CN106101294A - A kind of network connection management method and device - Google Patents
A kind of network connection management method and device Download PDFInfo
- Publication number
- CN106101294A CN106101294A CN201610767642.3A CN201610767642A CN106101294A CN 106101294 A CN106101294 A CN 106101294A CN 201610767642 A CN201610767642 A CN 201610767642A CN 106101294 A CN106101294 A CN 106101294A
- Authority
- CN
- China
- Prior art keywords
- user terminal
- private
- described user
- connects
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/12—Arrangements for remote connection or disconnection of substations or of equipment thereof
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M11/00—Telephonic communication systems specially adapted for combination with other electrical systems
- H04M11/06—Simultaneous speech and data transmission, e.g. telegraphic transmission over the same conductors
Abstract
nullThis application provides a kind of network connection management method and device,Network connection management method is by when user terminal starts,Run anti-private and connect client-side program,To detect the newly-increased connection of bearer network existence of user terminal or to detect that user terminal is shared agent way by Internet and surfed the Net or detecting that user terminal passes through NAT or route conversion regime online or when detecting that user terminal passes through the online of wifi sharing mode,Illustrate that there is width private connects behavior,Detect there is wide-band fraudulent connecting behavior time,Control user terminal and disconnect network connection,The situation avoiding user to be connect the flow loss causing operator by private is occurred,Effectively wide-band fraudulent connecting behavior is taken precautions against,Thus reduce the infringement degree of the economic interests to operator,For setting up nature and optimum communication relation between consumer and operator.
Description
Technical field
The application relates to network connection management field, particularly to a kind of network connection management method and device.
Background technology
Along with the development of information age, using the user of the Internet online to get more and more, operator is in order to ensure user's energy
Enough normal online, have provided the user effective broadband service, but have connect behavior with the private occurred and encroached on the warp of operator
Ji interests.Wherein, wide-band fraudulent connecting behavior refers specifically to the broadband account business that exclusively enjoys that operator opens on the premise of without permission,
Broadband account is reached to share network hotspot by user privately by some technological means so that it is he does not handles the user of broadband services
Connect the behavior of focus online.
In order to reduce the infringement degree of the economic interests to operator, for set up between consumer and operator from but
The most optimum communication relation, needs badly at present and takes precautions against wide-band fraudulent connecting behavior.
Summary of the invention
For solving above-mentioned technical problem, the embodiment of the present application provides a kind of network connection management method and device, to reach
Effectively wide-band fraudulent connecting behavior is taken precautions against, thus reduces the infringement degree to the economic interests of operator, for consumer with
Setting up nature and the purpose of optimum communication relation between operator, technical scheme is as follows:
A kind of network connection management method, is applied to user terminal, and described method includes:
When described user terminal starts, run anti-private and connect client-side program, to perform anti-private termination process;
Described anti-private termination process includes:
By the way of dialling up on the telephone, set up network connect;
Whether the bearer network detecting described user terminal exists the connection of newly-increased network;
If so, control described user terminal and disconnect current network connection;
If it is not, detect whether described user terminal shares agent way online by Internet;
If so, control described user terminal and disconnect current network connection;
If it is not, detect whether described user terminal is surfed the Net by NAT or route conversion regime;
If so, control described user terminal and disconnect current network connection;
If it is not, detect whether described user terminal is surfed the Net by wifi sharing mode;
If so, control described user terminal and disconnect current network connection;
If it is not, do not perform to control described user terminal to disconnect the operation that current network connects, so that described user terminal is just
Often online.
Preferably, also include:
During the described anti-private of operation connects client-side program, it is judged that described anti-private connects client-side program and the most normally transports
OK;
Do not perform to control described user terminal and disconnect the operation that current network connects, so that described user terminal is just
Often online;
If it is not, control described user terminal to disconnect current network connection.
Preferably, it is judged that described anti-private connects the process that client-side program is the most properly functioning, including:
Utilize kernel hooking technique, it may be judged whether exist and terminate anti-private by task processor and connect client process or pass through
Illegal program terminates described anti-private and connects client process or to cause described anti-private to connect client process by illegal program seemingly-dead
Operation;
It is the running example that described anti-private connects client-side program that described anti-private connects client process.
Preferably, the described process setting up network connection by the way of dialling up on the telephone, including:
Presenting dialing interface, described dialing interface at least includes: user name input frame and Password Input frame, described user name
Input frame is concealed with front and back sews mark, and described Password Input frame is concealed with PIN code;
Obtain the user name that input to described user name input frame of user and the dialing inputted to described Password Input frame is close
Code;
Described user name and the described account information front and back sewing mark will be comprised and comprise described dialing cipher and described PIN
The encrypted message of code sends to background server, so that whether described background server exists by identifying in described account information
Sew in mark and described encrypted message whether there is described PIN code before and after described, if so, allow in the dialing of described user terminal
Net, if it is not, stop described user terminal to dial up on the telephone.
Preferably, after controlling described user terminal and disconnecting current network connection, also include:
Control described anti-private and connect the operation of client program stopped.
A kind of network connection management device, is applied to user terminal, and described device includes:
Running unit, for when described user terminal starts, runs anti-private and connects client-side program, takes over performing anti-private
Journey;
Described anti-private termination process includes:
By the way of dialling up on the telephone, set up network connect;
Whether the bearer network detecting described user terminal exists the connection of newly-increased network;
If so, control described user terminal and disconnect current network connection;
If it is not, detect whether described user terminal shares agent way online by Internet;
If so, control described user terminal and disconnect current network connection;
If it is not, detect whether described user terminal is surfed the Net by NAT or route conversion regime;
If so, control described user terminal and disconnect current network connection;
If it is not, detect whether described user terminal is surfed the Net by wifi sharing mode;
If so, control described user terminal and disconnect current network connection;
If it is not, do not perform to control described user terminal to disconnect the operation that current network connects, so that described user terminal is just
Often online.
Preferably, also include:
Judging unit, during connecing client-side program in the described anti-private of operation, it is judged that described anti-private connects client
Program is the most properly functioning, does not the most perform to control described user terminal and disconnects the operation that current network connects, so that described use
Family terminal is normally surfed the Net, if it is not, control described user terminal to disconnect current network connection.
Preferably, described judging unit includes:
Judgment sub-unit, is used for utilizing kernel hooking technique, it may be judged whether exists and terminates anti-private by task processor and connect
Client process or terminate described anti-private by illegal program and connect client process or cause described anti-private to connect by illegal program
The operation that client process is seemingly-dead;
It is the running example that described anti-private connects client-side program that described anti-private connects client process.
Preferably, described running unit connects client-side program, by by building in the way of dialling up on the telephone in the described anti-private of operation
When vertical network connects, specifically for presenting dialing interface, and obtain the user name that user inputs to described user name input frame
With the dialing cipher inputted to described Password Input frame, and will comprise described user name and described before and after sew mark account letter
Breath and the encrypted message comprising described dialing cipher and described PIN code send to background server, so that described background server
By identifying that whether there is described front and back sewing in described account information identifies and whether there is described PIN in described encrypted message
Code, if so, allows described user terminal to dial up on the telephone, if it is not, stop described user terminal to dial up on the telephone;
Described dialing interface at least includes: user name input frame and Password Input frame, and described user name input frame is concealed with
Front and back sewing mark, described Password Input frame is concealed with PIN code.
Preferably, described running unit connects client-side program in the described anti-private of operation, to control the disconnection of described user terminal
After current network connects, it is additionally operable to control described anti-private and connects the operation of client program stopped.
Compared with prior art, the having the beneficial effect that of the application
In this application, by when user terminal starts, run anti-private and connect client-side program, to detect that user is eventually
There is newly-increased connection or detecting that user terminal is shared agent way by Internet and surfed the Net or in inspection in the bearer network of end
Measure user terminal surf the Net by NAT or route conversion regime or detecting that user terminal is surfed the Net by wifi sharing mode
Time, illustrate that there is width private connects behavior, detect there is wide-band fraudulent connecting behavior time, control user terminal disconnect network connect,
The situation avoiding user to be connect the flow loss causing operator by private is occurred, and is effectively prevented wide-band fraudulent connecting behavior
Model, thus reduce the infringement degree of the economic interests to operator, for set up between consumer and operator nature and
Optimum communication relation.
Accompanying drawing explanation
For the technical scheme being illustrated more clearly that in the embodiment of the present application, in embodiment being described below required for make
Accompanying drawing be briefly described, it should be apparent that, the accompanying drawing in describing below is only some embodiments of the application, for
From the point of view of those of ordinary skill in the art, on the premise of not paying creative work, it is also possible to obtain it according to these accompanying drawings
His accompanying drawing.
Fig. 1 is a kind of flow chart of the network connection management method that the application provides;
Fig. 2 is a kind of sub-process figure of the network connection management method that the application provides;
Fig. 3 is the another kind of sub-process figure of the network connection management method that the application provides;
Fig. 4 is the another kind of flow chart of the network connection management method that the application provides;
Fig. 5 is another the sub-process figure of the network connection management method that the application provides;
Fig. 6 is a kind of logical structure schematic diagram of the network connection management device that the application provides;
Fig. 7 is the another kind of logical structure schematic diagram of the network connection management device that the application provides.
Detailed description of the invention
Below in conjunction with the accompanying drawing in the embodiment of the present application, the technical scheme in the embodiment of the present application is carried out clear, complete
Describe, it is clear that described embodiment is only some embodiments of the present application rather than whole embodiments wholely.Based on
Embodiment in the application, it is every other that those of ordinary skill in the art are obtained under not making creative work premise
Embodiment, broadly falls into the scope of the application protection.
Embodiment one
In the present embodiment, it is provided that a kind of network connection management method, it is applied to user terminal.Referring to Fig. 1, it shows
Go out a kind of flow chart of the network connection management method that the application provides, may comprise steps of:
Step S11: when described user terminal starts, run anti-private and connect client-side program, to perform anti-private termination process.
In the present embodiment, user terminal refers specifically to the computer equipment that online is used.
In the present embodiment, the detailed process of anti-private termination process may refer to Fig. 2, may comprise steps of:
Step S21: set up network by the way of dialling up on the telephone and connect.
In the present embodiment, user terminal can show dialing interface, user can on dialing interface input dial user
Name and dialing cipher.Wherein, when the mode that user terminal first passage dials up on the telephone sets up network connection, need user in dialing
Input dial user name and dialing cipher on interface, dial user's name and dialing cipher that user terminal is then inputted by user enter
Row dials up on the telephone, thus the network setting up user terminal connects.If user is input dial user name and dialing on dialing interface
After password, selecting automated log on next time on dialing interface, user terminal, will be automatically by dialling when setting up network connection next time
Number online mode set up network connect;If user is on dialing interface after input dial user name and dialing cipher, in dialing
Non-selected next automated log on interface, user terminal when setting up network connection next time, then needs user to re-enter dialing
User name and dialing cipher, dial up on the telephone afterwards.
In the present embodiment, run after anti-private connects client-side program, by the way of dialling up on the telephone, set up what network connected
Realizing principle is: realize basic dial function by means of Windows system RasPPPoE assembly.
Wherein, realizing the detailed process of basic dial function by means of Windows system RasPPPoE assembly is: utilize
Windows system broad connects dialing can create the principle of dial telephone book (i.e. dial-up profile), dials according to broadband connection
Number time generate configuration information revise inapplicable parameter configuration so that anti-private connect client-side program run time can be suitable
Profit completes to dial up on the telephone, thus the network setting up user terminal connects.And, owing to RasPPPoE assembly is at different Windows
There is difference in version in system, some API behavior disunity cause win7 system above can the software of normal dialing in xp system
System cannot the phenomenon of normal dialing, the most anti-private connects client-side program and causes abnormal API in different system by identifying
Do specific aim to process, it is achieved normal dialing online under multiple systems version.
Step S22: whether the bearer network detecting described user terminal exists newly-increased connection.
If so, step S23 is performed, if it is not, perform step S24.
Wherein, when the bearer network detecting user terminal exists newly-increased connection, illustrate that there is anti-private connects behavior, then need
Step S23 to be performed.
In the present embodiment, that detects whether the bearer network of described user terminal exist newly-increased connection realizes principle: inspection
Whether the bearer network surveying described user terminal exists the function needs of newly-increased connection by judging that wireless network connects assembly
The number of Wlan realizes, particularly as follows: by judging that wireless network connects the number of assembly Wlan and determines in user terminal and be
No there is unnecessary network hotspot.But due in Windows system Wlan assembly there are differences on different operating system (as
Under xp system, some system functions do not exist), therefore to realize in Windows system Wlan assembly at different operating system
On adaptation, whether the bearer network detecting described user terminal is existed the dynamic chain that the function package of newly-increased connection becomes independent
Connect storehouse, by judging that whether there is newly-increased network in dynamic link library connects, and detects whether that there is private connects behavior, wherein, if
Dynamic link library exists newly-increased network connect, illustrate that there is private connects behavior.
It should be noted that the bearer network of user terminal refers to that user terminal can be by one piece of physical radio network interface card with visitor
Family end identity is connected to hard AP (such as wireless router), simultaneously again can be as soft AP, it is allowed to miscellaneous equipment is connected with oneself.
Step S23: control described user terminal and disconnect current network connection.
Step S24: detect whether described user terminal shares agent way online by Internet.
If so, step S23 is performed, if it is not, perform step S25.
Wherein, when detecting that user terminal shares agent way online by Internet, illustrate that there is private connects behavior,
Then need to perform step S23.
Detect described user terminal and whether realize principle by what Internet shared agent way online: used by reading
TCP message that family terminal will send or the TCP message received, it is judged that the source IP address in the TCP message read and mesh
IP address whether on the same network segment, if on the same network segment, illustrate exist share agent way by Internet
Online.
Step S25: detect whether described user terminal is surfed the Net by NAT or route conversion regime.
If so, step S23 is performed, if it is not, perform step S26.
Wherein, when detecting that user terminal passes through NAT or route conversion regime online, illustrate that there is private connects behavior, then
Need to perform step S23.
In the present embodiment, detect whether described user terminal realizes principle by what NAT or route conversion regime were surfed the Net
Particularly as follows: whether there is the effective ip of two or more and subnet mask by the network adapter judging user terminal, if existing,
Then explanation may be surfed the Net by NAT or route conversion regime.
Step S26: detect whether described user terminal is surfed the Net by wifi sharing mode.
If so, step S23 is performed, if it is not, perform step S27.
Step S27: do not perform to control described user terminal and disconnect the operation that current network connects, so that described user terminal
Normal online.
Wherein, when detecting that user terminal passes through the online of wifi sharing mode, illustrate that there is private connects behavior, then need to hold
Row step S23.
Detect whether described user terminal realizes principle particularly as follows: scanning IPv4 is static by what wifi sharing mode was surfed the Net
By the routing iinformation scanned, routing iinformation in routing table, determines that network connects id, and connects id pair net by network
Network adapter, it is judged that whether the equipment id of the network adapter matched has two or more, the most then there is virtual network in explanation
Adapter, owing to this Objunctive network adaptor is virtual out by wifi shareware, therefore may determine that user terminal
Pass through the online of wifi sharing mode.Wherein, network connects the mark that id is wifi signal, and the equipment id of network adapter is net
The mark of card.
Wherein, judge the equipment id of the network adapter matched when there being two or more, then explanation exist virtual
The reason of network adapter is: user terminal, during surfing the Net, as long as there being a network adapter, but if is judged
Showed the equipment id of plural network adapter, then there is Objunctive network adaptor in explanation.Wherein, each network adapter
Only one of which equipment id.
In this application, by when user terminal starts, run anti-private and connect client-side program, to detect that user is eventually
There is newly-increased connection or detecting that user terminal is shared agent way by Internet and surfed the Net or in inspection in the bearer network of end
Measure user terminal surf the Net by NAT or route conversion regime or detecting that user terminal is surfed the Net by wifi sharing mode
Time, illustrate that there is width private connects behavior, detect there is wide-band fraudulent connecting behavior time, control user terminal disconnect network connect,
The situation avoiding user to be connect the flow loss causing operator by private is occurred, and is effectively prevented wide-band fraudulent connecting behavior
Model, thus reduce the infringement degree of the economic interests to operator, for set up between consumer and operator nature and
Optimum communication relation.
Further, anti-private connects client-side program and runs on the subscriber terminal, compared to operating on background server, anti-
It is more flexible that what private connect realizes process.
In the present embodiment, on the basis of the anti-private termination process shown in Fig. 2, expand another anti-private termination process, please
See Fig. 3, may comprise steps of:
Step S31: set up network by the way of dialling up on the telephone and connect.
Step S32: whether the bearer network detecting described user terminal exists newly-increased connection.
If so, step S33 is performed, if it is not, perform step S35.
Step S33: control described user terminal and disconnect current network connection.
Step S34: control described anti-private and connect the operation of client program stopped.
Step S35: detect whether described user terminal shares agent way online by Internet.
If so, step S33 is performed, if it is not, perform step S36.
Step S36: detect whether described user terminal is surfed the Net by NAT or route conversion regime.
If so, step S33 is performed, if it is not, perform step S37.
Step S37: detect whether described user terminal is surfed the Net by wifi sharing mode.
If so, step S33 is performed, if it is not, perform step S38.
Step S38: do not perform to control described user terminal and disconnect the operation that current network connects, so that described user terminal
Normal online.
Wherein, step S31 to step S33 is identical to step S13 with step S11 in the anti-private termination process shown in Fig. 2,
This repeats no more, and step S35 to step S38 is identical to step S27, at this with step S24 in the anti-private termination process shown in Fig. 2
Repeat no more.
Embodiment two
In the present embodiment, on the basis of the network connection management method shown in Fig. 1, another network is expanded even
Connect management method, refer to Fig. 4, may comprise steps of:
Step S41: when described user terminal starts, run anti-private and connect client-side program, to perform anti-private termination process.
In the present embodiment, anti-private termination process specifically refers to the anti-private termination process shown in embodiment one, the most superfluous at this
State.
Step S42: during the described anti-private of operation connects client-side program, it is judged that described anti-private connects client-side program and is
No properly functioning.
If so, step S43 is performed, if it is not, perform step S44.
In the present embodiment, during owing to connecing client-side program in the described anti-private of operation, it is judged that described anti-private prostitution
End program the most properly functioning user terminal of can evading in family connects client-side program in the anti-private of operation, carries out period of dialling up on the telephone,
User affects anti-private by illegal means and connects the properly functioning of client-side program, gets around the situation of anti-private connection function.Therefore Fig. 4
The network connection management method illustrated can connect client-side program running anti-private, carries out while detection width private connects behavior,
Can detect whether to exist and make anti-private connect the behavior that client-side program is not normally functioning, thus ensure that anti-private connects client-side program
The uniqueness run and effectiveness all the time, improve the reliability taking precautions against wide-band fraudulent connecting behavior further.
In the present embodiment, it is judged that the process that described anti-private connects client-side program the most properly functioning is specifically as follows: profit
By kernel hooking technique, it may be judged whether exist and terminate anti-private by task processor and connect client process or tied by illegal program
The anti-private of Shu Suoshu connects client process or causes described anti-private to connect the operation that client process is seemingly-dead by illegal program.Wherein,
It is the running example that described anti-private connects client-side program that described anti-private connects client process.
Wherein, kernel hooking (Hook), is a platform of windows messaging treatment mechanism, and application program can be upper
Face arranges subprocess to monitor certain message of specified window.Whenever specific message (as terminated process) sends, do not arrive
Reaching purpose window (EP (end of program) operation) front, the program of kernel hooking the most first captures this message, that is kernel hooking function is permissible
First obtain control.
In the present embodiment, kernel hooking has to differentiate between the figure place of different operating system, and therefore user terminal is in order to ensure
Kernel hooking technique can be utilized smoothly, it may be judged whether exist and terminate anti-private by task processor and connect client process or pass through
Illegal program terminates described anti-private and connects client process or to cause described anti-private to connect client process by illegal program seemingly-dead
Operation, it is firstly the need of possessing detection operating system version and figure place function.Certainly, possessing detection operating system version and position
On the basis of number functions, kernel hooking can adaptive 32/64 systems of more than Window xp so that utilizing kernel hooking
Technology, it may be judged whether exist and terminate anti-private by task processor and connect client process or terminate described anti-private by illegal program
Connect client process or cause described anti-private to meet operation more than the adaptation Window xp that client process is seemingly-dead by illegal program
32/64 systems.
Step S43: do not perform to control described user terminal and disconnect the operation that current network connects, so that described user terminal
Normal online.
Step S44: control described user terminal and disconnect current network connection.
In the above-described embodiments, above by the mode dialled up on the telephone set up network connect process specifically may refer to figure
5, may comprise steps of:
Step S51: present dialing interface, described dialing interface at least includes: user name input frame and Password Input frame, institute
Stating user name input frame to be concealed with and front and back sew mark, described Password Input frame is concealed with PIN code.
Step S52: obtain the user name that input to described user name input frame of user and to the input of described Password Input frame
Dialing cipher.
Step S53: described user name and the described account information front and back sewing mark will be comprised and comprise described dialing cipher
Send to background server with the encrypted message of described PIN code, so that described background server is by identifying described account information
In whether exist described before and after sew in mark and described encrypted message whether there is described PIN code, if so, allow described user eventually
End dials up on the telephone, if it is not, stop described user terminal to dial up on the telephone.
Wherein, deposit described front and back sewing in mark and described encrypted message if background server identifies to exist in account information
At described PIN code, then explanation user is that the user terminal connecing client-side program by running anti-private dials up on the telephone, then allow
User terminal dials up on the telephone, and otherwise, illustrates that user has got around anti-private and connect client-side program and dial up on the telephone, then stops user eventually
End dials up on the telephone.
In the present embodiment, when the process of step S51 to step S53 makes user use other dialup client programs, after
Station server can be distinguished user use by identifying the user profile (i.e. account information and encrypted message) of client upload
Be whether to run anti-private to connect the user terminal of client-side program, use the anti-private of operation to connect client journey if identifying user
The user terminal of sequence, then allow user terminal dial up on the telephone, otherwise, stop user terminal dial up on the telephone, thus ensure user without
Method finds private to connect leak, it is ensured that anti-private connects the effectiveness that client-side program runs.
Set up by the way of dialling up on the telephone network connect process be building by the way of dialling up on the telephone shown in Fig. 5
The process that vertical network connects, and on the basis of Fig. 4 illustrates network connection management method, user terminal can detect whether to deposit simultaneously
In wide-band fraudulent connecting behavior, detect whether to exist allow anti-private connect behavior that client-side program is not normally functioning and detect whether to exist
Get around anti-private and connect the behavior that client-side program carries out dialling, thus reach more reliable anti-private and connect effect.
It should be noted that owing to truly surfing the Net in environment user, need the bar meeting mobile phone, computer is surfed the Net simultaneously
Part, but the user terminal in the application is specially computer equipment, and mobile phone cannot use above-mentioned anti-private to connect client-side program, can only
Dialled up on the telephone by portal page face, therefore, come by analogue mobile phone environment for evading computer equipment (i.e. user terminal)
The mode using portal to log in is surfed the Net (cannot realize anti-private in portal login techniques principle to connect) at all, causes anti-private to connect leakage
Hole, mobile phone needs to use mobile phone A PP possessing dial feature to dial up on the telephone, and the entrance in portal page face will close completely
Close, no longer provide service for public user, thus avoid user to utilize the leak of portal agreement to share to carry out network, thus
It is further ensured that anti-private connects the effectiveness that client-side program runs.Wherein, possesses the process of mobile phone A PP operation of dial feature i.e.
Step S51 is to the execution process of step S53.
Embodiment three
Corresponding with said method embodiment, present embodiments provide a kind of network connection management device, be applied to user
Terminal.Refer to Fig. 6, it illustrates a kind of logical structure schematic diagram of the network connection management device that the present embodiment provides, net
Network connection management device includes: running unit 61.
Running unit 61, for when described user terminal starts, runs anti-private and connects client-side program, connects performing anti-private
Process.
Described anti-private termination process includes:
By the way of dialling up on the telephone, set up network connect;
Whether the bearer network detecting described user terminal exists the connection of newly-increased network;
If so, control described user terminal and disconnect current network connection;
If it is not, detect whether described user terminal shares agent way online by Internet;
If so, control described user terminal and disconnect current network connection;
If it is not, detect whether described user terminal is surfed the Net by NAT or route conversion regime;
If so, control described user terminal and disconnect current network connection;
If it is not, detect whether described user terminal is surfed the Net by wifi sharing mode;
If so, control described user terminal and disconnect current network connection;
If it is not, do not perform to control described user terminal to disconnect the operation that current network connects, so that described user terminal is just
Often online.
In above-mentioned network connection management device, running unit 61 connects client-side program in the described anti-private of operation, to control
After described user terminal disconnects current network connection, it is additionally operable to control described anti-private and connects the operation of client program stopped.
In the present embodiment, on the basis of the network connection management device shown in Fig. 6, another network is expanded even
Connect managing device, refer to Fig. 7, also include on the basis of the network connection management device shown in Fig. 6: judging unit 62.
Judging unit 62, during connecing client-side program in the described anti-private of operation, it is judged that described anti-private prostitution family
End program is the most properly functioning, does not the most perform to control described user terminal and disconnects the operation that current network connects, so that described
User terminal is normally surfed the Net, if it is not, control described user terminal to disconnect current network connection.
In the present embodiment, it is judged that unit 62 specifically may include that judgment sub-unit, it is used for utilizing kernel hooking technique,
Judge whether that terminating anti-private by task processor connects client process or terminate described anti-private prostitution by illegal program
Family end process or cause described anti-private to connect the operation that client process is seemingly-dead by illegal program;
It is the running example that described anti-private connects client-side program that described anti-private connects client process.
In above-mentioned network connection management device, running unit 61 connects client-side program, to pass through in the described anti-private of operation
When the mode dialled up on the telephone sets up network connection, specifically for presenting dialing interface, and it is defeated to described user name to obtain user
Enter frame input user name and to described Password Input frame input dialing cipher, and will comprise described user name and described before
Account information and the encrypted message comprising described dialing cipher and described PIN code of suffix mark send to background server, with
Make whether described background server exists described front and back sewing in mark and described encrypted message by identifying in described account information
Whether there is described PIN code, if so, allow described user terminal to dial up on the telephone, if it is not, stop in the dialing of described user terminal
Net.
Described dialing interface at least includes: user name input frame and Password Input frame, and described user name input frame is concealed with
Front and back sewing mark, described Password Input frame is concealed with PIN code.
It should be noted that each embodiment in this specification all uses the mode gone forward one by one to describe, each embodiment weight
Point explanation is all the difference with other embodiments, and between each embodiment, identical similar part sees mutually.
For device class embodiment, due to itself and embodiment of the method basic simlarity, so describe is fairly simple, relevant part ginseng
See that the part of embodiment of the method illustrates.
Finally, in addition it is also necessary to explanation, in this article, the relational terms of such as first and second or the like be used merely to by
One entity or operation separate with another entity or operating space, and not necessarily require or imply these entities or operation
Between exist any this reality relation or order.And, term " includes ", " comprising " or its any other variant meaning
Containing comprising of nonexcludability, so that include that the process of a series of key element, method, article or equipment not only include that
A little key elements, but also include other key elements being not expressly set out, or also include for this process, method, article or
The key element that equipment is intrinsic.In the case of there is no more restriction, statement " including ... " key element limited, do not arrange
Except there is also other identical element in including the process of described key element, method, article or equipment.
Above a kind of network connection management method provided herein and device are described in detail, herein should
Being set forth principle and the embodiment of the application by specific case, the explanation of above example is only intended to help reason
Solve the present processes and core concept thereof;Simultaneously for one of ordinary skill in the art, according to the thought of the application,
All will change in detailed description of the invention and range of application, in sum, this specification content should not be construed as this Shen
Restriction please.
Claims (10)
1. a network connection management method, it is characterised in that be applied to user terminal, described method includes:
When described user terminal starts, run anti-private and connect client-side program, to perform anti-private termination process;
Described anti-private termination process includes:
By the way of dialling up on the telephone, set up network connect;
Whether the bearer network detecting described user terminal exists the connection of newly-increased network;
If so, control described user terminal and disconnect current network connection;
If it is not, detect whether described user terminal shares agent way online by Internet;
If so, control described user terminal and disconnect current network connection;
If it is not, detect whether described user terminal is surfed the Net by NAT or route conversion regime;
If so, control described user terminal and disconnect current network connection;
If it is not, detect whether described user terminal is surfed the Net by wifi sharing mode;
If so, control described user terminal and disconnect current network connection;
If it is not, do not perform to control described user terminal to disconnect the operation that current network connects, so that on described user terminal is normal
Net.
Method the most according to claim 1, it is characterised in that also include:
During the described anti-private of operation connects client-side program, it is judged that it is the most properly functioning that described anti-private connects client-side program;
Do not perform to control described user terminal and disconnect the operation that current network connects, so that on described user terminal is normal
Net;
If it is not, control described user terminal to disconnect current network connection.
Method the most according to claim 2, it is characterised in that judge that described anti-private connects client-side program the most properly functioning
Process, including:
Utilize kernel hooking technique, it may be judged whether exist and terminate anti-private by task processor and connect client process or by illegal
Anti-private described in EP (end of program) connects client process or causes described anti-private to connect the operation that client process is seemingly-dead by illegal program;
It is the running example that described anti-private connects client-side program that described anti-private connects client process.
Method the most according to claim 1 and 2, it is characterised in that described network of setting up by the way of dialling up on the telephone connects
The process connect, including:
Presenting dialing interface, described dialing interface at least includes: user name input frame and Password Input frame, and described user name inputs
Frame is concealed with front and back sews mark, and described Password Input frame is concealed with PIN code;
Obtain the user name that user inputs and the dialing cipher inputted to described Password Input frame to described user name input frame;
By comprise described user name and described before and after sew the account information of mark and comprise described dialing cipher and described PIN code
Encrypted message sends to background server, so that whether described background server is described by existing in the described account information of identification
Front and back sew in mark and described encrypted message and whether there is described PIN code, if so, allow described user terminal to dial up on the telephone, if
No, stop described user terminal to dial up on the telephone.
Method the most according to claim 1, it is characterised in that connect it controlling described user terminal disconnection current network
After, also include:
Control described anti-private and connect the operation of client program stopped.
6. a network connection management device, it is characterised in that be applied to user terminal, described device includes:
Running unit, for when described user terminal starts, runs anti-private and connects client-side program, to perform anti-private termination process;
Described anti-private termination process includes:
By the way of dialling up on the telephone, set up network connect;
Whether the bearer network detecting described user terminal exists the connection of newly-increased network;
If so, control described user terminal and disconnect current network connection;
If it is not, detect whether described user terminal shares agent way online by Internet;
If so, control described user terminal and disconnect current network connection;
If it is not, detect whether described user terminal is surfed the Net by NAT or route conversion regime;
If so, control described user terminal and disconnect current network connection;
If it is not, detect whether described user terminal is surfed the Net by wifi sharing mode;
If so, control described user terminal and disconnect current network connection;
If it is not, do not perform to control described user terminal to disconnect the operation that current network connects, so that on described user terminal is normal
Net.
Device the most according to claim 6, it is characterised in that also include:
Judging unit, during connecing client-side program in the described anti-private of operation, it is judged that described anti-private connects client-side program
The most properly functioning, do not perform to control described user terminal and disconnect the operation that current network connects, so that described user is eventually
Rectify often online, if it is not, control described user terminal to disconnect current network connection.
Device the most according to claim 7, it is characterised in that described judging unit includes:
Judgment sub-unit, is used for utilizing kernel hooking technique, it may be judged whether exists and terminates anti-private prostitution family by task processor
End process or terminate described anti-private by illegal program and connect client process or cause described anti-private prostitution family by illegal program
The operation that end process is seemingly-dead;
It is the running example that described anti-private connects client-side program that described anti-private connects client process.
Device the most according to claim 8, it is characterised in that described running unit connects client journey in the described anti-private of operation
Sequence, when by setting up network connection in the way of dialling up on the telephone, specifically for presenting dialing interface, and obtains user to described
The user name of user name input frame input and the dialing cipher to the input of described Password Input frame, and described user name will be comprised
Send to backstage clothes with the described account information front and back sewing mark and the encrypted message comprising described dialing cipher and described PIN code
Business device, so that described background server is by identifying that whether there is described front and back sewing in described account information identifies and described password
Whether information exists described PIN code, if so, allows described user terminal to dial up on the telephone, if it is not, stop described user terminal to be dialled
Number online;
Described dialing interface at least includes: user name input frame and Password Input frame, before and after described user name input frame is concealed with
Sewing mark, described Password Input frame is concealed with PIN code.
Device the most according to claim 6, it is characterised in that described running unit connects client in the described anti-private of operation
Program, disconnects after current network connects controlling described user terminal, is additionally operable to control described anti-private and connects client-side program and stop
Only run.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610767642.3A CN106101294B (en) | 2016-08-30 | 2016-08-30 | A kind of network connection management method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610767642.3A CN106101294B (en) | 2016-08-30 | 2016-08-30 | A kind of network connection management method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106101294A true CN106101294A (en) | 2016-11-09 |
| CN106101294B CN106101294B (en) | 2019-09-27 |
Family
ID=57224378
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610767642.3A Active CN106101294B (en) | 2016-08-30 | 2016-08-30 | A kind of network connection management method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106101294B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109861955A (en) * | 2018-09-03 | 2019-06-07 | 西安新路网络科技有限公司 | A kind of anti-private of traffic characteristic connects method |
| CN112383517A (en) * | 2020-10-30 | 2021-02-19 | 杭州安恒信息安全技术有限公司 | Hiding method, device and equipment of network connection information and readable storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1710870A (en) * | 2004-06-16 | 2005-12-21 | 钟红军 | Wide-band fraudulent connecting monitoring system and monitoring method |
| CN101286894A (en) * | 2008-05-07 | 2008-10-15 | 中国网络通信集团公司长沙市分公司 | Detection and control method for illegal connection to IP network |
| US7526762B1 (en) * | 2000-06-30 | 2009-04-28 | Nokia Corporation | Network with mobile terminals as browsers having wireless access to the internet and method for using same |
| CN104079575A (en) * | 2014-07-02 | 2014-10-01 | 北京奇虎科技有限公司 | Home network security management method and device and system |
| CN105323757A (en) * | 2014-06-27 | 2016-02-10 | 中兴通讯股份有限公司 | WIFI squatter prevention wireless routing equipment and method |
-
2016
- 2016-08-30 CN CN201610767642.3A patent/CN106101294B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7526762B1 (en) * | 2000-06-30 | 2009-04-28 | Nokia Corporation | Network with mobile terminals as browsers having wireless access to the internet and method for using same |
| CN1710870A (en) * | 2004-06-16 | 2005-12-21 | 钟红军 | Wide-band fraudulent connecting monitoring system and monitoring method |
| CN101286894A (en) * | 2008-05-07 | 2008-10-15 | 中国网络通信集团公司长沙市分公司 | Detection and control method for illegal connection to IP network |
| CN105323757A (en) * | 2014-06-27 | 2016-02-10 | 中兴通讯股份有限公司 | WIFI squatter prevention wireless routing equipment and method |
| CN104079575A (en) * | 2014-07-02 | 2014-10-01 | 北京奇虎科技有限公司 | Home network security management method and device and system |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109861955A (en) * | 2018-09-03 | 2019-06-07 | 西安新路网络科技有限公司 | A kind of anti-private of traffic characteristic connects method |
| CN112383517A (en) * | 2020-10-30 | 2021-02-19 | 杭州安恒信息安全技术有限公司 | Hiding method, device and equipment of network connection information and readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106101294B (en) | 2019-09-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TWI569618B (en) | Communication method of hiding privacy and system thereof | |
| CN107005442B (en) | Method and apparatus for remote access | |
| US7546632B2 (en) | Methods and apparatus to configure a network device via an authentication protocol | |
| US7706781B2 (en) | Data security in a mobile e-mail service | |
| US9077730B2 (en) | Restricting network access while connected to an untrusted network | |
| US8971209B2 (en) | System to configure and manage routers through wireless communication | |
| CN105933888B (en) | A kind of eSIM card method for burn-recording and device based on NFC | |
| WO2016062002A1 (en) | Connection management method and apparatus, electrical device | |
| US20140362991A1 (en) | Method of connecting an appliance to a wifi network | |
| CN103329091B (en) | Cross access login controller | |
| CN102710549B (en) | To be established a communications link the method for relation, terminal and system by shooting | |
| US20110207454A1 (en) | Authenticating and registering roaming mobile users | |
| CN103874065A (en) | Method and device for judging user position abnormity | |
| CN106060072B (en) | Authentication method and device | |
| CN104113548A (en) | Authentication message processing method and device | |
| CN105392182B (en) | The setting method and system of the network configuration information of WIFI equipment | |
| CN106790251A (en) | User access method and subscriber access system | |
| CN106101294B (en) | A kind of network connection management method and device | |
| CN102984044B (en) | The method and apparatus realizing data transmission security based on VPN (virtual private network) | |
| CN107707529A (en) | A kind of client validation method for realizing limitation identifying code transmission times | |
| CN105336013B (en) | It is a kind of that the method and system called the roll is realized by beacon broadcast | |
| CN106330513A (en) | Processing method and apparatus for tr069 protocol information | |
| CN111079140B (en) | Method, device and system for preventing cheating | |
| CN108133142A (en) | A kind of mobile device remote connection and the method for manipulation PC machine | |
| CN105282822A (en) | Method and device for connecting with encrypted hot spots based on terminal SIM card |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |