CN106657139A - Login password processing method, apparatus and system - Google Patents

Login password processing method, apparatus and system Download PDF

Info

Publication number
CN106657139A
CN106657139A CN201710035910.7A CN201710035910A CN106657139A CN 106657139 A CN106657139 A CN 106657139A CN 201710035910 A CN201710035910 A CN 201710035910A CN 106657139 A CN106657139 A CN 106657139A
Authority
CN
China
Prior art keywords
password
login password
login
list
preset
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710035910.7A
Other languages
Chinese (zh)
Inventor
叶倩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou DPTech Technologies Co Ltd
Original Assignee
Hangzhou DPTech Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou DPTech Technologies Co Ltd filed Critical Hangzhou DPTech Technologies Co Ltd
Priority to CN201710035910.7A priority Critical patent/CN106657139A/en
Publication of CN106657139A publication Critical patent/CN106657139A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/069Management of faults, events, alarms or notifications using logs of notifications; Post-processing of notifications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention provides a login password processing method, apparatus and system. The method comprises the following steps: when an IP address of an access device is determined to have an attack behavior and the attack is successful, determining a first login password successfully attacked by the IP address; sending a first alarm message used for modifying the first login password to a management device; when a response message returned by the management device based on the first alarm message, analyzing the response message to obtain a second login password, wherein the second login password is a modified login password; and determining whether the second login password is valid based on a preset password list, wherein the preset password list is used for recording passwords that are broken easily. By application of the login password processing method, apparatus and system provided by the embodiment of the invention, the problems of low processing efficiency of the login password and low validity of the login password are solved.

Description

A kind of processing method of login password, apparatus and system
Technical field
The present invention relates to network communication technology field, more particularly to a kind of processing method of login password, apparatus and system.
Background technology
In prior art, log server is stored to the log information produced in network, and log information can be included and stepped on The important data messages such as record password, when the quantity of log information is more huge, log server needs the day of analysis and arrangement Will information is numerous and jumbled, the login password attacked cannot managed devices know that the treatment effeciency of login password is low in time, change Login password afterwards is likely to because arranging improper, and be cracked again, and the validity of login password is low.
The content of the invention
In view of this, the present invention provides a kind of processing method of login password, apparatus and system, to solve to login password Treatment effeciency it is low, the low problem of login password validity.
For achieving the above object, present invention offer technical scheme is as follows:
According to the first aspect of the invention, it is proposed that a kind of processing method of login password, methods described includes:
When it is determined that the IP address of access equipment has attack and success attack, the IP address success attack is determined The first login password;
The first warning message for changing first login password is sent to management equipment;
When the response message that the management equipment is returned based on first warning message is received, analyze the response to Message obtains the second login password, and second login password is amended login password;
Whether effectively second login password is determined based on preset password list, the preset password list is used to record The password being easily cracked.
According to the second aspect of the invention, it is proposed that a kind of processing meanss of login password, including:
First determining module, for when it is determined that the IP address of access equipment has attack and success attack, it is determined that First login password of the IP address success attack;
First alarm module, for determine in sending for changing first determining module to management equipment described the First warning message of one login password;
Packet parsing module, described in sending in the management equipment is received based on first alarm module During the response message that the first warning message is returned, analyze the response to message and obtain the second login password, second login is close Code is amended login password;
Effective judgement module, for determining the second login described in the packet parsing module based on preset password list Effectively whether, the preset password list is used to record the password being easily cracked password.
From above technical scheme, log server determines that the IP address of access equipment has attack and attacks into During work(, log server sends the first warning message for changing the first login password to management equipment, when getting management During amended second login password that equipment is returned, log server determines that the second login password is based on preset password list It is no effective, when the second login password is invalid so that management equipment is entered in time by obtaining null result to the second login password Row change, when log server needs the log information quantity of analysis and arrangement more huge, the login password attacked can To be known in time by the first warning message managed devices, while log server determines that second steps on based on preset password list Whether effectively, the treatment effeciency for solving login password to being attacked is low, the low problem of login password validity for record password.
Description of the drawings
Fig. 1 is the network architecture diagram that the processing system of the login password that the present invention is provided is suitable for;
Fig. 2 is the embodiment flow chart of the processing method of the login password that the present invention is provided;
Fig. 3 is the embodiment flow chart of the processing method of another login password that the present invention is provided;
Fig. 4 is a kind of hardware structure diagram of safeguard that the present invention is provided;
Fig. 5 is the embodiment block diagram of the processing meanss of the login password that the present invention is provided;
Fig. 6 is the embodiment block diagram of the processing meanss of another login password that the present invention is provided.
Specific embodiment
Here exemplary embodiment will be illustrated in detail, its example is illustrated in the accompanying drawings.Explained below is related to During accompanying drawing, unless otherwise indicated, the same numbers in different accompanying drawings represent same or analogous key element.Following exemplary embodiment Described in embodiment do not represent and the consistent all embodiments of the present invention.Conversely, they be only with it is such as appended The example of the consistent apparatus and method of some aspects described in detail in claims, the present invention.
It is, only merely for the purpose of description specific embodiment, and to be not intended to be limiting the present invention in terminology used in the present invention. " one kind ", " described " and " being somebody's turn to do " of singulative used in the present invention and appended claims is also intended to include majority Form, unless context clearly shows that other implications.It is also understood that term "and/or" used herein is referred to and wrapped Containing one or more associated any or all possible combinations for listing project.
It will be appreciated that though various information, but this may be described using term first, second, third, etc. in the present invention A little information should not necessarily be limited by these terms.These terms are only used for that same type of information is distinguished from each other out.For example, without departing from In the case of the scope of the invention, the first information can also be referred to as the second information, and similarly, the second information can also be referred to as One information.Depending on linguistic context, word as used in this " if " can be construed to " ... when " or " when ... When " or " in response to determining ".
Fig. 1 is the network architecture diagram that the processing system of the login password that the present invention is provided is suitable for, as shown in figure 1, the net Network Organization Chart includes:Client 11, safeguard 12, service equipment 13, log server 14, management equipment 15.Wherein, visitor Family end 11 is arranged on personal computer (Personal Computer, PC), and client 11 can also be arranged on mobile phone, flat board On the terminal devices such as computer, intelligent watch, this sentences client 11 as the example of access equipment;Safeguard 12 is used to gather Log information produced by the access service equipment 13 of client 11 and the feedback client 11 of service equipment 13, log information can be with Comprising the first default mark, the second default mark, IP address, attack time, attack frequency, number of times of attack, the first login password, Account number, five-tuple information etc. are logged in, wherein, the first default mark can be used for marking whether IP address has attack, the Two default marks can be used for mark and whether successful attack, specifically, the correlation of the first default mark and the second default mark Description refers to corresponding content in following step 201, is not first described further herein;Log server 14 is used to store safeguard The log information of 12 collections.
Generally, client 11 is sent for asking during the message for logging in via safeguard 12 to service equipment 13, protection The analytic message of equipment 12 obtains log information.Safeguard 12 sends the daily record report for carrying log information to log server 14 Text, the parsing daily record message of log server 14 obtains log information, and log server 14 determines the access included in log information Whether the IP address of equipment has attack and whether successful attacks, and how access equipment is determined for log server 14 IP address whether there is attack and whether successful step is attacked refer to specifically retouching for step 201 in following Fig. 2 State, be not first described further herein, when the IP address of the determination access equipment of log server 14 has attack and success attack, Log server 14 determine IP address success attack the first login password, the first login password be, for example, " 123456 ", daily record Server 14 sends the first warning message for changing the first login password to management equipment 15, when log server 14 is received When being based on the response message that the first warning message is returned to management equipment 15, the resolution response message of log server 14 obtains second Login password, the second login password be amended login password, the second login password be, for example, " H7uSd4 ", log server Whether effectively 14 determine the second login password based on preset password list, and preset password list is used to recording easily be cracked close Code.Additionally, when log server 14 receives the request message of carrying information to be found of the transmission of management equipment 15, daily record clothes Business device 14 is matched information to be found with the whole log informations recorded in default log list, wherein, information to be found For the information for needing to extract, so that information to be found is for source port 80 as an example, administrative staff are by management equipment 15 Interactive software, be input into information source port 80 to be found, and log server 14 will be recorded in source port 80 and default log list Whole log informations are matched, when information to be found is matched into the one of log information recorded in default log list During work(, log server 14 sends the feedback message for carrying information to be found and relevant information, relevant information to management equipment 15 It is the information obtained via identical packet parsing with information to be found, the source port 80 for for example obtaining via identical packet parsing Relevant information also includes:Destination interface 81, source IP address 192.168.5.17, purpose IP address 124.202.166.57, agreement TCP, the first default mark, the second default mark, attack time, login account number, login password etc..Those skilled in the art can be with It is understood by, in presetting the whole log informations recorded in log list, multiple source ports 80, multiple source ports 80 may be included Each self-corresponding relevant information is fed back to management equipment 15, management equipment show rule to information to be found based on default and Relevant information is shown, and for example, the number of the source port 80 that the match is successful from default log list, source port is shown first 80 corresponding relevant informations can be detailed as daily record, can be shown by way of drop-down menu, by administrative staff's point Hit corresponding source port 80 and then show the corresponding relevant information of source port 80, improve the efficiency of information searching.By this Inventive embodiments, when login password is attacked, log server 14 to management equipment 15 sends the first warning message, is easy to Management equipment 15 is modified in time to login password, obtains the second login password, and log server 14 is arranged based on preset password Whether effectively table determines the second login password, when the second login password is invalid so that management equipment passes through to obtain null result, The second login password is modified in time, when log server 14 needs the log information quantity of analysis and arrangement more huge When, the login password attacked can in time be known by the first warning message managed devices 15, while log server Whether effectively 14 determine the second login password based on preset password list, solves the process effect of the login password to being attacked Rate is low, the low problem of login password validity.
It is that the present invention is further described, there is provided the following example:
Fig. 2 is the embodiment flow chart of the processing method of the login password that the present invention is provided, and with reference to Fig. 1 example is carried out Property explanation, the present embodiment can be applied on the log server 14 in above-mentioned Fig. 1, as shown in Fig. 2 comprising the steps:
Step 201:When it is determined that the IP address of access equipment has attack, it is determined that attack whether success, when it is determined that During success attack, execution step 202- step 205, when it is determined that attacking unsuccessful, execution step 207- step 208.
Step 202:Determine the first login password of IP address success attack.
Step 203:The first warning message for changing the first login password is sent to management equipment.
Step 204:When the response message that management equipment is returned based on the first warning message is received, resolution response message The second login password is obtained, the second login password is amended login password.
Step 205:Whether effectively second login password is determined based on preset password list, preset password list is used to record The password being easily cracked, optionally, after step 205 step 206 is can also carry out.
Step 206:First login password is recorded in preset password list, flow process terminates.
Step 207:Determine that IP address attacks the 4th unsuccessful login password.
Step 208:4th login password is recorded in preset password list, flow process terminates.
In step 201, in one embodiment, using client 11 as access equipment, log server 14 determines daily record Whether the IP address of the access equipment included in information has attack, attacks whether successful method can be:Daily record is believed The first default mark, the second default mark, the IP address of client 11 are included in breath, first presets mark for marking IP address Whether there is attack, whether successful second presets mark attacks for mark.Specifically, it is with IP address 192.168.5.17, there is no attack with first default " 0 " mark IP address 192.168.5.17 that is designated, it is pre- with first If being designated one token IP address 192.168.5.17 has attack, marked with the second default be designated " Login OK " Success attack, by second it is default be designated " Login FAIL " mark attack it is unsuccessful as a example by, when the first default mark is labeled as " 1 ", and second it is default be designated " Login OK ", log server 14 determines the IP address 192.168.5.17 tool of client 11 There are attack and success attack, the execution step 202- step 205 of log server 14;When the first default mark is labeled as " 1 ", And second it is default be designated " Login FAIL ", log server 14 determines that IP address 192.168.5.17 of client 11 has Attack, but attack unsuccessful, the execution step 207- step 208 of log server 14.
It should be noted that when the IP address that client 11 is determined by log server 14 has attack and attack Success, and the IP address for determining client 11 is got when there is the result of attack and success attack, sheet can not be performed Step 201 in embodiment.
In step 202., in one embodiment, log server 14 is used to store the daily record letter of the collection of safeguard 12 Breath, the IP address comprising client 11 and the login password of attack in log information, the login password attacked herein is first Login password, with IP address as 192.168.5.17, the first login password be " 123456 " as a example by, log server 14 determine IP First login password 123456 of address 192.168.5.17 success attacks.
In step 203, in one embodiment, log server 14 sends to management equipment 15 and is logged in for modification first First warning message of password.
In step 204, in one embodiment, when log server 14 receives management equipment 15 based on the first alarm report During the response message that text is returned, the resolution response message of log server 14 obtains the second login password, and the second login password is to repair Login password after changing, the second login password is, for example, " H7uSd4 ".
In step 205, in one embodiment, log server 14 determines the second login password based on preset password list Whether effectively, preset password list is used to record the password being easily cracked, and preset password list records have at least one the 3rd to step on Record password, the password that the 3rd login password herein is as easily cracked, the 3rd login password recorded in preset password list Can also be preset by administrative staff, as shown in table 1, there are 4 the 3rd login passwords with record in preset password list, to pre- If the structure of cipher list is illustrative:
Table 1
Sequence number 3rd login password
1 000000
2 AABBCCDD
3 19890405
4 1A2A3A
5 -
6 -
Sequence number 1,2,3,4 shown in table 1 respectively correspond to the 3rd login password 000000, the 3rd login password AABBCCDD, 3rd login password 19890405, the 3rd login password 1A2A3A;Respectively corresponding "-", "-" are represented and are recorded as sky sequence number 5,6. Specifically, how log server 14 determines that whether effectively the second login password, can based on the preset password list shown in table 1 With reference to step 301 process description in following Fig. 3, first it is not described further herein.
Optionally, step 206 is can also carry out, it should be noted that step 206 is optional step.
In step 206, in one embodiment, log server 14 records the first login password in preset password list In, with reference to table 1, so that the first login password is for 123456 as an example, log server 14 records the first login password 123456 In table 1, the preset password list after record is as shown in table 2:
Table 2
The first login password of corresponding record 123456 of sequence number 5 shown in table 2, for log server 14 client 11 is determined IP address there is attack and success attack, can terminate flow process to this.
In step 207, in one embodiment, row is attacked when log server 14 determines that the IP address of client 11 has For but when attacking unsuccessful, log server 14 determines that IP address attacks unsuccessful the 4th login password, the 4th login password For example, Q4IMN6.
In a step 208, in one embodiment, although the 4th login password is not cracked successfully, but due to the 4th login Password is attacked, and sinks into greatly to be cracked in risk, therefore log server 14 exists the 4th login password equally record In preset password list, for used as the whether effective foundation of amended login password is determined, as shown in table 3, the 4th to log in Password Q4IMN6 is recorded in the preset password list of table 1:
Table 3
Sequence number 3rd login password
1 000000
2 AABBCCDD
3 19890405
4 1A2A3A
5 Q4IMN6
6 -
Determine that the IP address of client 11 has a case that attack but attacks unsuccessful for log server 14, arrive This can terminate flow process.
In the embodiment of the present invention, log server determines that the IP address of access equipment has attack and success attack When, log server sends the first warning message for changing the first login password to management equipment, sets when management is got During amended second login password of standby return, whether log server determines the second login password based on preset password list Effectively, when the second login password is invalid so that management equipment is carried out in time by obtaining null result to the second login password Change, when log server needs the log information quantity of analysis and arrangement more huge, the login password attacked can be with Known in time by the first warning message managed devices, while log server determines the second login based on preset password list Whether effectively, the treatment effeciency for solving login password to being attacked is low, the low problem of login password validity for password.
Fig. 3 is the embodiment flow chart of the processing method of another login password that the present invention is provided, and the present embodiment can be with Apply on the log server 14 in above-mentioned Fig. 1, the embodiment of the present invention combines Fig. 2, table 2, to the how base of log server 14 Whether effectively to determine the second login password in preset password list, illustrative, step 205 is referred in above-mentioned Fig. 2 Preset password list records have at least one the 3rd login passwords, the 3rd login password is the password being easily cracked, such as Fig. 3 institutes Show, comprise the steps:
Step 301:Each the 3rd login password recorded in second login password and preset password list is carried out Match somebody with somebody, when the match is successful for one of them the 3rd login password recorded in the second login password and preset password list, determine the Two login passwords are invalid, execution step 302, when each the 3rd login recorded in the second login password and preset password list Password determines the second login password effectively, execution step 303 when the match is successful.
Step 302:Second warning message invalid for feeding back the second login password is sent to management equipment.
Step 303:Send for confirming the effective confirmation message of the second login password to management equipment.
In step 301, log server 14 by record in the second login password and preset password list each the Three login passwords are matched, when one of them the 3rd login password recorded in the second login password and preset password list With it is successful when, log server 14 determine the second login password it is invalid, with the second login password as 000000, preset password list As a example by table 2, the match is successful for the second login password 000000 the 3rd login password 000000 corresponding with sequence number 1 in table 2, represents Second login password 000000 is easily cracked, and is bad login password, the execution step 302 of log server 14;When the second login Each the 3rd login password recorded in password and preset password list is when the match is successful, and log server 14 determines the Two login passwords effectively, with the second login password as U10DE6, preset password list for table 2 as a example by, the second login password The match is successful with each the 3rd login password in table 2 for U10DE6, represents that the second login password is difficult to be cracked, and is effective Login password, the execution step 303 of log server 14.
In step 302, log server 14 sends the invalid for feeding back the second login password to management equipment 15 Two warning messages.
In step 303, log server 14 is sent for confirming the second login password effectively really to management equipment 15 Recognize message.
In the embodiment of the present invention, whether effectively log server 14 determines the second login password based on preset password list, When log server 14 needs the second login password quantity of analysis and arrangement more huge, preset password list reality can be based on Now to the quick judgement of the second login password validity, the treatment effeciency to the second login password is improve.
Corresponding to the processing method of above-mentioned login password, the invention allows for the hardware knot of the safeguard shown in Fig. 4 Composition.Refer to Fig. 4, in hardware view, the safeguard include processor, internal bus, network interface, internal memory and it is non-easily The property lost memory, the hardware being also possible that certainly required for other business.It is right that processor reads from nonvolatile memory The computer program answered is in internal memory and then runs, and the processing meanss of login password are formed on logic level.Certainly, except soft Outside part implementation, the present invention is not precluded from other implementations, such as mode of logical device or software and hardware combining etc. Deng, that is to say, that the executive agent of following handling process is not limited to each logical block, or hardware or logic device Part.
Fig. 5 is the embodiment block diagram of the processing meanss of the login password that the present invention is provided, as shown in figure 5, the login The processing meanss of password can include:First determining module 51, the first alarm module 52, packet parsing module 53, validity are sentenced Disconnected module 54, wherein:
First determining module 51, for when it is determined that the IP address of access equipment has attack and success attack, really Determine the first login password of IP address success attack;
First alarm module 52, first for determining in sending for changing the first determining module 51 to management equipment steps on First warning message of record password;
Packet parsing module 53, for the first alarm sent in management equipment is received based on the first alarm module 52 During the response message that message is returned, resolution response message obtains the second login password, and the second login password is amended login Password;
Effective judgement module 54, for determining the second login password in packet parsing module 53 based on preset password list Whether effectively, preset password list is used to record the password being easily cracked.
Fig. 6 is the embodiment block diagram of the processing meanss of another login password that the present invention is provided, as shown in fig. 6, upper On the basis of stating embodiment illustrated in fig. 5, Effective judgement module 54 includes:
Password match submodule 541, for by record in the second login password and preset password list each the 3rd Login password is matched, and preset password list records have at least one the 3rd login passwords, and the 3rd login password is easily to be broken The password of solution;
Invalid submodule 542 is determined, for when the second login password in password match submodule 541 and preset password list One of them the 3rd login password of middle record determines that the second login password is invalid when the match is successful;
It is determined that effective submodule 543, for when the second login password in password match submodule 541 and preset password list Each the 3rd login password of middle record determines that the second login password is effective when the match is successful.
In one embodiment, the processing meanss of login password also include:
Second alarm module 55, for when it is determined that determining that the second login password is invalid in invalid submodule 542, to management Equipment sends second warning message invalid for feeding back the second login password.
In one embodiment, the processing meanss of login password also include:
First logging modle 56, for when it is determined that the IP address of access equipment has attack and success attack, inciting somebody to action First login password is recorded in preset password list.
In one embodiment, the processing meanss of login password also include:
Second determining module 57, for when it is determined that the IP address of access equipment have attack but attack it is unsuccessful when, Determine that IP address attacks the 4th unsuccessful login password;
Second logging modle 58, the 4th login password for will determine in the second determining module 57 is recorded in preset password In list.
The function of unit and effect realizes that process specifically refers in said method correspondence step in said apparatus Process is realized, be will not be described here.
For device embodiment, because it corresponds essentially to embodiment of the method, so related part is referring to method reality Apply the part explanation of example.Device embodiment described above is only schematic, wherein described as separating component The unit of explanation can be or may not be physically separate, can be as the part that unit shows or can also It is not physical location, you can be located at a place, or can also be distributed on multiple NEs.Can be according to reality Need the purpose for selecting some or all of module therein to realize the present invention program.Those of ordinary skill in the art are not paying In the case of going out creative work, you can to understand and implement.
As seen from the above-described embodiment, log server determines that the IP address of access equipment has attack and success attack When, log server sends the first warning message for changing the first login password to management equipment, sets when management is got During amended second login password of standby return, whether log server determines the second login password based on preset password list Effectively, when the second login password is invalid so that management equipment is carried out in time by obtaining null result to the second login password Change, when log server needs the log information quantity of analysis and arrangement more huge, the login password attacked can be with Known in time by the first warning message managed devices, while log server determines the second login based on preset password list Whether effectively, the treatment effeciency for solving login password to being attacked is low, the low problem of login password validity for password.
Those skilled in the art will readily occur to its of the present invention after considering specification and putting into practice invention disclosed herein Its embodiment.It is contemplated that cover any modification of the present invention, purposes or adaptations, these modifications, purposes or Person's adaptations follow the general principle of the present invention and including the undocumented common knowledge in the art of the present invention Or conventional techniques.Description and embodiments are considered only as exemplary, and true scope and spirit of the invention are by following Claim is pointed out.
Also, it should be noted that term " including ", "comprising" or its any other variant are intended to nonexcludability Comprising so that a series of process, method, commodity or equipment including key elements not only includes those key elements, but also wrapping Other key elements being not expressly set out are included, or also includes intrinsic for this process, method, commodity or equipment wanting Element.In the absence of more restrictions, the key element for being limited by sentence "including a ...", it is not excluded that wanting including described Also there is other identical element in process, method, commodity or the equipment of element.
Presently preferred embodiments of the present invention is the foregoing is only, not to limit the present invention, all essences in the present invention Within god and principle, any modification, equivalent substitution and improvements done etc. should be included within the scope of protection of the invention.

Claims (10)

1. a kind of processing method of login password, it is characterised in that methods described includes:
When it is determined that the IP address of access equipment has attack and success attack, the of the IP address success attack is determined One login password;
The first warning message for changing first login password is sent to management equipment;
When the response message that the management equipment is returned based on first warning message is received, message is analyzed the response to The second login password is obtained, second login password is amended login password;
Whether effectively second login password is determined based on preset password list, the preset password list is used to record easily quilt The password for cracking.
2. method according to claim 1, it is characterised in that the preset password list records have at least one the 3rd to step on Record password, the 3rd login password is the password being easily cracked, described to determine described second based on preset password list Whether login password effectively includes:
Second login password is matched with each the 3rd login password recorded in the preset password list;
When one of them the 3rd login password recorded in second login password with the preset password list, the match is successful When, determine that second login password is invalid;
When second login password is not matched into each the 3rd login password recorded in the preset password list During work(, determine that second login password is effective.
3. method according to claim 2, it is characterised in that methods described also includes:
When it is determined that second login password is invalid, to the management equipment send for feed back second login password without Second warning message of effect.
4. method according to claim 1, it is characterised in that methods described also includes:
First login password is recorded in the preset password list.
5. method according to claim 1, it is characterised in that methods described also includes:
When it is determined that the IP address of the access equipment has attack but attacks unsuccessful, determine that the IP address is attacked not Successful 4th login password;
4th login password is recorded in preset password list.
6. a kind of processing meanss of login password, it is characterised in that described device includes:
First determining module, for when it is determined that the IP address of access equipment has attack and success attack, it is determined that described First login password of IP address success attack;
First alarm module, described first for determining in sending for changing first determining module to management equipment steps on First warning message of record password;
Packet parsing module, for described first of the transmission in the management equipment is received based on first alarm module During the response message that warning message is returned, analyze the response to message and obtain the second login password, second login password is Amended login password;
Effective judgement module, for determining the second login password described in the packet parsing module based on preset password list Whether effectively, the preset password list is used to record the password being easily cracked.
7. device according to claim 6, it is characterised in that the Effective judgement module includes:
Password match submodule, for by record in second login password and the preset password list each the 3rd Login password is matched, and the preset password list records have at least one the 3rd login passwords, the 3rd login password For the password being easily cracked;
Determine invalid submodule, arrange with the preset password for working as the second login password described in the password match submodule One of them the 3rd login password recorded in table determines that second login password is invalid when the match is successful;
It is determined that effective submodule, arranges for working as the second login password described in the password match submodule with the preset password Each the 3rd login password recorded in table determines that second login password is effective when the match is successful.
8. device according to claim 7, it is characterised in that described device also includes:
Second alarm module, for when it is described determine determine that second login password is invalid in invalid submodule when, to described Management equipment sends second warning message invalid for feeding back second login password.
9. device according to claim 6, it is characterised in that described device also includes:
First logging modle, for when it is determined that the IP address of access equipment has attack and success attack, by described One login password is recorded in the preset password list;And/or,
Second determining module, for when it is determined that the IP address of the access equipment have attack but attack it is unsuccessful when, really The fixed IP address attacks the 4th unsuccessful login password;
Second logging modle, the 4th login password for will determine in second determining module is recorded in preset password In list.
10. a kind of processing system of modification logging, it is characterised in that the system includes:Client, safeguard, service set Standby, log server, management equipment;Wherein,
The client, for sending the message logged in for request to the service equipment via the safeguard;
The safeguard, for parsing the message, the daily record for carrying the log information is sent to the log server Message;
The log server, for parsing the daily record message log information is obtained, when true based on the log information When the IP address for determining access equipment has attack and success attack, determine that the first login of the IP address success attack is close Code, to the management equipment the first warning message for changing first login password is sent;
The management equipment, for returning the response message generated based on first warning message to the log server;
The log server, for analyzing the response to message the second login password is obtained, and second login password is to repair Whether effectively login password after changing, determine second login password, the preset password list based on preset password list For recording the password being easily cracked, when the log server receives the carrying information to be found that the management equipment sends Request message when, by the information to be found with the default log list record whole log informations matched, The information to be found be need extract information, when in the information to be found with the default log list record wherein One log information sends the feedback report for carrying the information to be found and relevant information to the management equipment when the match is successful Text, the relevant information is the information obtained via identical packet parsing with the information to be found;
The management equipment, for showing that rule is shown to the information to be found and relevant information based on default.
CN201710035910.7A 2017-01-18 2017-01-18 Login password processing method, apparatus and system Pending CN106657139A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710035910.7A CN106657139A (en) 2017-01-18 2017-01-18 Login password processing method, apparatus and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710035910.7A CN106657139A (en) 2017-01-18 2017-01-18 Login password processing method, apparatus and system

Publications (1)

Publication Number Publication Date
CN106657139A true CN106657139A (en) 2017-05-10

Family

ID=58841805

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710035910.7A Pending CN106657139A (en) 2017-01-18 2017-01-18 Login password processing method, apparatus and system

Country Status (1)

Country Link
CN (1) CN106657139A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107332703A (en) * 2017-06-28 2017-11-07 武汉斗鱼网络科技有限公司 A kind of inspection method and device of many application daily records
CN109815689A (en) * 2018-12-28 2019-05-28 北京奇安信科技有限公司 A kind of website cipher safety guard method and device

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130318578A1 (en) * 2012-05-24 2013-11-28 Ca, Inc. Password management and smart honey pot system
CN103532797A (en) * 2013-11-06 2014-01-22 网之易信息技术(北京)有限公司 Abnormity monitoring method and device for user registration
CN104348817A (en) * 2013-08-07 2015-02-11 深圳市腾讯计算机系统有限公司 User account protection method and user account protection device
CN104811447A (en) * 2015-04-21 2015-07-29 深信服网络科技(深圳)有限公司 Security detection method and system based on attack association
CN104811449A (en) * 2015-04-21 2015-07-29 深信服网络科技(深圳)有限公司 Base collision attack detecting method and system
CN105376210A (en) * 2014-12-08 2016-03-02 哈尔滨安天科技股份有限公司 Account threat identification and defense method and system
CN105406976A (en) * 2014-08-29 2016-03-16 中国电信股份有限公司 Weak password checking method and system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130318578A1 (en) * 2012-05-24 2013-11-28 Ca, Inc. Password management and smart honey pot system
CN104348817A (en) * 2013-08-07 2015-02-11 深圳市腾讯计算机系统有限公司 User account protection method and user account protection device
CN103532797A (en) * 2013-11-06 2014-01-22 网之易信息技术(北京)有限公司 Abnormity monitoring method and device for user registration
CN105406976A (en) * 2014-08-29 2016-03-16 中国电信股份有限公司 Weak password checking method and system
CN105376210A (en) * 2014-12-08 2016-03-02 哈尔滨安天科技股份有限公司 Account threat identification and defense method and system
CN104811447A (en) * 2015-04-21 2015-07-29 深信服网络科技(深圳)有限公司 Security detection method and system based on attack association
CN104811449A (en) * 2015-04-21 2015-07-29 深信服网络科技(深圳)有限公司 Base collision attack detecting method and system

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107332703A (en) * 2017-06-28 2017-11-07 武汉斗鱼网络科技有限公司 A kind of inspection method and device of many application daily records
CN107332703B (en) * 2017-06-28 2020-08-04 武汉斗鱼网络科技有限公司 Method and device for checking multi-application logs
CN109815689A (en) * 2018-12-28 2019-05-28 北京奇安信科技有限公司 A kind of website cipher safety guard method and device

Similar Documents

Publication Publication Date Title
USRE49089E1 (en) Security for WAP servers
CN110881044B (en) Computer firewall dynamic defense security platform
AU2007273085B2 (en) System and method of analyzing web content
EP2191610B1 (en) Software based multi-channel polymorphic data obfuscation
US20080168546A1 (en) Randomized images collection method enabling a user means for entering data from an insecure client-computing device to a server-computing device
CN108809895B (en) Method and device for detecting weak password
CN107770171A (en) The verification method and system of the anti-reptile of server
CN106878265A (en) A kind of data processing method and device
CN105939326A (en) Message processing method and device
CN105516133A (en) User identity verification method, server and client
CN109861968A (en) Resource access control method, device, computer equipment and storage medium
CN101473314B (en) Entering confidential information on an untrusted machine
CN105939327A (en) Auditing log generation method and device
CN113098835A (en) Honeypot implementation method based on block chain, honeypot client and honeypot system
CN106921671A (en) The detection method and device of a kind of network attack
McCalley et al. Analysis of back-doored phishing kits
Yuan et al. Developing Abuse Cases Based on Threat Modeling and Attack Patterns.
Djap et al. Xb-pot: Revealing honeypot-based attacker’s behaviors
CN106657139A (en) Login password processing method, apparatus and system
CN105141624B (en) Login method, account management server and FTP client FTP
CN103188208B (en) Authority control method, system and the call center of web page access
RU103643U1 (en) ANTI-PHISH ATTACK SYSTEM
CN106295366B (en) Sensitive data identification method and device
US20090150448A1 (en) Method for identifying at least two similar webpages
Ham et al. Big Data Preprocessing Mechanism for Analytics of Mobile Web Log.

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170510