CN106778281A - A kind of method for repairing security breaches, device and electronic equipment - Google Patents
A kind of method for repairing security breaches, device and electronic equipment Download PDFInfo
- Publication number
- CN106778281A CN106778281A CN201610997267.1A CN201610997267A CN106778281A CN 106778281 A CN106778281 A CN 106778281A CN 201610997267 A CN201610997267 A CN 201610997267A CN 106778281 A CN106778281 A CN 106778281A
- Authority
- CN
- China
- Prior art keywords
- server
- configuration file
- address
- configuration
- port numbers
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a kind of method for repairing security breaches, device and electronic equipment, wherein, the method includes:The configuration file for configuration server parameter is obtained, configuration file includes the port numbers and mailing address of server;Port numbers in configuration file are revised as default destination port number;The local communication address of server is obtained, and the mailing address in configuration file is bound the local communication address of server;For configuration file specifies destination path, load path when destination path is startup of server configuration file.The method is by setting the configuration file comprising port numbers and address, the setting of home server can be changed after server runs the configuration file, so that be locally configured more conforming to security strategy, such that it is able to repair the security breaches of security configuration problem, the safety upgrade of server can be rapidly completed, it is ensured that the stability of online service.
Description
Technical field
The present invention relates to leak recovery technique field, more particularly to a kind of method for repairing security breaches, device and electronics
Equipment.
Background technology
Redis is a high performance key-value storage system.Redis is similar with Memcached, but redis is supported
The value types of storage are relatively more, including string (character string), list (chained list), set (set), zset (sorted
Set-- ordered sets) and hash (Hash type).The appearance of Redis, largely compensate for this kind of key/ of memcached
The deficiency of value storages, in part, occasion can play good supplementary function to relational database.
With the continuous improvement of hacker's technology, and redis caching technologys are commonly used, and hacker has been able to pass through
The security breaches of redis attack redis servers, therefore are badly in need of the quick security breaches made up for redis.
In process of the present invention is realized, inventor has found that at least there are the following problems in correlation technique:
Redis security breaches are all repaired by hand by attendant, because number of servers is more, cause to safeguard work
Work amount is big, time-consuming, it is impossible to rapidly and efficiently solve the problems, such as redis Server Securities.
The information for being disclosed in the background section is merely intended to increase the understanding to general background of the invention, without answering
In being considered as recognizing or imply in any form that the information structure has been the prior art well known to persons skilled in the art.
The content of the invention
It is existing so as to overcome it is an object of the invention to provide a kind of method for repairing security breaches, device and electronic equipment
There is the reparation security breaches defect that time-consuming, efficiency is low.
A kind of method for repairing security breaches provided in an embodiment of the present invention, including:Obtain for configuration server parameter
Configuration file, the port numbers and mailing address of the configuration file including server;By the port numbers in the configuration file
It is revised as default destination port number;Obtain the local communication address of the server, and by the communication in the configuration file
Address binding is the local communication address;For the configuration file specifies destination path, the destination path is the service
Device starts the load path during configuration file.
In a kind of possible implementation, after the configuration file obtained for configuration server parameter, should
Method also includes:Whether the active user for judging to start server is root user;If active user is root user, creates and use
In the targeted customer for starting server, the authority of the authority less than the root user of the targeted customer.
In a kind of possible implementation, after the configuration file obtained for configuration server parameter, should
Method also includes:Obtain the server password of user input;It is close in the server password renewal configuration file
Code.
In a kind of possible implementation, the port numbers by the configuration file are revised as default destination end
Slogan, including:Server group where determining server;Using the port numbers of the server group as destination port number.
In a kind of possible implementation, the local communication address of the server includes the local echoing ground of server
Location and/or local internal address.
Based on same inventive concept, the embodiment of the present invention also provides a kind of device for repairing security breaches, including:Obtain
Module, for obtaining the configuration file for configuration server parameter, the configuration file includes the port numbers of server and leads to
Letter address;Modified module, for the port numbers in the configuration file to be revised as into default destination port number;Binding module,
For obtaining the local communication address of the server, and the mailing address in the configuration file is bound into the server
Local communication address;Path configuration module, for specifying destination path for the configuration file, the destination path is described
Load path described in startup of server during configuration file.
In a kind of possible implementation, the device also includes:Judge module;Configuration text is obtained in the acquisition module
After part, whether the active user that the judge module is used to judge to start server is root user;If active user is
Root user, creates the targeted customer for starting the server, and the authority of the targeted customer is less than the root user
Authority.
In a kind of possible implementation, the device also includes:Update module;The acquisition module is obtaining configuration text
After part, the acquisition module is additionally operable to obtain the server password of user input;The update module is used for according to the clothes
Password in configuration file described in business device password update.
In a kind of possible implementation, the modified module includes:Determining unit, where for determining server
Server group;Modification unit, for using the port numbers of the server group as destination port number.
In a kind of possible implementation, the local communication address of the server includes the local echoing ground of server
Location and/or local internal address.
For achieving the above object, another further aspect, the embodiment of the invention provides a kind of electronic equipment, including:At least
One processor;And the memory being connected with least one processor communication;Wherein, have can quilt for the memory storage
The instruction of at least one computing device, the instruction by least one computing device so that described at least one
Method described in individual computing device above various aspects.
For achieving the above object, another further aspect, it is readable that the embodiment of the present application additionally provides a kind of non-transient computer
Storage medium, be stored with computer executable instructions, and the computer executable instructions are used to perform described in above various aspects
Method.
For achieving the above object, another further aspect, the embodiment of the invention provides a kind of computer program product, described
Computer program product includes computer program of the storage on non-transient computer readable storage medium storing program for executing, the computer program
Including programmed instruction, when described program instruction is computer-executed, the computer is set to perform described in above various aspects
Method.
A kind of method for repairing security breaches provided in an embodiment of the present invention, device and electronic equipment, are included by setting
The port numbers of server and the configuration file of mailing address, and port numbers in parameter editor's configuration file of server and
Mailing address, can change the setting of home server so that be locally configured more after server runs the configuration file
Meet security strategy, such that it is able to repair the security breaches of security configuration problem.The configuration file goes for different clothes
Business and can be replicated or recycle device, so as to realize that the quick change server of batch is set according to the method, can
It is rapidly completed the safety upgrade of server, it is ensured that the stability of online service.
Other features and advantages of the present invention will be illustrated in the following description, also, the partly change from specification
Obtain it is clear that or being understood by implementing the present invention.The purpose of the present invention and other advantages can be by the explanations write
Specifically noted structure is realized and obtained in book, claims and accompanying drawing.
Brief description of the drawings
One or more embodiments are illustrative by the picture in corresponding accompanying drawing, these exemplary theorys
The bright restriction not constituted to embodiment, the element with same reference numbers label is expressed as similar element in accompanying drawing, removes
It is non-to have especially statement, the figure not composition limitation in accompanying drawing.
Fig. 1 is the method flow diagram of reparation security breaches in the embodiment of the present invention;
Fig. 2 is the method flow diagram of authority judgement in the embodiment of the present invention;
Fig. 3 is the method flow diagram of Modify password in the embodiment of the present invention;
Fig. 4 is that the port numbers in configuration file are revised as the method stream of default destination port number in the embodiment of the present invention
Cheng Tu;
Fig. 5 is the method flow diagram of reparation security breaches in the embodiment of the present invention 1;
Fig. 6 is the first structure figure of the device of reparation security breaches in the embodiment of the present invention;
Fig. 7 is the second structure chart of the device of reparation security breaches in the embodiment of the present invention;
Fig. 8 is the 3rd structure chart of the device of reparation security breaches in the embodiment of the present invention;
Fig. 9 is the structure chart of modified module in the embodiment of the present invention;
Figure 10 is the structure chart of the electronic equipment of reparation security breaches in the embodiment of the present invention.
Specific embodiment
Below in conjunction with the accompanying drawings, specific embodiment of the invention is described in detail, it is to be understood that guarantor of the invention
Shield scope is not limited by specific embodiment.
To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with the embodiment of the present invention
In accompanying drawing, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is
A part of embodiment of the present invention, rather than whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art
The every other embodiment obtained under the premise of creative work is not made, belongs to the scope of protection of the invention.Unless
Separately there are other to explicitly indicate that, otherwise in entire disclosure and claims, term " including " or its conversion such as "comprising" or
" including " etc. will be understood to comprise stated element or part, and not exclude other elements or other compositions
Part.
Special word " exemplary " means " being used as example, embodiment or illustrative " herein.Here as " exemplary "
Illustrated any embodiment should not necessarily be construed as preferred or advantageous over other embodiments.
In addition, in order to better illustrate the present invention, numerous details are given in specific embodiment below.
It will be appreciated by those skilled in the art that without some details, the present invention can equally be implemented.In some instances, for
Method well known to those skilled in the art, means, element are not described in detail, in order to highlight purport of the invention.
Explicitly indicated that unless otherwise other, otherwise in entire disclosure and claims, term " including " or its change
Change such as "comprising" or " including " etc. and will be understood to comprise stated element or part, and do not exclude other units
Part or other parts.
A kind of method for repairing security breaches is the embodiment of the invention provides, Fig. 1 is the flow chart of the method, is specifically included
Step 101-104:
Step 101:The configuration file for configuration server parameter is obtained, the configuration file includes the port numbers of server
And mailing address.
In the embodiment of the present invention, the configuration file is the file for configuration server parameter in server, specifically can be with
It is the configuration file of redis servers.The configuration file is the file for needing startup of server, can be used in the embodiment of the present invention
In reparation security breaches.Be present the security breaches of security configuration in existing redis servers, in the embodiment of the present invention, needing
When wanting the security breaches of remediation server, obtain the configuration file and it is modified, redis servers are by starting afterwards
Amended configuration file is locally configured to change so that being locally configured for server more conforms to security strategy, such that it is able to
Repair the security breaches of security configuration problem.
Wherein, configuration file includes the port numbers and mailing address of server, and port numbers are used for the port of configuration server
Number, mailing address is used for the mailing address of configuration server.The configuration file can also be configured including password, user right etc..
Step 102:Port numbers in configuration file are revised as default destination port number.
In the embodiment of the present invention, " configuration file include port numbers " is meant in configuration file comprising can set port
Number field, i.e., an initial port numbers can be set in original configuration file, in a step 102 by the initial port
Number destination port number is revised as, the destination port number is according to the predetermined port numbers of security strategy;Or, due to there is people
To change the situation of configuration file middle-end slogan, now in original configuration file, the field for setting port numbers may
It is empty (i.e. not comprising an original port numbers), destination port number is directly now assigned to corresponding word in a step 102
Section.Specifically the port numbers in configuration file can be changed by the executable file (such as script) of certain format.By that will match somebody with somebody
The port numbers put in file are revised as destination port number, after the startup of server configuration file, can be by the end of server
Slogan is revised as the destination port number so that the port numbers configuration of server more conforms to security strategy;Meanwhile, change port numbers
Process can be performed by executable file, it is not necessary to it is artificial to participate in, can also improve speed while manual resource is saved
And efficiency.
Step 103:The local communication address of server is obtained, and the mailing address in configuration file is bound into server
Local communication address.
Mean in configuration file comprising can be with " configuration file includes mailing address " likewise, in the embodiment of the present invention
The field of mailing address is set, i.e., initial mailing address can be set in original configuration file, it is in step 103 that this is first
The mailing address of beginning is revised as local communication address;Or, due to the situation that there is mailing address in artificial modification configuration file,
Now in original configuration file, for set mailing address field may for it is empty (i.e. not comprising it is initial communicatedly
Location), directly give corresponding field by the local communication address assignment of server in step 103.
Wherein, the local communication address difference of server and the local of the outbound communication address of server, i.e. server are led to
Letter address only uses in limited scope.By the local communication ground that the mailing address in configuration file is bound server
Location, so as to limit other-end by outbound communication address access server, and then improves the security of server.
Specifically, in the embodiment of the present invention, the local communication address of server include the local echoing address of server and/
Or local internal address.Wherein, the machine loopback address (Loopback Address) is the IP address inside host ip storehouse, main
It is used for network software test and local interprocess communication, can be typically set to 127.0.0.1.Local internal address is this
Address in LAN residing for ground server, can typically be set to 192.168.1.x, wherein, x is a numerical value in 0-255.
Step 104:For configuration file specifies destination path, loading road when destination path is startup of server configuration file
Footpath.
In the embodiment of the present invention, specified configuration file destination path (for example:/ etc/redis.conf) after, redis
Server can start the configuration file, and then cause that redis servers change the setting of home server so that locally match somebody with somebody
Put and more conform to security strategy, such that it is able to repair the security breaches of security configuration problem.
It is provided in an embodiment of the present invention it is a kind of repair security breaches method, by set comprising server port numbers and
The configuration file of mailing address, and port numbers and mailing address in parameter editor's configuration file of server, in service
Device runs the setting that home server can be changed after the configuration file so that is locally configured and more conforms to security strategy, from
And the security breaches of security configuration problem can be repaired.The configuration file goes for different servers and can be replicated
Or recycle, so as to realize that the quick change server of batch is set according to the method, server can be rapidly completed
Safety upgrade, it is ensured that the stability of online service.
Another embodiment of the present invention provides a kind of method for repairing security breaches, including the step 101- shown in Fig. 1
104, the embodiment of its realization principle and beneficial effect with reference to shown in Fig. 1.Additionally, the present embodiment obtains configuration text in step 101
Shown in Figure 2 also including authority deterministic process after part, the authority deterministic process is specifically included:Step 110-111.
Step 110:Whether the active user for judging to start server is root user.
Step 111:If active user is root user, the targeted customer for starting server is created, the targeted customer
Authority less than root user authority.
Root is present in linux system, unix system and class unix system, is unique power user, phase in system
As the SYSTEM user in Windows systems.Root user has all of authority in system, such as starts or stops one and enters
Journey, deletion increase user, increase or disable hardware etc..Because root user has all of authority, if so with
Root user starts redis servers, is easily caused server and is completely controlled, and security is relatively low.Therefore in the embodiment of the present invention
In, when active user is root user, create the targeted customer for starting server.Wherein, can be set in configuration file
Have the field of addition user, will targeted customer added in configuration file.When server is started with targeted customer, due to mesh
The authority for marking user is not high, can to a certain extent improve the security of server.
Shown in Figure 3 in a kind of possible implementation, after step 101 obtains configuration file, the method is also
Process including Modify password, specifically includes step 201-202:
Step 201:Obtain the server password of user input.
Step 202:According to the password in server password more new configuration file.
In the embodiment of the present invention, configured by the password to server, the security of server can be improved.Specifically
, the server password can be server principal and subordinate's read-write password, according to the service after server principal and subordinate's read-write password is obtained
Principal and subordinate's read-write password in device principal and subordinate read-write password more new configuration file.
Wherein, server principal and subordinate read-write password is user's sets itself, and each server has independent password,
One group of server can be set to same password, the convenient format management server to organize.Because the speed of redis is suitable
It is fast, per second to carry out 150K password attempt under a relatively good server, setting a password for complexity can carry
High security;Meanwhile, it is that principal and subordinate's server is respectively provided with principal and subordinate's read-write password, further improve the security of server.
It is shown in Figure 4 in a kind of possible implementation, the port numbers in configuration file are changed in step 102
For default destination port number specifically includes step 301-302:
Step 301:Server group where determining server.
Step 302:The port numbers of server group as destination port number will be distributed to.
In the embodiment of the present invention, server group specifically can be distributed artificially, it is also possible to which function according to server etc. is carried out
Automatic distribution.The port numbers of server group determine the port numbers in configuration file according to where server, and the startup of server is matched somebody with somebody
Port numbers can be updated after putting file.Multiple servers can be set to by same port numbers by the above method, it is convenient
Management server.
The flow of the method is discussed in detail below by one embodiment.
In the present embodiment, configuration file includes user, the port numbers of server, mailing address and principal and subordinate's password, specifically
, shown in Figure 5, the method flow for repairing security breaches includes step 401-408:
Step 401:Obtain configuration file.
Wherein, the configuration file includes user, the port numbers of server, mailing address and principal and subordinate's password.
Step 402:Judge whether active user is root user, when active user is root user, continue step
403, otherwise continue step 404.
Wherein, when active user is not root user, it is not necessary to active user is modified, you can be not provided with matching somebody with somebody
Put the user in file.
Step 403:The targeted customer for starting server is created, and the user in configuration file is updated to the target
User.
Step 404:Port numbers in configuration file are revised as default destination port number.
Step 405:The local communication address of server is obtained, and the mailing address in configuration file is bound into server
Local communication address.
Wherein, the local communication address of server includes the local echoing address of server and local internal address, locally
Loopback address can be set to 127.0.0.1, and local internal address can be set to 192.168.1.x.
Step 406:For configuration file specifies destination path.
The load path when destination path is startup of server configuration file.
Step 407:The startup of server configuration file.
Step 408:Restart server.
Because some configurations of server need just be come into force after performing reboot operation, therefore changed according to configuration file
Need to restart server with postponing.
It is provided in an embodiment of the present invention it is a kind of repair security breaches method, by set comprising server port numbers and
The configuration file of head portrait address, and port numbers and mailing address in parameter editor's configuration file of server, in service
Device runs the setting that home server can be changed after the configuration file so that is locally configured and more conforms to security strategy, from
And the security breaches of security configuration problem can be repaired.The configuration file goes for different servers and can be replicated
Or recycle, so as to realize that the quick change server of batch is set according to the method, server can be rapidly completed
Safety upgrade, it is ensured that the stability of online service.
A kind of method flow for repairing security breaches is described in detail above, and the method can also be by corresponding device reality
It is existing, the 26S Proteasome Structure and Function of the device is described in detail below.
A kind of device for repairing security breaches provided in an embodiment of the present invention, it is shown in Figure 6, including:Acquisition module 51,
Modified module 52, binding module 53 and path configuration module 54.
Acquisition module 51 is used to obtain the configuration file for configuration server parameter, and configuration file includes the end of server
Slogan and mailing address.
Modified module 52 is used to for the port numbers in configuration file to be revised as default destination port number.
Binding module 53 is used to obtain the local communication address of server, and the mailing address in configuration file is bound
The local communication address of server.
Path configuration module 54 is used to specify destination path for configuration file, and destination path is startup of server configuration file
When load path.
Another embodiment of the present invention provides a kind of device for repairing security breaches, including acquisition module 51 shown in Fig. 6,
The implementation of modified module 52, binding module 53 and path configuration module 54, its realization principle and beneficial effect with reference to shown in Fig. 6
Example.Additionally, shown in Figure 7, the device of the reparation security breaches that the present embodiment is provided also includes:Judge module 55.Obtaining
Module 51 is obtained after configuration file, and whether the active user that judge module 55 is used to judge to start server is root user,
When active user is root user, the targeted customer for starting server is created, the authority of targeted customer is used less than root
The authority at family.
Another embodiment of the present invention provides a kind of device for repairing security breaches, including acquisition module 51 shown in Fig. 6,
The implementation of modified module 52, binding module 53 and path configuration module 54, its realization principle and beneficial effect with reference to shown in Fig. 6
Example.Additionally, shown in Figure 8, the device of the reparation security breaches that the present embodiment is provided also includes:Update module 56.Obtain mould
After configuration file is obtained, acquisition module 51 is additionally operable to obtain server principal and subordinate's read-write password of user input to block 51.Update
Module 56 is used for the principal and subordinate's read-write password in server principal and subordinate read-write password more new configuration file.
Another embodiment of the present invention provides a kind of device for repairing security breaches, including acquisition module 51 shown in Fig. 6,
The implementation of modified module 52, binding module 53 and path configuration module 54, its realization principle and beneficial effect with reference to shown in Fig. 6
Example.Additionally, shown in Figure 9, modified module 52 includes:Determining unit 521 and modification unit 522.
The server group that determining unit 521 is used for where determining server.
Modification unit 522 is used to that the port numbers of server group as destination port number will to be distributed to.
In a kind of possible implementation, the local address of server include the local echoing address of server and/or
Local internal address.
A kind of method and device for repairing security breaches provided in an embodiment of the present invention, by setting the end comprising server
The configuration file of slogan and mailing address, and port numbers and mailing address in parameter editor's configuration file of server,
The setting of home server can be changed after server runs the configuration file so that be locally configured and more conform to safe plan
Slightly, such that it is able to repair the security breaches of security configuration problem.The configuration file goes for different servers and can be with
It is replicated or recycles, so as to realize that the quick change server of batch is set according to the method, clothes can be rapidly completed
The safety upgrade of business device, it is ensured that the stability of online service.
The embodiment of the present application provides a kind of nonvolatile computer storage media, and the computer-readable storage medium is stored with
Computer executable instructions, the computer executable instructions can perform the processing method in above-mentioned any means embodiment.
Figure 10 is the hardware architecture diagram of the electronic equipment of the method for the reparation security breaches that the embodiment of the present application is provided,
As shown in Figure 10, the equipment includes one or more processors 610 and memory 620.It is with a processor 610 in Figure 10
Example.The equipment can also include:Input unit 630 and output device 640.
Processor 610, memory 620, input unit 630 and output device 640 can be by bus or other modes
Connection, in Figure 10 as a example by being connected by bus.
Memory 620 can be used to store non-volatile software journey as a kind of non-volatile computer readable storage medium storing program for executing
Sequence, non-volatile computer executable program and module.Processor 610 is non-easy in memory 620 by running storage
The property lost software program, instruction and module, so as to perform various function application and the data processing of electronic equipment, that is, realize
State the processing method of embodiment of the method.
Memory 620 can include storing program area and storage data field, wherein, storing program area can store operation system
Application program required for system, at least one function;Storage data field can data storage etc..Additionally, memory 620 can include
High-speed random access memory, can also include nonvolatile memory, for example, at least one disk memory, flash memories
Part or other non-volatile solid state memory parts.In certain embodiments, memory 620 is optional including relative to processor 610
Remotely located memory, these remote memories can be by network connection to processing unit.The example of above-mentioned network includes
But it is not limited to internet, intranet, LAN, mobile radio communication and combinations thereof.
Input unit 630 can receive the numeral or character information of input, and produce signal input.Output device 640 can
The display device such as including display screen.
One or more of modules are stored in the memory 620, when by one or more of processors
During 610 execution, perform:Configuration file is obtained, the configuration file includes port numbers and address;By the end in the configuration file
Slogan is revised as default destination port number;The local address of server is obtained, and by the address binding in the configuration file
It is the local address of the server;For the configuration file specifies destination path, the destination path is startup of server institute
State load path during configuration file.
In a kind of possible implementation, after the acquisition configuration file, the method also includes:Judge to start clothes
Whether the active user of business device is root user, when active user is root user, creates the target for starting server
User, the authority of the authority less than the root user of the targeted customer.
In a kind of possible implementation, after the acquisition configuration file, the method also includes:Obtain user defeated
The server principal and subordinate's read-write password for entering;The principal and subordinate's read-write in the configuration file is updated according to the server principal and subordinate read-write password
Password.
In a kind of possible implementation, the port numbers by the configuration file are revised as default destination end
Slogan, including:Server group where determining server;The port numbers of the server group as target port will be distributed to
Number.
In a kind of possible implementation, the local address of the server includes the local echoing address of server
And/or local internal address.
The method that the executable the embodiment of the present application of the said goods is provided, possesses the corresponding functional module of execution method and has
Beneficial effect.Not ins and outs of detailed description in the present embodiment, reference can be made to the method that the embodiment of the present application is provided.
The electronic equipment of the embodiment of the present application exists in a variety of forms, including but not limited to:
(1) mobile communication equipment:The characteristics of this kind equipment is that possess mobile communication function, and to provide speech, data
It is main target to communicate.This Terminal Type includes:Smart mobile phone (such as iPhone), multimedia handset, feature mobile phone, and it is low
End mobile phone etc..
(2) super mobile personal computer equipment:This kind equipment belongs to the category of personal computer, there is calculating and treatment work(
Can, typically also possess mobile Internet access characteristic.This Terminal Type includes:PDA, MID and UMPC equipment etc., such as iPad.
(3) portable entertainment device:This kind equipment can show and play content of multimedia.The kind equipment includes:Audio,
Video player (such as iPod), handheld device, e-book, and intelligent toy and portable car-mounted navigation equipment.
(4) server:The equipment for providing the service of calculating, the composition of server includes that processor, hard disk, internal memory, system are total
Line etc., server is similar with general computer architecture, but due to needing to provide highly reliable service, therefore in treatment energy
The requirement of the aspects such as power, stability, reliability, security, scalability, manageability is higher.
(5) other have the electronic installation of data interaction function.
Device embodiment described above is only schematical, wherein the unit illustrated as separating component can
To be or may not be physically separate, the part shown as unit can be or may not be physics list
Unit, you can with positioned at a place, or can also be distributed on multiple NEs.It can according to the actual needs be selected
In some or all of module realize the purpose of this embodiment scheme.
Through the above description of the embodiments, those skilled in the art can be understood that each implementation method can
Realized by the mode of software plus general hardware platform, naturally it is also possible to by hardware.Based on such understanding, above-mentioned technology
The part that scheme substantially contributes to correlation technique in other words can be embodied in the form of software product, the computer
Software product can be stored in a computer-readable storage medium, and such as ROM/RAM, magnetic disc, CD, including some instructions are used to
So that computer equipment (can be personal computer, server, or network equipment etc.) perform each embodiment or
Method described in some parts of embodiment.
Finally it should be noted that:Above example is only used to illustrate the technical scheme of the application, rather than its limitations;Although
The application has been described in detail with reference to the foregoing embodiments, it will be understood by those within the art that:It still may be used
Modified with to the technical scheme described in foregoing embodiments, or equivalent is carried out to which part technical characteristic;
And these modification or replace, do not make appropriate technical solution essence depart from each embodiment technical scheme of the application spirit and
Scope.
Industrial applicibility
The method of a kind of reparation security breaches that the embodiment of the present application is provided, by obtaining for configuration server parameter
Configuration file, the configuration file includes port numbers and the head portrait address of server;Port numbers in the configuration file are repaiied
It is changed to default destination port number;The local communication address of server is obtained, and the mailing address in the configuration file is tied up
It is set to the local communication address of the server;For the configuration file specifies destination path, the destination path is server
Start the load path during configuration file, realize beneficial effect.
Claims (11)
1. it is a kind of repair security breaches method, it is characterised in that including:
Obtain the configuration file for configuration server parameter, the configuration file includes port numbers of server and communicatedly
Location;
Port numbers in the configuration file are revised as default destination port number;
The local communication address of the server is obtained, and the mailing address in the configuration file is bound described local logical
Letter address;
For the configuration file specifies destination path, the adding when destination path is configuration file described in the startup of server
Carry path.
2. method according to claim 1, it is characterised in that in the configuration text obtained for configuration server parameter
After part, also include:
Whether the active user for judging to start the server is root user;
If active user is root user, the targeted customer for starting the server, the authority of the targeted customer are created
Less than the authority of the root user.
3. method according to claim 1, it is characterised in that in the configuration text obtained for configuration server parameter
After part, also include:
Obtain the server password of user input;
Password in the configuration file is updated according to the server password.
4. method according to claim 1, it is characterised in that the port numbers by the configuration file are revised as pre-
If destination port number, including:
Server group where determining server;
Using the port numbers of the server group as destination port number.
5. according to any described methods of claim 1-4, it is characterised in that the local communication address of the server includes clothes
The local echoing address of business device and/or local internal address.
6. it is a kind of repair security breaches device, it is characterised in that including:
Acquisition module, for obtaining the configuration file for configuration server parameter, the configuration file includes the end of server
Slogan and mailing address;
Modified module, for the port numbers in the configuration file to be revised as into default destination port number;
Binding module, for obtaining the local communication address of the server, and the mailing address in the configuration file is tied up
It is set to the local communication address of the server;
Path configuration module, for specifying destination path for the configuration file, the destination path is the startup of server
The load path during configuration file.
7. device according to claim 6, it is characterised in that also include:Judge module;
After the acquisition module obtains configuration file, the judge module is used for the current use for judging to start the server
Whether family is root user;If active user is root user, the targeted customer for starting the server, the mesh are created
Mark the authority of the authority less than the root user of user.
8. device according to claim 6, it is characterised in that also include:Update module;
The acquisition module is after configuration file is obtained, and the server that the acquisition module is additionally operable to obtain user input is close
Code;
The update module is used to update the password in the configuration file according to the server password.
9. device according to claim 6, it is characterised in that the modified module includes:
Determining unit, the server group where for determining server;
Modification unit, for using the port numbers of the server group as destination port number.
10. according to any described devices of claim 6-9, it is characterised in that the local communication address of the server includes
The local echoing address of server and/or local internal address.
11. a kind of electronic equipment, including:
At least one processor;And,
The memory being connected with least one processor communication;Wherein,
The memory storage has can be by the instruction of at least one computing device, and the instruction is by described at least one
Reason device is performed, so that at least one processor is able to carry out the method any one of claim 1-5.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610997267.1A CN106778281A (en) | 2016-11-10 | 2016-11-10 | A kind of method for repairing security breaches, device and electronic equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610997267.1A CN106778281A (en) | 2016-11-10 | 2016-11-10 | A kind of method for repairing security breaches, device and electronic equipment |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106778281A true CN106778281A (en) | 2017-05-31 |
Family
ID=58973335
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610997267.1A Pending CN106778281A (en) | 2016-11-10 | 2016-11-10 | A kind of method for repairing security breaches, device and electronic equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106778281A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113179183A (en) * | 2021-04-29 | 2021-07-27 | 杭州迪普科技股份有限公司 | Service switch state control device and method |
CN113238810A (en) * | 2021-02-24 | 2021-08-10 | 紫光云技术有限公司 | Linux-based service redis configuration method |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1452363A (en) * | 2002-04-16 | 2003-10-29 | 富士通株式会社 | Service controlling network and controlling method thereof |
US20110164506A1 (en) * | 2009-12-22 | 2011-07-07 | Angelos Stavrou | Inferring Packet Management Rules |
CN104639536A (en) * | 2015-01-05 | 2015-05-20 | 浪潮(北京)电子信息产业有限公司 | Method and system for preventing network attack |
CN105703925A (en) * | 2014-11-25 | 2016-06-22 | 上海天脉聚源文化传媒有限公司 | Security reinforcement method and system for Linux system |
-
2016
- 2016-11-10 CN CN201610997267.1A patent/CN106778281A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1452363A (en) * | 2002-04-16 | 2003-10-29 | 富士通株式会社 | Service controlling network and controlling method thereof |
US20110164506A1 (en) * | 2009-12-22 | 2011-07-07 | Angelos Stavrou | Inferring Packet Management Rules |
CN105703925A (en) * | 2014-11-25 | 2016-06-22 | 上海天脉聚源文化传媒有限公司 | Security reinforcement method and system for Linux system |
CN104639536A (en) * | 2015-01-05 | 2015-05-20 | 浪潮(北京)电子信息产业有限公司 | Method and system for preventing network attack |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113238810A (en) * | 2021-02-24 | 2021-08-10 | 紫光云技术有限公司 | Linux-based service redis configuration method |
CN113179183A (en) * | 2021-04-29 | 2021-07-27 | 杭州迪普科技股份有限公司 | Service switch state control device and method |
CN113179183B (en) * | 2021-04-29 | 2023-02-07 | 杭州迪普科技股份有限公司 | Service switch state control device and method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108845950A (en) | Test device, the method for test and storage medium | |
CN105337928A (en) | User identity identification method and apparatus, and safety protection problem generation method and apparatus | |
CN107426041B (en) | Method and device for analyzing command | |
CN103390003A (en) | Method and device for combining user data information among servers | |
CN109194689B (en) | Abnormal behavior recognition method, device, server and storage medium | |
CN106648612A (en) | Popup window configuration method and device | |
CN109298877A (en) | Game renewal method and system, terminal and computer readable storage medium | |
CN109005198A (en) | A kind of controller attack protection security strategy generation method and system | |
CN108549555A (en) | Processing method, embedded system device and the storage medium of customized software | |
CN105589699A (en) | Serial number information update method, device and terminal | |
CN109447384A (en) | Verification method, device, equipment and the storage medium of air control system | |
CN106778281A (en) | A kind of method for repairing security breaches, device and electronic equipment | |
CN103049374B (en) | Automatic testing method and device | |
CN105224541B (en) | Uniqueness control method, information storage means and the device of data | |
CN106203092A (en) | Method and device for intercepting shutdown of malicious program and electronic equipment | |
CN110135163B (en) | Security detection method, device and system based on target application | |
CN103873439B (en) | The method and electronic equipment of a kind of networking | |
CN110175437A (en) | It is a kind of for access terminal authorization control method, apparatus and host terminal | |
CN103685259B (en) | The method and its device of Account Logon | |
CN104703173B (en) | The configuration of terminal applies account and detection method, apparatus and system | |
CN109165712A (en) | Distributed generation method, device and computer storage medium by stages number | |
CN108009411A (en) | Method, apparatus and computing device based on recognition of face control automobile | |
CN105590052A (en) | Method for controlling installation of browser plug-in | |
CN106406674A (en) | Mobile terminal application starting method and device | |
CN105867922A (en) | Differential upgrade method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20170531 |