, is suitable for use with the dns server address of present terminal preset
The matching of dns server address is carried out in dns server address blacklist;
Second dns server address resets module, is suitable to when the match is successful, by the dns server address of present terminal
Reset to the dns server address specified.
In one preferred embodiment of the invention, can also include such as lower module:
Dns server address is stored in module, is suitable to that the dns server address specified is stored in DNS CACHE.
In one preferred embodiment of the invention, can also include such as lower module:
Dns server address acquisition module, is suitable to, when present terminal uses DHCP service, obtain and provide the DHCP clothes
The dns server address of the peripheral equipment of business;
Dns server address blacklist matching module, is suitable to the dns server address of the peripheral equipment described
The matching of dns server address is carried out in dns server address blacklist;
3rd dns server address resets module, when being suitable to that the match is successful, by the dns server ground of the peripheral equipment
Location resets to the dns server address specified.
In one preferred embodiment of the invention, can also include such as lower module:
Transmission module in information, is suitable to the legal IP address and its corresponding domain name, the ID of active user
And the terminal iidentification of present terminal is uploaded to the corresponding server side in browser side.
In one preferred embodiment of the invention, can also include such as lower module:
IP address acquisition module, is suitable to when the load request of the 3rd webpage is received, according to the load request from clear
The corresponding server side in device side of looking at obtains the ID of active user, the 3rd webpage of the terminal iidentification of present terminal and instruction
The corresponding legal IP address of domain name.
For device embodiment, due to itself and embodiment of the method basic simlarity, so description is fairly simple, it is related
Part is illustrated referring to the part of embodiment of the method.
The invention also discloses a kind of browser, specifically can include such as lower module:
First dns server address resets module, is suitable to monitor the dns resolution mistake for the first webpage in browser side
Mistake, the original dns server address of present terminal is reset to the dns server address specified;
Dns resolution request module, is suitable to send the DNS solutions of first webpage to the dns server address specified
Analysis request, the dns resolution request includes the domain name of first webpage;The dns server specified is used for according to institute
State corresponding one or more IP address of domain name of the first webpage described in dns resolution request analysis;
IP address receiver module, is suitable to receive one or more IP address that the dns server specified is returned;
First IP address extraction module, is suitable to verifying one or more IP ground that the dns server specified is returned
When location is legal, the legal IP address is extracted.
In one preferred embodiment of the invention, the dns server address resets module and can be adapted to:
DNS is carried out in preset dns server address white list using the address of the original dns server of present terminal
The matching of the address of server;
When the match is successful, the original dns server address is reset to into the dns server address of acquiescence;
When it fails to match, the original dns server address is reset in the dns server address white list
Dns server address.
In one preferred embodiment of the invention, the legitimate ip address extraction module can be adapted to:
The matching of IP address is carried out in preset IP address white list using one or more of IP address;
When the match is successful, the IP address that the match is successful is extracted;
And/or,
The matching of IP address is carried out in preset IP address blacklist using one or more of IP address;
When the match is successful, the IP address beyond the IP address that the match is successful is extracted.
In one preferred embodiment of the invention, can also include such as lower module:
Legitimate ip address mapping table management module, be suitable for use with the legal IP address and its corresponding domain name generate or
Update legitimate ip address mapping table.
In one preferred embodiment of the invention, can also include such as lower module:
Domain name extraction module, is suitable to, when the load request of the second webpage is received, extract the domain in the load request
Name;
Domain name matching module, be suitable for use with the domain name in the load request is carried out in the legitimate ip address mapping table
The matching of domain name;
Second IP address extraction module, is suitable to, when the match is successful, extract the corresponding legal IP address of domain name.
In one preferred embodiment of the invention, can also include such as lower module:
Domain name and IP address receiver module, are suitable to the domain name and its corresponding IP address of the transmission of the reception server side;
Legitimate ip address mapping table update module, is suitable for use with domain name and its corresponding IP address updates described legal
IP address mapping table.
In one preferred embodiment of the invention, can also include such as lower module:
Dns server address blacklist matching module, is suitable for use with the dns server address of present terminal preset
The matching of dns server address is carried out in dns server address blacklist;
Second dns server address resets module, is suitable to when the match is successful, by the dns server address of present terminal
Reset to the dns server address specified.
In one preferred embodiment of the invention, can also include such as lower module:
Dns server address is stored in module, is suitable to that the dns server address specified is stored in DNS CACHE.
In one preferred embodiment of the invention, can also include such as lower module:
Dns server address acquisition module, is suitable to, when present terminal uses DHCP service, obtain and provide the DHCP clothes
The dns server address of the peripheral equipment of business;
Dns server address blacklist matching module, is suitable to the dns server address of the peripheral equipment described
The matching of dns server address is carried out in dns server address blacklist;
3rd dns server address resets module, when being suitable to that the match is successful, by the dns server ground of the peripheral equipment
Location resets to the dns server address specified.
In one preferred embodiment of the invention, can also include such as lower module:
Transmission module in information, is suitable to the legal IP address and its corresponding domain name, the ID of active user
And the terminal iidentification of present terminal is uploaded to the corresponding server side in browser side.
In one preferred embodiment of the invention, can also include such as lower module:
IP address acquisition module, is suitable to when the load request of the 3rd webpage is received, according to the load request from clear
The corresponding server side in device side of looking at obtains the ID of active user, the 3rd webpage of the terminal iidentification of present terminal and instruction
The corresponding legal IP address of domain name.
For browser embodiment, due to itself and embodiment of the method basic simlarity, so fairly simple, the phase of description
The part that part is closed referring to embodiment of the method illustrates.
Provided herein algorithm and display be not inherently related to any certain computer, virtual system or miscellaneous equipment.
Various general-purpose systems can also be used together based on teaching in this.As described above, construct required by this kind of system
Structure be obvious.Additionally, the present invention is also not for any certain programmed language.It is understood that, it is possible to use it is various
Programming language realizes the content of invention described herein, and the description done to language-specific above is to disclose this
Bright preferred forms.
In description mentioned herein, a large amount of details are illustrated.It is to be appreciated, however, that the enforcement of the present invention
Example can be put into practice in the case of without these details.In some instances, known method, structure is not been shown in detail
And technology, so as not to obscure the understanding of this description.
Similarly, it will be appreciated that in order to simplify the disclosure and help understand one or more in each inventive aspect, exist
Above in the description of the exemplary embodiment of the present invention, each of the present invention is grouped together into single enforcement when being assigned with
In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:I.e. required guarantor
It is specified more specified that the application claims ratio of shield is expressly recited in each claim.More precisely, such as following
Claims reflect as, inventive aspect be less than single embodiment disclosed above it is all specify.Therefore,
Thus the claims for following specific embodiment are expressly incorporated in the specific embodiment, wherein each claim itself
All as the separate embodiments of the present invention.
Those skilled in the art are appreciated that can be carried out adaptively to the module in the equipment in embodiment
Change and they are arranged in one or more equipment different from the embodiment.Can be the module or list in embodiment
Unit or component are combined into a module or unit or component, and can be divided in addition multiple submodule or subelement or
Sub-component.In addition at least some in such specified and/or process or unit is excluded each other, can adopt any
Combination is to this specification(Including adjoint claim, summary and accompanying drawing)Disclosed in all specify and so disclosed appoint
Where all processes or unit of method or equipment are combined.Unless expressly stated otherwise, this specification(Including adjoint power
Profit requires, makes a summary and accompanying drawing)Disclosed in each specify can by provide it is identical, equivalent or similar purpose replacement specify come generation
Replace.
Although additionally, it will be appreciated by those of skill in the art that some embodiments described herein include other embodiments
In some included specify rather than other are specified, but the combination specified of different embodiment means in of the invention
Within the scope of and form different embodiments.For example, in the following claims, embodiment required for protection appoint
One of meaning can in any combination mode using.
The present invention all parts embodiment can be realized with hardware, or with one or more processor operation
Software module realize, or with combinations thereof realization.It will be understood by those of skill in the art that can use in practice
Microprocessor or digital signal processor(DSP)Come some in the analyzing device for realizing DNS according to embodiments of the present invention
Or some or all functions of whole parts.The present invention be also implemented as perform method as described herein one
Partly or completely equipment or program of device(For example, computer program and computer program).It is such to realize this
The program of invention can be stored on a computer-readable medium, or can have the form of one or more signal.So
Signal can download from internet website and obtain, or provide on carrier signal, or provide in any other form.
It should be noted that above-described embodiment the present invention will be described rather than limits the invention, and ability
Field technique personnel can design without departing from the scope of the appended claims alternative embodiment.In the claims,
Any reference markss between bracket should not be configured to limitations on claims.Word "comprising" is not excluded the presence of not
Element listed in the claims or step.Word "a" or "an" before element does not exclude the presence of multiple such
Element.The present invention can come real by means of the hardware for including some different elements and by means of properly programmed computer
It is existing.If in the unit claim for listing equipment for drying, several in these devices can be by same hardware branch
To embody.The use of word first, second, and third does not indicate that any order.These words can be explained and be run after fame
Claim.
The invention discloses A1, a kind of analytic method of DNS, including:
When browser side monitors the dns resolution mistake for the first webpage, by the original dns server of present terminal
Address resets to the dns server address specified;
The dns resolution request of first webpage is sent to the dns server address specified, the dns resolution please
Asking includes the domain name of first webpage;The dns server specified is used for according to described in the dns resolution request analysis
Corresponding one or more IP address of domain name of first webpage;
Receive one or more IP address that the dns server specified is returned;
When one or more IP address for verifying the dns server return specified are legal, it is described legal to extract
IP address.
A2, the method as described in A1, the dns server address that present terminal is original resets to the DNS clothes specified
The step of business device address, includes:
DNS is carried out in preset dns server address white list using the address of the original dns server of present terminal
The matching of the address of server;
When the match is successful, the original dns server address is reset to into the dns server address of acquiescence;
When it fails to match, the original dns server address is reset in the dns server address white list
Dns server address.
A3, the method as described in A1, one or more IP address that the dns server specified when verification is described is returned
When legal, include the step of extract the legal IP address:
The matching of IP address is carried out in preset IP address white list using one or more of IP address;
When the match is successful, the IP address that the match is successful is extracted;
And/or,
The matching of IP address is carried out in preset IP address blacklist using one or more of IP address;
When the match is successful, the IP address beyond the IP address that the match is successful is extracted.
A4, the method as described in A1, on one or more IP ground that the dns server specified when verification is described is returned
When location is legal, the step of extract the legal IP address after, also include:
Legitimate ip address mapping table is generated or updated using the legal IP address and its corresponding domain name.
A5, the method as described in A4, also include:
When the load request of the second webpage is received, the domain name in the load request is extracted;
The matching of domain name is carried out in the legitimate ip address mapping table using the domain name in the load request;
When the match is successful, the corresponding legal IP address of domain name is extracted.
A6, the method as described in A4, also include:
Domain name and its corresponding IP address that the reception server side sends;
The legitimate ip address mapping table is updated using domain name and its corresponding IP address.
A7, the method as described in A1 or A2 or A3 or A4, in when the verification specified dns server return
Or multiple IP address it is legal when, the step of extract the legal IP address after, also include:
Dns server is carried out in preset dns server address blacklist using the dns server address of present terminal
The matching of address;
When the match is successful, the dns server address of present terminal is reset to into the dns server address specified.
A8, the method as described in A7, also include:
The dns server address specified is stored in DNS CACHE.
A9, the method as described in A7, also include:
When present terminal uses DHCP service, the dns server ground of the peripheral equipment that the DHCP service is provided is obtained
Location;
The dns server address of the peripheral equipment is carried out into dns server in the dns server address blacklist
The matching of address;
When the match is successful, the dns server address of the peripheral equipment is reset to into the dns server ground specified
Location.
A10, the method as described in A1 or A3, also include:
By the legal IP address and its terminal of corresponding domain name, the ID of active user and present terminal
Mark is uploaded to the corresponding server side in browser side.
A11, the method as described in A10, also include:
When the load request of the 3rd webpage is received, according to the load request from the corresponding server side in browser side
Obtain ID, the corresponding legal IP of domain name of the 3rd webpage of the terminal iidentification of present terminal and instruction of active user
Address.
The invention also discloses B12, a kind of resolver of DNS, including:
First dns server address resets module, is suitable to monitor the dns resolution mistake for the first webpage in browser side
Mistake, the original dns server address of present terminal is reset to the dns server address specified;
Dns resolution request module, is suitable to send the DNS solutions of first webpage to the dns server address specified
Analysis request, the dns resolution request includes the domain name of first webpage;The dns server specified is used for according to institute
State corresponding one or more IP address of domain name of the first webpage described in dns resolution request analysis;
IP address receiver module, is suitable to receive one or more IP address that the dns server specified is returned;
First IP address extraction module, is suitable to verifying one or more IP ground that the dns server specified is returned
When location is legal, the legal IP address is extracted.
B13, the device as described in B12, the dns server address resets module and is further adapted for:
DNS is carried out in preset dns server address white list using the address of the original dns server of present terminal
The matching of the address of server;
When the match is successful, the original dns server address is reset to into the dns server address of acquiescence;
When it fails to match, the original dns server address is reset in the dns server address white list
Dns server address.
B14, the device as described in B12, the legitimate ip address extraction module is further adapted for:
The matching of IP address is carried out in preset IP address white list using one or more of IP address;
When the match is successful, the IP address that the match is successful is extracted;
And/or,
The matching of IP address is carried out in preset IP address blacklist using one or more of IP address;
When the match is successful, the IP address beyond the IP address that the match is successful is extracted.
B15, the device as described in B12, also include:
Legitimate ip address mapping table management module, be suitable for use with the legal IP address and its corresponding domain name generate or
Update legitimate ip address mapping table.
B16, the device as described in B15, also include:
Domain name extraction module, is suitable to, when the load request of the second webpage is received, extract the domain in the load request
Name;
Domain name matching module, be suitable for use with the domain name in the load request is carried out in the legitimate ip address mapping table
The matching of domain name;
Second IP address extraction module, is suitable to, when the match is successful, extract the corresponding legal IP address of domain name.
B17, the device as described in B15, also include:
Domain name and IP address receiver module, are suitable to the domain name and its corresponding IP address of the transmission of the reception server side;
Legitimate ip address mapping table update module, is suitable for use with domain name and its corresponding IP address updates described legal
IP address mapping table.
B18, the device as described in B12 or B13 or B14 or B15, also include:
Dns server address blacklist matching module, is suitable for use with the dns server address of present terminal preset
The matching of dns server address is carried out in dns server address blacklist;
Second dns server address resets module, is suitable to when the match is successful, by the dns server address of present terminal
Reset to the dns server address specified.
B19, the device as described in B18, also include:
Dns server address is stored in module, is suitable to that the dns server address specified is stored in DNS CACHE.
B20, the device as described in B18, also include:
Dns server address acquisition module, is suitable to, when present terminal uses DHCP service, obtain and provide the DHCP clothes
The dns server address of the peripheral equipment of business;
Dns server address blacklist matching module, is suitable to the dns server address of the peripheral equipment described
The matching of dns server address is carried out in dns server address blacklist;
3rd dns server address resets module, when being suitable to that the match is successful, by the dns server ground of the peripheral equipment
Location resets to the dns server address specified.
B21, the device as described in B12 or B14, also include:
Transmission module in information, is suitable to the legal IP address and its corresponding domain name, the ID of active user
And the terminal iidentification of present terminal is uploaded to the corresponding server side in browser side.
B22, the device as described in B21, also include:
IP address acquisition module, is suitable to when the load request of the 3rd webpage is received, according to the load request from clear
The corresponding server side in device side of looking at obtains the ID of active user, the 3rd webpage of the terminal iidentification of present terminal and instruction
The corresponding legal IP address of domain name.
The invention also discloses C23, a kind of browser, including the resolver of the DNS any one of B12 to B22.