CN103840984B - Detect the method and apparatus without webmaster type Ethernet switch configuration file conflict - Google Patents
Detect the method and apparatus without webmaster type Ethernet switch configuration file conflict Download PDFInfo
- Publication number
- CN103840984B CN103840984B CN201410071887.3A CN201410071887A CN103840984B CN 103840984 B CN103840984 B CN 103840984B CN 201410071887 A CN201410071887 A CN 201410071887A CN 103840984 B CN103840984 B CN 103840984B
- Authority
- CN
- China
- Prior art keywords
- configuration file
- information
- sniff
- message
- checking information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Small-Scale Networks (AREA)
Abstract
The present invention provides a kind of detection to be included without webmaster type Ethernet switch configuration file collision method, this method:Calculate configuration file checking information corresponding to the customizing messages of configuration file;Calculate loopback detection information;Send the first sniff message of the configuration file checking information and loopback detection information that carry generation;Receive the second sniff message;When the second sniff message configuration file checking information with generate configuration file checking information is identical and the loopback detection information of the second sniff message is different from the loopback detection information of generation, determine configuration file conflict.As can be seen here, the configuration file in the detectable network of the present invention without webmaster type Ethernet machine with the presence or absence of illegal copies.
Description
Technical field
The present invention relates to communication technique field, more particularly to a kind of detection to rush without webmaster type Ethernet switch configuration file
Prominent method and apparatus.
Background technology
The devices such as CPU, memory, mac controller and PHY controllers are generally included without webmaster type Ethernet switch.Its
Middle EEPROM(Electrically Erasable Programmable Read Only Memory, electronic type, which can erase, to be compiled
Journey read-only memory)Or the less FLASH of capacity(Flash memory)Can be as the memory without webmaster type Ethernet switch.
After starting without webmaster type Ethernet switch, the bootstrap progress hardware for reading memory FX is initial
Change, the configuration file in memory is then read by BootRom programs, MAC Address is set according to the parameter of configuration file
And mac controller, complete whole start-up course.Do not allow to change device configuration by user without webmaster type Ethernet switch.
It is limited without webmaster type interchanger storage space, simple BootROM programs can only be run, it is difficult to pass through webmaster system
System operation particular software application is false proof to carry out.Configurator without webmaster type Ethernet switch is generally in a manner of configuration file
Solidification is in memory.Counterfeiter need not obtain software source code, and directly configuration file is copied, and can obtain and originate in
The identical MAC register configurations of product, that is, can complete counterfeit software feature.
The content of the invention
The invention provides a kind of configuration file collision method and device of the detection without webmaster type Ethernet switch, can examine
Measure in network and cause configuration file conflict without the configuration file illegally copied on webmaster type Ethernet switch.
For achieving the above object, rushed the invention provides one kind detection without webmaster type Ethernet switch configuration file
Burst method, this method include:Calculate configuration file checking information corresponding to the customizing messages of configuration file;Calculate loopback detection letter
Breath;Send the first sniff message of the configuration file checking information and loopback detection information that carry generation;Second is received to smell
Visit message;When the configuration file checking information of the second sniff message is identical with the configuration file checking information of generation and the second sniff
The loopback detection information of message is different from the loopback detection information of generation, determines configuration file conflict.
To achieve the above object, present invention also offers one kind detection without webmaster type Ethernet switch configuration file conflict
Device, the device includes:Computing unit, for calculating configuration file checking information corresponding to the customizing messages of configuration file,
And calculate loopback detection information;Transmitting element, configuration file checking information and the loopback inspection of generation are carried for sending
First sniff message of measurement information;Receiving unit, for receiving the second sniff message;Detection unit, for when the second sniff report
The configuration file checking information of text and generation configuration file checking information is identical and the loopback detection information of the second sniff message
Different from the loopback detection information of generation, configuration file conflict is determined.
As can be seen here, the invention provides method of the detection without webmaster type Ethernet switch configuration file conflict, it is used for
Detect in network without webmaster type Ethernet machine with the presence or absence of the configuration file illegally copied.
Brief description of the drawings
Fig. 1 is flow chart of the detection without webmaster type Ethernet switch configuration file conflict provided in an embodiment of the present invention.
Fig. 2 is sniff message structure figure in embodiment of the present invention.
Fig. 3 is a kind of building-block of logic of the false proof device of no webmaster type Ethernet switch in embodiment of the present invention.
Embodiment
For the objects, technical solutions and advantages of the present invention are more clearly understood, develop simultaneously embodiment referring to the drawings, right
Scheme of the present invention is described in further detail.
Referring to Fig. 1, the present invention provides a kind of method for anti-counterfeit of no webmaster type Ethernet switch, performs following steps:
Step S101, calculate configuration file checking information corresponding to the customizing messages of configuration file and calculate loopback detection
Information;
Step S102, send the first sniff report of the configuration file checking information and loopback detection information that carry generation
Text.
Step S103, receive the second sniff message.
Step S104, when the configuration file checking information of the second sniff message is identical with the configuration file checking information generated
And second sniff message loopback detection information be different from generation loopback detection information, determine configuration file authentication conflicts.
When starting without webmaster type Ethernet switch, integrality and legal can be carried out to configuration file by existing manner
Property verification.For example, equipment vendors carry out CRC using special algorithm when compiling configuration file to whole configuration file content
(Cyclic Redundancy Check, CRC)Verification, configuration file fixed position is stored in by check value(Example
Such as end up place).After starting without webmaster type Ethernet switch, CRC schools are re-started to configuration file content according to same algorithm
Test, then by check value compared with the CRC check value of configuration file fixed position, if the same think that configuration file is complete,
Otherwise it is assumed that this document is imperfect.Having for legitimacy and integrality is carried out without webmaster type Ethernet switch verification configuration file
Implementation has many kinds, and the present invention is no longer described in detail one by one.
After completing configuration file integrality and legitimacy verifies without webmaster type Ethernet switch, according to preset time period
The sniff message for carrying configuration file checking information and loopback detection information is sent to current network.When wherein above-mentioned default
Between the cycle should not set too short, otherwise may cause occur a large amount of sniff messages in network, take network bandwidth resources, and increase
Facility load.Certainly preset time period should not also be set long, otherwise may bring difficulty to loopback detection.In the present embodiment
In, configuration file checking information is to calculate checking information based on the information in configuration file with uniqueness using preset algorithm.
Loopback detection information can be that no webmaster type Ethernet switch first generates one group of character string at random, then the word to generating at random
Symbol string carries out HASH calculating, obtained hash value(Sample value)It can serve as loopback detection information.Therefore, no webmaster type ether
Network switch is according to configuration file checking information, the configuration file as judging whether, and is sentenced according to loopback detection information
The disconnected sniff message received whether be loopback sniff message, that is, judge the same configuration file whether be this equipment configuration text
Part, in order to avoid erroneous judgement configuration file conflict.
Referring to Fig. 2, the standard architecture of two layers of ether network packet can be used to be constructed for sniff message.In the sniff message
Purpose MAC is the specific reservation protocol multicast address of 01-80-C2-00-00-XX sections;Source MAC is for equipment bridge MAC itself
Location;Type protocol numbers are special identifier, such as use 0x88DD;Configuration file checking is carried in the message content of the sniff message
Information and loopback detection information.
In the present embodiment, no webmaster type Ethernet switch can be using MAC Address in configuration file as having uniqueness
Customizing messages, the MAC Address in configuration file is calculated according to default HASH algorithms, using the hash value being calculated as matching somebody with somebody
Put file verification information.
When receiving in network other sniff messages without webmaster type Ethernet switch without webmaster type Ethernet switch, solution
The configuration file checking information and loopback detection information in the sniff message received are analysed, when the configuration file of the sniff message received
Checking information is identical with the configuration file checking information generated to be judged as configuration file conflict;When the configuration of the sniff message received
File verification information and loopback detection information and the configuration file checking information and loopback detection all same of generation, are judged as receiving
Sniff message be this equipment that other equipment is sent back sniff message.
The number of the configuration file conflict detected can be also further recorded without webmaster type Ethernet switch, when detecting
The number of configuration file conflict exceed predetermined threshold value(Such as 3 times), judge that anti-fake certificate fails, by default a series of anti-
User is prompted in pseudo-operation.For example, the part or all of port LED of no webmaster type Ethernet switch is according to certain order light on and off
Or flicker;Or without webmaster type Ethernet switch not allow new port to put enabled;Or without webmaster type Ethernet exchanging
Machine MAC chips stop forwarding message.
When without webmaster type Ethernet switch because anti-fake certificate failure and stop the data message forwarding of MAC chips, this
Sample copied illegal configuration file without webmaster type Ethernet switch and the legal configuration file of storage without webmaster type ether
Network switch can not all participate in data forwarding in network, then user needs to match somebody with somebody without webmaster type Ethernet switch copy legal copy
File is put, can just make whether there is webmaster type Ethernet switch normal work in network.
As shown in figure 3, device 300 of the detection without webmaster type Ethernet switch configuration file conflict provided by the invention wraps
Include, computing unit 301, transmitting element 302, receiving unit 303, detection unit 304 and anti-dummy unit 305.
Computing unit 301, for calculating configuration file checking information corresponding to the customizing messages of configuration file, and calculate
Loopback detection information;Transmitting element 302, the configuration file checking information and loopback detection information of generation are carried for sending
The first sniff message;Receiving unit, 303, for receiving the second sniff message;Detection unit 304, for when the second sniff report
The configuration file checking information of text and generation configuration file checking information is identical and the loopback detection information of the second sniff message
Different from the loopback detection information of generation, configuration file authentication conflicts are determined.
Detection unit 304, it is additionally operable to when the configuration file checking information of the second sniff message is different from matching somebody with somebody for generation
File verification information is put, determines that configuration file does not conflict.
The detection unit 304, it is additionally operable to configuration file checking information and loopback detection when the second sniff message
Information is identical with the configuration file checking information and loopback detection information that generate, and it is the institute of loopback to determine the second sniff message
State the first sniff message.
Anti- dummy unit 305, for the number of record profile conflict, when the number of the configuration file conflict of record reaches
During predetermined threshold value, the false proof failure of configuration file is determined.
The computing unit is that the information with uniqueness is as customizing messages according to using in configuration file, and for example configuration is literary
Device mac address in part.
Anti- dummy unit 305 can also further prompt to make prompting user anti-fake certificate failure.Anti- dummy unit 305 can be by equipment
Part or all of port LED according to certain order light on and off or flicker, do not allow to enable new port and put enabled, or notice
MAC chips stop forwarding message.
By the description of above example, it will be appreciated by those skilled in the art that the unit in embodiment in device can close
And be a unit, multiple subelements can also be further split into.
These are only presently preferred embodiments of the present invention, be not intended to limit the invention, it is all the present invention spirit and
Within principle, any modification, equivalent substitution and improvements done etc., it should be included within the scope of protection of the invention.
Claims (8)
1. one kind detection is without webmaster type Ethernet switch configuration file collision method, it is characterised in that methods described includes:
Calculate configuration file checking information corresponding to the customizing messages of configuration file;
Calculate loopback detection information;Wherein, the loopback detection information to the character string generated at random by carrying out HASH calculating
Obtain;
Send the first sniff message of the configuration file checking information and loopback detection information that carry generation;
Receive the second sniff message;
When the configuration file checking information of the second sniff message is identical with the configuration file checking information of generation and the second sniff report
The loopback detection information of text is different from the loopback detection information of generation, determines configuration file conflict;
Wherein, the number of record profile conflict;
When the number of the configuration file conflict of record reaches predetermined threshold value, the false proof failure of configuration file is determined.
2. the method as described in claim 1, it is characterised in that methods described also includes:
When the second sniff message configuration file checking information be different from generation configuration file checking information, it is determined that configuration
File does not conflict.
3. the method as described in claim 1, it is characterised in that methods described also includes:
Verify and believe with the configuration file of generation when the configuration file checking information and loopback detection information of the second sniff message
Breath is identical with loopback detection information, and it is the first sniff message of loopback to determine the second sniff message.
4. the method as described in claim 1, it is characterised in that the customizing messages is the uniqueness letter in the configuration file
Breath.
5. a kind of device of the detection without webmaster type Ethernet switch configuration file conflict, it is characterised in that described device includes:
Computing unit, for calculating configuration file checking information corresponding to the customizing messages of configuration file, and calculate loopback inspection
Measurement information;Wherein, the loopback detection information is calculated by carrying out HASH to the character string generated at random;
Transmitting element, for sending the first sniff report of the configuration file checking information and loopback detection information that carry generation
Text;
Receiving unit, for receiving the second sniff message;
Detection unit is identical with the configuration file checking information generated for the configuration file checking information when the second sniff message
And second sniff message loopback detection information be different from generation loopback detection information, determine configuration file conflict;
Wherein, described device also includes:
Anti- dummy unit, for the number of record profile conflict, when the number of the configuration file conflict of record reaches default threshold
During value, the false proof failure of configuration file is determined.
6. device as claimed in claim 5, it is characterised in that
The detection unit, it is additionally operable to when the configuration file checking information of the second sniff message is different from the configuration text of generation
Part checking information, determine that configuration file does not conflict.
7. device as claimed in claim 5, it is characterised in that
The detection unit, it is additionally operable to the configuration file checking information when the second sniff message and loopback detection information and life
Into configuration file checking information it is identical with loopback detection information, it is described the first of loopback to smell to determine the second sniff message
Visit message.
8. device as claimed in claim 5, it is characterised in that the customizing messages is the uniqueness letter in the configuration file
Breath.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410071887.3A CN103840984B (en) | 2014-02-28 | 2014-02-28 | Detect the method and apparatus without webmaster type Ethernet switch configuration file conflict |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410071887.3A CN103840984B (en) | 2014-02-28 | 2014-02-28 | Detect the method and apparatus without webmaster type Ethernet switch configuration file conflict |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103840984A CN103840984A (en) | 2014-06-04 |
| CN103840984B true CN103840984B (en) | 2018-02-09 |
Family
ID=50804146
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410071887.3A Active CN103840984B (en) | 2014-02-28 | 2014-02-28 | Detect the method and apparatus without webmaster type Ethernet switch configuration file conflict |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103840984B (en) |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101399814B (en) * | 2007-09-30 | 2012-08-08 | 华为技术有限公司 | Method, system and device for verifying relation between data link layer address and sending side |
| CN101729262B (en) * | 2009-11-03 | 2012-12-12 | 福建星网锐捷网络有限公司 | Configuration method of non-webmaster type switchboard and non-webmaster type switchboard |
| US9215193B2 (en) * | 2009-12-28 | 2015-12-15 | Broadcom Corporation | System and method for enhanced energy control policy for unmanaged switch applications |
| CN102006202A (en) * | 2010-11-25 | 2011-04-06 | 杭州华三通信技术有限公司 | Router identification collision detection method and router |
-
2014
- 2014-02-28 CN CN201410071887.3A patent/CN103840984B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN103840984A (en) | 2014-06-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11636196B2 (en) | Misuse detection method, misuse detection electronic control unit, and misuse detection system | |
| US9674216B2 (en) | Testing integrity of property data of a device using a testing device | |
| JPWO2018105330A1 (en) | Information processing method, information processing system, and program | |
| CN109561085A (en) | A kind of auth method based on EIC equipment identification code, server and medium | |
| KR101831604B1 (en) | Method for transmitting data, method for authentication, and server for executing the same | |
| KR100618379B1 (en) | Apparatus for verifying integrity of device memory remotely and system thereof and method for verifying integrity | |
| CN104579558A (en) | Method for detecting integrity in data transmission process | |
| CN104216830A (en) | Method and system for detecting consistency of equipment software | |
| CN110363010A (en) | A kind of safety startup of system method based on MPSoC chip | |
| CN112149066A (en) | Activation verification method and device for software | |
| JP2015098312A (en) | On-vehicle network system | |
| CN112000853A (en) | Method, medium, client and server for generating/feeding back unique identifier of equipment | |
| CN107632909B (en) | Method and system for automatically testing device functions | |
| CN109274636A (en) | Data safe transmission method and its device, system, train | |
| CN103840984B (en) | Detect the method and apparatus without webmaster type Ethernet switch configuration file conflict | |
| JP2015200971A (en) | Control system equipped with falsification detection function | |
| CN114389895B (en) | Ethernet frame safe transmission method, device and system | |
| CN106156548A (en) | Authentication method and device for program encryption | |
| CN107292172B (en) | Method for automatically verifying a target computer file with respect to a reference computer file | |
| JP2019029921A (en) | Transmitter, receiver, and communication method | |
| JP2020034486A (en) | Inspection system | |
| CN116341011B (en) | Detection system and method | |
| CN109561093A (en) | Ultra vires act detection method, device, computer equipment and storage medium | |
| JP2006140881A (en) | Network identifier generation device with authenticating information and apparatus authenticating device | |
| CN112468358B (en) | Protocol detection method, system, equipment and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Applicant after: Xinhua three Technology Co., Ltd. Address before: 310053 Hangzhou hi tech Industrial Development Zone, Zhejiang province science and Technology Industrial Park, No. 310 and No. six road, HUAWEI, Hangzhou production base Applicant before: Huasan Communication Technology Co., Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |