CN105554170B - A kind of processing method of DNS message, apparatus and system - Google Patents

A kind of processing method of DNS message, apparatus and system Download PDF

Info

Publication number
CN105554170B
CN105554170B CN201510906204.6A CN201510906204A CN105554170B CN 105554170 B CN105554170 B CN 105554170B CN 201510906204 A CN201510906204 A CN 201510906204A CN 105554170 B CN105554170 B CN 105554170B
Authority
CN
China
Prior art keywords
dns
message
address
user
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510906204.6A
Other languages
Chinese (zh)
Other versions
CN105554170A (en
Inventor
�原浩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ruijie Networks Co Ltd
Original Assignee
Fujian Star Net Communication Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fujian Star Net Communication Co Ltd filed Critical Fujian Star Net Communication Co Ltd
Priority to CN201510906204.6A priority Critical patent/CN105554170B/en
Publication of CN105554170A publication Critical patent/CN105554170A/en
Application granted granted Critical
Publication of CN105554170B publication Critical patent/CN105554170B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/568Storing data temporarily at an intermediate stage, e.g. caching

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a kind of processing methods of DNS message, include the following steps, obtain legal dns server address;Receive the DNS message that unauthenticated user is sent;When the IP address in the DNS message is not in DNS clearance address table, dns server is sent for the DNS message according to the dns server address, in order to which the dns server determines the DNS message for forgery DNS message.Meanwhile the invention also discloses the processing units and system of a kind of DNS message.So as to solve the problem of that the existing unauthenticated user under web authentication scene escapes certification by disguise as DNS message.

Description

A kind of processing method of DNS message, apparatus and system
Technical field
The present invention relates to network communication technologies, and in particular, to a kind of processing method of DNS message, apparatus and system.
Background technique
Web authentication is a kind of web-based certification, and unauthenticated user inputs any URL in browser address bar (Uniform Resource Locator, uniform resource locator), HTTP (Hypertext Transfer Protocol, Hypertext transfer protocol) message can all intercept and capture by access device.Access device disguise oneself as user it is expected access website, with user After establishing TCP (Transmission Control Protocol, transmission control protocol) connection, by pre-set certification Page push to reach user's on-line authentication, and does not have to the purpose of installation Authentication Client to user.As shown in Figure 1, complete Web authentication process includes the following steps:
S1, user PC starting after, passing through DHCP, (Dynamic Host Configuration Protocol, dynamic are main Machine configuration protocol) agreement obtains IP address automatically;Or ether Netcom is carried out according to the IP address set in operating system network interface card News;
S2, user input any URL in the address field of unverified PC browser, access Web server;Browser pass through to Dns server inquiry, the IP address of website where obtaining the URL.Then, browser initiates the connection request to the address, establishes To the connection of Web server;
S3, access device intercept and capture message, and disguise oneself as Web server, establishes TCP connection with unverified PC;
S4, PC issue the get request of HTTP;
S5, access device respond the request, tell that PC redirect address is page push Eportal server address;
S6, PC establish connection according to the address, with Eportal server, and request certification page;
S7, Eportal server return authentication page;
S8, PC submit user name password, to RADIUS (remotely accessing Dial-In User Service) server by certification page Certification;
S9, RADIUS are returned or failure or success message, is failed by Eportal pushing certification or the successful page;If Failed message is returned to, then user accesses Web server failure, will repeat step S2-S9;
If S10, returned successfully, user accesses Web server by browser, can normally access, will not be reset To arrive certification page;
Can see from above-mentioned verification process, access device user's web authentication success before, it would be desirable to be able to let pass DHCP and DNS message.Clearance DHCP message, with ensure PC can dynamic acquisition to IP address;Clearance DNS message, to guarantee to get User accesses the corresponding IP address of URL.Access device is destination port number (the UDP target side of DNS by identifying UDP message The destination port number that slogan is 53, DHCP is 67), to identify DNS and DHCP message.
It will appear a problem in this way: by setting up a dns-proxy server, running DNS generation on the PC of another user Software is managed, the data message externally sent is all encapsulated in DNS message (or the message that UDP destination port number is 53, only Content modification therein is customized content) it is sent to dns-proxy server.Since access device can let pass DNS message, institute It can be forwarded to dns-proxy server with message, after then decapsulating message by dns-proxy server, according to the purpose of message Address is sent to actual address, and vice versa.Web authentication can be escaped by this method, thus realize that authentication-exempt is surfed the Internet, Escape supervision.The prior art is by way of configuring dns server white list, i.e., using visit on the upper united mouth of access device Ask that control list ACL, the DNS message of only specified dns server pass through, the message to unspecified dns server can not Pass through.This mode has that two comparisons are serious:
(1) user having is for network acceleration by dns-proxy server online, and this mode will lead to user's purchase Network acceleration service be not available completely.After this scheme, even if after certification passes through, to the report of dns-proxy server Text can not also pass through, and the legitimate rights and interests of user not can guarantee.
(2) there are problems for operation ease for use mode.After dns server change, need to adjust on all access switch The configuration of DNS white list, it is very troublesome in management.
Summary of the invention
In view of this, the embodiment of the invention provides a kind of processing methods of DNS message, apparatus and system, to solve It is existing under web authentication scene, the problem of unauthenticated user escapes certification by disguise as DNS message.
Technical solution of the embodiment of the present invention is as follows:
A kind of processing method of DNS message, comprising:
Obtain legal domain name dns server address;
Receive the DNS message that unauthenticated user is sent;When the IP address in the DNS message is not preconfigured When in DNS clearance address table, dns server is sent for the DNS message according to the dns server address, in order to institute It states dns server and determines whether the DNS message is to forge DNS message.
A kind of processing unit of DNS message, comprising:
Address acquisition module, for obtaining legal dns server address;
Message receiving module, for receiving the DNS message of unauthenticated user transmission;
Judgment module, for judging the IP address in the DNS message whether in DNS clearance address table;
Message sending module, for when the IP address in the DNS message is not in preconfigured DNS clearance address When in table, dns server is sent for the DNS message according to the dns server address, in order to the dns server Determine whether the DNS message is to forge DNS message.
A kind of processing system of DNS message, comprising:
Access device, for obtaining legal dns server address;Receive the DNS message that unauthenticated user is sent;Work as institute When stating the IP address in DNS message not in preconfigured DNS clearance address table, according to the dns server address Dns server is sent by the DNS message;
The dns server, for determining whether the DNS message is to forge DNS message.
The embodiment of the present invention is by obtaining legal dns server address;Receive the DNS message that unauthenticated user is sent; It, will be described according to the dns server address when the IP address in the DNS message is not in DNS clearance address table DNS message is sent to dns server, in order to which the dns server determines the DNS message for forgery DNS message.It solves Under web authentication scene, the problem of unauthenticated user escapes certification by disguise as DNS message.
Other features and advantages of the present invention will be illustrated in the following description, also, partly becomes from specification It obtains it is clear that understand through the implementation of the invention.The objectives and other advantages of the invention can be by written explanation Specifically noted structure is achieved and obtained in book, claims and attached drawing.
Detailed description of the invention
Fig. 1 is web authentication method flow diagram in the prior art;
Fig. 2 is the method flow diagram of one embodiment of the invention;
Fig. 3 is the method flow diagram of one embodiment of the invention;
Fig. 4 is the apparatus structure block diagram of one embodiment of the invention;
Fig. 5 is the apparatus structure block diagram of one embodiment of the invention;
Fig. 6 is the system structure diagram of one embodiment of the invention.
Specific embodiment
The embodiment of the present invention is illustrated below in conjunction with attached drawing, it should be understood that embodiment described herein is only used In the description and interpretation present invention, it is not intended to limit the present invention.
For existing problem, the embodiment of the invention provides a kind of processing methods of DNS message to solve the problems, such as this.
As shown in Fig. 2, in embodiments of the present invention, propose a kind of processing method of DNS message, include the following steps,
S101 obtains legal dns server address;
S103 receives the DNS message that unauthenticated user is sent;
S105, when the IP address in the DNS message is not in preconfigured DNS clearance address table, according to The DNS message is sent dns server by the dns server address, in order to which the dns server determines that the DNS is reported Whether text is to forge DNS message.
The embodiment solves under web authentication scene, and unauthenticated user escapes asking for certification by disguise as DNS message Topic.
Optionally, step S101 is specifically included:
The information of DNS in the DHCP OFFER message of Dynamic Host Configuration Protocol server feedback is detected, with obtaining legal dns server Location.The legal dns server address is pre-configured on the dhcp server.
Optionally, as shown in figure 3, in the embodiment further include:
The IP address of the user is added when user authentication passes through for step S107, the web authentication request for receiving user In the DNS clearance address table.
Optionally, step S105 is specifically included:
When the IP address in the DNS message is not in preconfigured DNS clearance address table, according to described The DNS message is sent dns server by dns server address, in order to which the dns server is judging the DNS report There are determine whether the DNS message is to forge DNS message in text when user's custom content.
Optionally, further include the DNS message for receiving the user that certification passes through and sending after step S107, check the user's When IP is in DNS clearance address table, clearance DNS message.User can carry out adding for network by dns-proxy server in this way Speed.After authenticating user offline, the IP of user is deleted from DNS clearance address table.
The present invention also proposes another embodiment, as shown in figure 4, providing a kind of processing unit of DNS message, comprising:
Address acquisition module 201, for obtaining legal dns server address;
Message receiving module 203, for receiving the DNS message of unauthenticated user transmission;
Judgment module 205, for judging the IP address in the DNS message whether in preconfigured DNS clearance In address table;
Message sending module 207, for not letting pass in preconfigured DNS when the IP address in the DNS message When in address table, dns server is sent for the DNS message according to the dns server address, in order to DNS clothes Business device determines whether the DNS message is to forge DNS message.
The embodiment solves under web authentication scene, and unauthenticated user escapes asking for certification by disguise as DNS message Topic.
Optionally, address acquisition module 201 is specifically used for: DNS in the DHCPOFFER message of detection Dynamic Host Configuration Protocol server feedback Information, obtain legal dns server address.The legal dns server address is pre-configured on the dhcp server.
Optionally, as shown in figure 5, in the embodiment further include:
Clearance address table setup module 209, the web authentication for receiving user is requested, when user authentication passes through, by this The IP address of user is added in the preconfigured DNS clearance address table.
Optionally, message sending module 207 is specifically used for, when the IP address in the DNS message is not matched in advance When in the DNS clearance address table set, dns server is sent for the DNS message according to the dns server address, so as to In the dns server, there are determine the DNS message when user's custom content to forge DNS in judging the DNS message Message.
Optionally, message sending module 207 is also used to when the IP address in the DNS message is preconfigured When in DNS clearance address table, clearance DNS message.User can carry out the acceleration of network by dns-proxy server in this way.
Optionally, clearance address table setup module 209 is also used to after authenticating user offline, by the IP of user from preparatory It is deleted in the DNS clearance address table of configuration.
The present invention also proposes another embodiment, as shown in fig. 6, providing a kind of processing system of DNS message, comprising:
Access device 301, for obtaining legal dns server address;Receive the DNS message that unauthenticated user is sent; When the IP address in the DNS message is not in preconfigured DNS clearance address table, according to the dns server The DNS message is sent dns server by address;
Dns server 303, for determining whether the DNS message is to forge DNS message.
The embodiment solves under web authentication scene, and unauthenticated user escapes asking for certification by disguise as DNS message Topic.
Optionally, dns server 303 is specifically used for, and there are true when user's custom content in judging the DNS message The fixed DNS message is to forge DNS message.
Those of ordinary skill in the art will appreciate that all or part of the steps that realization above-described embodiment method carries is can To instruct relevant hardware to complete by program, the program be can store in a kind of computer readable storage medium, The program when being executed, includes the steps that one or a combination set of embodiment of the method.
It, can also be in addition, each functional unit in each embodiment of the present invention can integrate in a processing module It is that each unit physically exists alone, can also be integrated in two or more units in a module.Above-mentioned integrated mould Block both can take the form of hardware realization, can also be realized in the form of software function module.The integrated module is such as Fruit is realized and when sold or used as an independent product in the form of software function module, also can store in a computer In read/write memory medium.
It should be understood by those skilled in the art that, the embodiment of the present invention can provide as method, system or computer program Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the present invention Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the present invention, which can be used in one or more, The shape for the computer program product implemented in usable storage medium (including but not limited to magnetic disk storage and optical memory etc.) Formula.
The present invention be referring to according to the method for the embodiment of the present invention, the process of equipment (system) and computer program product Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates, Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one The step of function of being specified in a box or multiple boxes.
Obviously, various changes and modifications can be made to the invention without departing from essence of the invention by those skilled in the art Mind and range.In this way, if these modifications and changes of the present invention belongs to the range of the claims in the present invention and its equivalent technologies Within, then the present invention is also intended to include these modifications and variations.

Claims (10)

1. a kind of processing method of DNS message characterized by comprising
Obtain legal domain name dns server address;
Receive the DNS message that unauthenticated user is sent;
When the IP address in the DNS message is not in preconfigured DNS clearance address table, taken according to the DNS The DNS message is sent dns server by business device address, in order to which the dns server determines whether the DNS message is pseudo- Make DNS message;
The DNS message that the user that certification passes through sends is received, when checking that the IP of the user is in DNS clearance address table, clearance DNS Message;After authenticating user offline, the IP of user is deleted from DNS clearance address table.
2. the method according to claim 1, wherein described the step of obtaining legal dns server address, has Body includes:
The information for detecting DNS in the DHCP OFFER message of Dynamic Host Configuration Protocol server feedback, obtains legal dns server address.
3. the method according to claim 1, wherein further include:
The IP address of the user is added the DNS and lets pass ground by the web authentication request for receiving user when user authentication passes through In the table of location.
4. the method according to claim 1, wherein the IP address when in the DNS message does not exist When in DNS clearance address table, dns server is sent for the DNS message according to the dns server address, in order to institute It states dns server and determines that the DNS message specifically includes for the step of forgery DNS message:
It, will according to the dns server address when the IP address in the DNS message is not in DNS clearance address table The DNS message is sent to dns server, in order to which there are users to make by oneself in judging the DNS message for the dns server The DNS message is determined when adopted content to forge DNS message.
5. a kind of processing unit of DNS message characterized by comprising
Address acquisition module, for obtaining legal dns server address;
Message receiving module, for receiving the DNS message of unauthenticated user transmission;
Judgment module, for judging the IP address in the DNS message whether in DNS clearance address table;
Message sending module, for when the IP address in the DNS message is not in preconfigured DNS clearance address table When, dns server is sent for the DNS message according to the dns server address, in order to which the dns server determines Whether the DNS message is to forge DNS message;
Wherein, message sending module is also used to: being received the DNS message that the user that certification passes through sends, is checked that the IP of the user exists When in DNS clearance address table, clearance DNS message;After authenticating user offline, the IP of user is deleted from DNS clearance address table It removes.
6. device according to claim 5, which is characterized in that
The address acquisition module is specifically used for: the information of DNS in the DHCP OFFER message of detection Dynamic Host Configuration Protocol server feedback obtains Take legal dns server address.
7. device according to claim 5, which is characterized in that further include:
Clearance address table setup module, the web authentication for receiving user is requested, when user authentication passes through, by the user's IP address is added in the DNS clearance address table.
8. device according to claim 5, which is characterized in that
The message sending module is specifically used for, when the IP address in the DNS message is not in DNS clearance address table When, dns server is sent for the DNS message according to the dns server address, in order to which the dns server is being sentenced Breaking in the DNS message, there are determine the DNS message when user's custom content to forge DNS message.
9. a kind of processing system of DNS message characterized by comprising
Access device, for obtaining legal dns server address;Receive the DNS message that unauthenticated user is sent;When described It, will according to the dns server address when IP address in DNS message is not in preconfigured DNS clearance address table The DNS message is sent to dns server;The DNS message that the user that certification passes through sends is received, checks that the IP of the user exists When in DNS clearance address table, clearance DNS message;After authenticating user offline, the IP of user is deleted from DNS clearance address table It removes;
The dns server forges DNS message for determining the DNS message.
10. system according to claim 9, which is characterized in that
The dns server is specifically used for, and there are DNS report is determined when user's custom content in judging the DNS message Whether text is to forge DNS message.
CN201510906204.6A 2015-12-09 2015-12-09 A kind of processing method of DNS message, apparatus and system Active CN105554170B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510906204.6A CN105554170B (en) 2015-12-09 2015-12-09 A kind of processing method of DNS message, apparatus and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510906204.6A CN105554170B (en) 2015-12-09 2015-12-09 A kind of processing method of DNS message, apparatus and system

Publications (2)

Publication Number Publication Date
CN105554170A CN105554170A (en) 2016-05-04
CN105554170B true CN105554170B (en) 2019-06-14

Family

ID=55833102

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510906204.6A Active CN105554170B (en) 2015-12-09 2015-12-09 A kind of processing method of DNS message, apparatus and system

Country Status (1)

Country Link
CN (1) CN105554170B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108270761A (en) * 2017-01-03 2018-07-10 中国移动通信有限公司研究院 A kind of domain name legitimacy detection method and device
CN114500094B (en) * 2022-02-24 2024-03-12 新华三技术有限公司合肥分公司 Access method and device

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1403952A (en) * 2002-09-24 2003-03-19 武汉邮电科学研究院 Ethernet confirming access method
CN1505345A (en) * 2002-12-02 2004-06-16 深圳市中兴通讯股份有限公司上海第二 A method for accessing user forced access identification server
CN101405698A (en) * 2006-05-16 2009-04-08 思科技术公司 Techniques for providing security protection in wireless networks by switching modes
CN101820396A (en) * 2010-05-24 2010-09-01 杭州华三通信技术有限公司 Method and device for verifying message safety
CN101873329A (en) * 2010-06-29 2010-10-27 迈普通信技术股份有限公司 Portal compulsory authentication method and access equipment
CN101945053A (en) * 2010-10-12 2011-01-12 杭州华三通信技术有限公司 Method and device for transmitting message
CN102238245A (en) * 2011-06-03 2011-11-09 杭州华三通信技术有限公司 Address allocation method and equipment
CN102291441A (en) * 2011-08-02 2011-12-21 杭州迪普科技有限公司 Method and security agent device for protecting against attack of synchronize (SYN) Flood
CN102624706A (en) * 2012-02-22 2012-08-01 上海交通大学 Method for detecting DNS (domain name system) covert channels
CN103179100A (en) * 2011-12-26 2013-06-26 中国移动通信集团广西有限公司 Method and device for preventing the attack on a domain name system tunnel
CN104427499A (en) * 2013-09-11 2015-03-18 中国电信股份有限公司 Wireless local area network (WLAN) access authentication method and system based on World Wide Web

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1403952A (en) * 2002-09-24 2003-03-19 武汉邮电科学研究院 Ethernet confirming access method
CN1505345A (en) * 2002-12-02 2004-06-16 深圳市中兴通讯股份有限公司上海第二 A method for accessing user forced access identification server
CN101405698A (en) * 2006-05-16 2009-04-08 思科技术公司 Techniques for providing security protection in wireless networks by switching modes
CN101820396A (en) * 2010-05-24 2010-09-01 杭州华三通信技术有限公司 Method and device for verifying message safety
CN101873329A (en) * 2010-06-29 2010-10-27 迈普通信技术股份有限公司 Portal compulsory authentication method and access equipment
CN101945053A (en) * 2010-10-12 2011-01-12 杭州华三通信技术有限公司 Method and device for transmitting message
CN102238245A (en) * 2011-06-03 2011-11-09 杭州华三通信技术有限公司 Address allocation method and equipment
CN102291441A (en) * 2011-08-02 2011-12-21 杭州迪普科技有限公司 Method and security agent device for protecting against attack of synchronize (SYN) Flood
CN103179100A (en) * 2011-12-26 2013-06-26 中国移动通信集团广西有限公司 Method and device for preventing the attack on a domain name system tunnel
CN102624706A (en) * 2012-02-22 2012-08-01 上海交通大学 Method for detecting DNS (domain name system) covert channels
CN104427499A (en) * 2013-09-11 2015-03-18 中国电信股份有限公司 Wireless local area network (WLAN) access authentication method and system based on World Wide Web

Also Published As

Publication number Publication date
CN105554170A (en) 2016-05-04

Similar Documents

Publication Publication Date Title
US10225260B2 (en) Enhanced authentication security
CN105007280B (en) A kind of application login method and device
CN105337949B (en) A kind of SSO authentication method, web server, authentication center and token verify center
US10419431B2 (en) Preventing cross-site request forgery using environment fingerprints of a client device
US10778668B2 (en) HTTP session validation module
CN102571547B (en) Method and device for controlling hyper text transport protocol (HTTP) traffic
CA2914426C (en) Method for authenticating a user, corresponding server, communications terminal and programs
US9288281B2 (en) Common interface communicating with multiple back-end services via gateway application
CN105472052A (en) Login method and system of cross-domain server
CN105991518B (en) Network access verifying method and device
CN105162802B (en) Portal authentication method and certificate server
CN105592046B (en) A kind of authentication-exempt access method and device
CN108259457B (en) WEB authentication method and device
JP6119709B2 (en) Service provider apparatus, program, and service providing method
CN104158818A (en) Single sign-on method and system
CN105991640B (en) Handle the method and device of HTTP request
CN115022047B (en) Account login method and device based on multi-cloud gateway, computer equipment and medium
WO2014153959A1 (en) Method, related apparatus and system for preventing cross-site request forgery
CN110557358A (en) Honeypot server communication method, SSLStrip man-in-the-middle attack perception method and related device
CN104660523A (en) Network access control system
CN106101134A (en) User's multiple domain is under one's name across the method for station roaming checking logging status
WO2018112878A1 (en) Token mechanism-based system and method for detecting and defending against cc attack
CN105592180A (en) Portal authentication method and device
CN105554170B (en) A kind of processing method of DNS message, apparatus and system
US11075922B2 (en) Decentralized method of tracking user login status

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP01 Change in the name or title of a patent holder
CP01 Change in the name or title of a patent holder

Address after: Cangshan District of Fuzhou City, Fujian province 350002 Jinshan Road No. 618 Garden State Industrial Park 19 floor

Patentee after: RUIJIE NETWORKS Co.,Ltd.

Address before: Cangshan District of Fuzhou City, Fujian province 350002 Jinshan Road No. 618 Garden State Industrial Park 19 floor

Patentee before: Beijing Star-Net Ruijie Networks Co.,Ltd.