CN108494749B - Method, device and equipment for disabling IP address and computer readable storage medium - Google Patents
Method, device and equipment for disabling IP address and computer readable storage medium Download PDFInfo
- Publication number
- CN108494749B CN108494749B CN201810192262.0A CN201810192262A CN108494749B CN 108494749 B CN108494749 B CN 108494749B CN 201810192262 A CN201810192262 A CN 201810192262A CN 108494749 B CN108494749 B CN 108494749B
- Authority
- CN
- China
- Prior art keywords
- address
- white list
- login
- disabling
- preset value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method for disabling an IP address, which comprises the following steps: recording the times of inputting wrong passwords for each IP address during login; judging whether the number of times of inputting wrong passwords in the preset time is equal to or greater than a first preset value or not; if the IP address is equal to or greater than the first preset value, extracting data recorded in an IP address white list, and judging whether the IP address is the data recorded in the white list; if the IP address is the data recorded in the white list, the authority of continuing login of the IP address is granted, otherwise, the IP address is forbidden. The invention also discloses a device and equipment for disabling the IP address and a computer readable storage medium. The invention can intelligently identify, investigate and judge the IP address, effectively defend malicious login behaviors and simultaneously avoid the behavior of forbidding the IP address by mistake.
Description
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a method, an apparatus, a device, and a computer-readable storage medium for disabling an IP address.
Background
At present, along with the continuous development of computer technology, the information security problem has attracted more and more extensive attention. Once the malicious login succeeds, a hacker or a virus installs a malicious program on a system, steals confidential data or sends a junk mail by using a controlled computer, so that the user is irretrievably lost.
Therefore, the existing method for preventing malicious login generally disables an IP address triggering password input error when malicious login is detected, for example, when a password input error is detected, so as to prevent malicious login, but disables the IP address triggering password input error when a password input error is detected, so that the possibility of false disabling may occur, and the disabling management of the IP address is not intelligent enough, for example, when a plurality of users log in through a public network, when a plurality of users forget the password, the same IP address may have a situation of inputting the password for many times, but at this time, the password input error caused by malicious login is not generated, but the IP address is still disabled at this time, so as to cause false disabling.
Disclosure of Invention
The invention mainly aims to provide a method, a device, equipment and a computer readable storage medium for disabling an IP address, and aims to solve the technical problems that the existing method for preventing malicious login has the possibility of mistaken disabling and the IP address is not intelligent enough in disabling management.
In order to achieve the above object, the present invention provides a method for disabling an IP address, the method comprising:
recording the times of inputting wrong passwords for each IP address during login;
judging whether the number of times of inputting wrong passwords in the preset time is equal to or greater than a first preset value or not;
if the IP address is equal to or greater than the first preset value, extracting data recorded in an IP address white list, and judging whether the IP address is the data recorded in the white list;
if the IP address is the data recorded in the white list, the authority of continuing login of the IP address is granted, otherwise, the IP address is forbidden.
Optionally, after the step of disabling the IP address, the method further includes:
acquiring received authority information, and judging whether the received authority information meets preset conditions or not, wherein the preset conditions comprise IP addresses of employees in the system and verified IP addresses;
and if the received authority information meets the preset condition, decapsulating the forbidden IP address corresponding to the received authority information.
Optionally, the step of acquiring the received permission information and determining whether the received permission information meets a preset condition includes:
acquiring a login name of the last login of the IP address, extracting an employee job number corresponding to the login name through the login name, and sending the employee job number to a database for storing employee information for verification;
after the verification is passed, extracting the login authority corresponding to the forbidden address through the employee job number;
and judging whether the login authority meets the unsealing standard or not.
Optionally, after the step of decapsulating the forbidden IP address corresponding to the received permission information, the method further includes:
and recording the IP address after the unsealing into an IP address white list, and dynamically updating the IP address white list.
Optionally, after the step of recording the decapsulated IP address into an IP address white list and dynamically updating the IP address white list, the method further includes:
acquiring the number of times of errors of a password input by a login request initiated by each IP address in a white list in a preset period;
judging whether the number of times of errors of the password input by the login request initiated by each IP address is greater than a second preset value or not;
and when the number of times of errors of the password input by the login request initiated by the IP address is greater than a second preset value, removing the corresponding IP address from the white list, or sending the IP address to a monitoring end for confirmation.
Optionally, after the step of disabling the IP address, the method further includes:
extracting a login account corresponding to the wrong input password of the IP address during login;
and sending the information of the monitoring alarm and the forbidden IP address to a reserved account corresponding to the extracted login account.
Optionally, before the step of recording the number of times of inputting the wrong password at login of each IP address, the method further includes:
and establishing an IP address white list according to the received instruction, and recording the IP addresses meeting preset conditions in the IP address white list.
In addition, to achieve the above object, the present invention further provides an IP address disabling apparatus, including:
the recording module is used for recording the times of inputting wrong passwords when each IP address is logged in;
the judging module is used for judging whether the times of inputting the wrong password in the preset time is equal to or greater than a first preset value or not; if the IP address is equal to or greater than the first preset value, extracting data recorded in an IP address white list, and judging whether the IP address is the data recorded in the white list; if the IP address is the data recorded in the white list, the authority of continuing login of the IP address is granted, otherwise, the IP address is forbidden.
In addition, in order to achieve the above object, the present invention further provides an IP address disabling device, where the IP address disabling device includes an IP address disabling program, and the IP address disabling program implements the steps of the IP address disabling method when executed by the IP address disabling device.
Furthermore, to achieve the above object, the present invention further provides a computer readable storage medium, on which an IP address disabling program is stored, which when executed by a processor implements the steps of the IP address disabling method as described above.
The method, the device, the equipment and the computer readable storage medium for disabling the IP address provided by the invention record the times of inputting wrong passwords when each IP address is logged in; then judging whether the number of times of inputting wrong passwords in the preset time is equal to or greater than a first preset value or not; if the IP address is equal to or greater than the first preset value, extracting data recorded in an IP address white list, and judging whether the IP address is the data recorded in the white list; if the IP address is the data recorded in the white list, the IP address is granted the authority of continuing login, otherwise, the IP address is forbidden, so that the IP address is intelligently identified, checked and judged, malicious login behaviors are effectively prevented, and the mistaken forbidden behaviors of the IP address are avoided.
Drawings
FIG. 1 is a flowchart illustrating a first embodiment of a method for disabling an IP address according to the present invention;
FIG. 2 is a flowchart illustrating a method for disabling an IP address according to a second embodiment of the present invention;
FIG. 3 is a flowchart illustrating a method for disabling an IP address according to a third embodiment of the present invention;
FIG. 4 is a flowchart illustrating a fourth embodiment of a method for disabling an IP address according to the present invention;
fig. 5 is a schematic device structure diagram of a hardware operating environment according to an embodiment of the present invention.
The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The main solution of the embodiment of the invention is as follows: the number of times of inputting wrong passwords during login of each IP address is recorded; then judging whether the number of times of inputting wrong passwords in the preset time is equal to or greater than a first preset value or not; if the IP address is equal to or greater than the first preset value, extracting data recorded in an IP address white list, and judging whether the IP address is the data recorded in the white list; if the IP address is the data recorded in the white list, the IP address is granted the authority of continuing login, otherwise, the IP address is forbidden, so that the IP address is intelligently identified, checked and judged, malicious login behaviors are effectively prevented, and the mistaken forbidden behaviors of the IP address are avoided.
The embodiment of the invention considers that the existing method for preventing malicious login generally disables the IP address triggering the password input error when malicious login is detected, for example, when the password input error is detected, so as to prevent malicious login, but disables the IP address triggering the password input error when the password input error is detected, so that the possibility of error disabling can occur, the disabling management of the IP address is not intelligent enough, for example, when a plurality of users log in through a public network, when the users forget the password, the situation that the password is input for a plurality of times at the same IP address can occur, but the password is not input by the malicious login at the moment, but the IP address is disabled at the moment, so as to cause error disabling.
Therefore, the embodiment of the invention provides a method for disabling an IP address, which comprises the steps of recording the times of inputting an error password when each IP address logs in; then judging whether the number of times of inputting wrong passwords in the preset time is equal to or greater than a first preset value or not; if the IP address is equal to or greater than the first preset value, extracting data recorded in an IP address white list, and judging whether the IP address is the data recorded in the white list; if the IP address is the data recorded in the white list, the IP address is granted the authority of continuing login, otherwise, the IP address is forbidden, so that the IP address is intelligently identified, checked and judged, malicious login behaviors are effectively prevented, and the mistaken forbidden behaviors of the IP address are avoided.
The invention provides a method for disabling an IP address.
Referring to fig. 1, fig. 1 is a flowchart illustrating a method for disabling an IP address according to a first embodiment of the present invention.
In this embodiment, the method includes:
step S10, recording the times of inputting error password when each IP address is logged in;
in this embodiment, the logging status of each IP address in the system may be recorded by a server or a system background, where the server, also called a server, is a device providing computing services. Since the server needs to respond to and process the service request, the server generally has the capability of assuming and securing the service. The server is constructed to include a processor, a hard disk, a memory, a system bus, etc., similar to a general-purpose computer architecture, but requires high processing power, stability, reliability, security, scalability, manageability, etc., due to the need to provide highly reliable services.
The role of the server may include: 1. the network operating system is operated to control and coordinate the work among the computers in the network, so as to meet the requirements of users to the maximum extent and respond and process. 2. Shared resources in a storage and management network, such as databases, files, applications, disk space, printers, plotters, and the like. 3. For the application service of each workstation, a Client/Server (Client/Server) structure is adopted, so that the network Server not only acts as a network Server, but also acts as an application Server. 4. Monitor and control network activities, actually manage the network, allocate system resources, learn and adjust system operating states, shut down/start up certain resources, and the like. Therefore, the specific situation of logging in the system by each IP address can be supervised and recorded by the server, and the number of times of inputting wrong passwords during logging in each IP address is recorded. The number of times of inputting wrong passwords during login of each IP address can be recorded through the background of the system currently.
Further, before the step of recording the number of times of inputting the wrong password at login of each IP address, the method further includes:
and establishing an IP address white list according to the received instruction, and recording the IP addresses meeting preset conditions in the IP address white list.
Before implementing each embodiment of the present invention, an IP address white list may be established in advance according to a received instruction, and then, an IP address meeting a preset condition is recorded in the IP address white list, such as an IP address of an employee inside a system, a verified IP address, and the like.
Step S20, determining whether the number of times of inputting the wrong password within the preset time is equal to or greater than a first preset value;
after the number of times of inputting the error password at the login of each IP address is recorded, the number of times of inputting the error password recorded within the preset time may be compared with a first preset value, so as to determine whether the number of times of inputting the error password within the preset time is equal to or greater than the first preset value, where the preset time may be five minutes or other time values, which is not limited herein, and the first preset value may be specifically set according to a value of the preset time, for example, when the preset time is five minutes, the first preset value may be 5 or other integer values.
Step S30, if the IP address is equal to or larger than the first preset value, extracting data recorded in an IP address white list, and judging whether the IP address is the data recorded in the white list;
when the number of times of inputting wrong passwords during login of the IP address is equal to or greater than a first preset value, extracting data recorded in a white list of the IP address, and judging whether the IP address is the data recorded in the white list; specifically, the IP address recorded in the preset time and having the number of times of inputting the wrong password equal to or greater than the first preset value may be matched with the data recorded in the extracted white list, and if the consistent data is matched in the white list, it is determined that the IP address is the data recorded in the white list.
Step S40, if the IP address is the data recorded in the white list, the IP address is granted the authority to continue logging in,
step S50, if the IP address is not the data recorded in the white list, the IP address is disabled.
If the IP address with the number of times of inputting the wrong password during login being equal to or larger than the first preset value is determined to be data recorded in a white list through comparison, the current IP address is an IP address meeting preset conditions, such as the IP address of an employee in the system, the verified IP address and the like, the IP address does not need to be forbidden, and therefore the mistaken forbidden is prevented, and troubles are brought to a user; if the IP address with the number of times of inputting the wrong password during login being equal to or larger than the first preset value is determined not to be data recorded in the white list, the current IP address is forbidden if the current IP address is considered to have the risk of malicious login, and malicious login behaviors are prevented, so that the data information safety of the user is ensured.
In the method for disabling an IP address provided in this embodiment, the number of times of inputting an error password during login of each IP address is recorded; then judging whether the number of times of inputting wrong passwords in the preset time is equal to or greater than a first preset value or not; if the IP address is equal to or greater than the first preset value, extracting data recorded in an IP address white list, and judging whether the IP address is the data recorded in the white list; if the IP address is the data recorded in the white list, the IP address is granted the authority of continuing login, otherwise, the IP address is forbidden, so that the IP address is intelligently identified, checked and judged, malicious login behaviors are effectively prevented, and the mistaken forbidden behaviors of the IP address are avoided.
Further, referring to fig. 2, a second embodiment of the present invention is proposed based on the first embodiment of the method for IP address disabling of the present invention.
In this embodiment, the steps after step S40 further include:
step S60, acquiring the received authority information, and judging whether the received authority information meets preset conditions, wherein the preset conditions comprise IP addresses of employees in the system and verified IP addresses;
in this embodiment, after the IP address is disabled, the user may unseal by inputting the verification information, specifically, the system or the server first obtains the authority information input by the user, and then determines whether the received authority information meets a preset condition, such as whether the received authority information is an IP address of an employee inside the system, a verified IP address, and the like; judging whether the IP address is the IP address of the internal employee or not, wherein the judgment can be carried out through the employee number;
step S70, if the received permission information meets the preset condition, decapsulating the forbidden IP address corresponding to the received permission information.
And if the received authority information meets the preset conditions, such as the IP address of an employee in the system or the verified IP address, decapsulating the forbidden IP address corresponding to the received authority information. And if the received authority information is determined to be not in accordance with the preset condition through verification, the IP address is continuously forbidden.
Further, the step S50 includes:
acquiring a login name of the last login of the IP address, extracting an employee job number corresponding to the login name through the login name, and sending the employee job number to a database for storing employee information for verification;
in this embodiment, after receiving the decapsulation authority input by the user, the method may first obtain a login name of the last login of the IP address, extract an employee job number corresponding to the login name through the login name, and then send the employee job number to a database storing employee information for verification; the verified internal part can comprise whether the staff corresponding to the current staff number is an internal staff, whether the staff is in position, and the like;
after the verification is passed, extracting the login authority corresponding to the forbidden address through the employee job number;
when the employee passes the verification, the employee corresponding to the current employee job number is determined to be an internal employee, and after the employee is in the job, the login authority corresponding to the forbidden address, such as a system capable of logging in, a recorded login IP and the like, is extracted through the employee job number;
and judging whether the login authority meets the unsealing standard or not.
After the login authority is extracted, whether the login authority meets the unsealing standard needs to be further judged, for example, whether the current IP address can log in the current system, whether the recorded login IP address is the IP address of the staff in the system, the verified IP address and the like.
Further, referring to fig. 3, a third embodiment of the present invention is proposed based on a second embodiment of the method for IP address disabling of the present invention.
In this embodiment, the steps after step S70 further include:
and step S80, recording the IP address after decapsulation into an IP address white list, and dynamically updating the IP address white list.
After decapsulating the disabled IP addresses, the decapsulated IP addresses may be added to an IP address whitelist for dynamic updating of the IP address whitelist.
Further, the steps after the step S80 further include:
acquiring the number of times of errors of a password input by a login request initiated by each IP address in a white list in a preset period;
in this embodiment, after the white list of IP addresses is updated, the number of times that a password input by a login request initiated by each IP address in the white list is wrong in a preset period may be further obtained; the preset period may be one day, two days, etc.
Judging whether the number of times of errors of the password input by the login request initiated by each IP address is greater than a second preset value or not;
then judging whether the number of times of errors of the password input by the login request initiated by each IP address is greater than a second preset value or not; wherein, the second preset value may be 10, or other integer values;
and when the number of times of errors of the password input by the login request initiated by the IP address is greater than a second preset value, removing the corresponding IP address from the white list, or sending the IP address to a monitoring end for confirmation.
When the number of times of errors of a password input by a login request initiated by an IP address is larger than a second preset value, the possibility that the current IP address is stolen and malicious login is carried out exists, and at the moment, the corresponding IP address is removed from a white list or sent to a monitoring end for confirmation.
Further, referring to fig. 4, a fourth embodiment of the present invention is proposed based on the first embodiment of the method for IP address disabling of the present invention.
In this embodiment, the steps after step S50 further include:
step S90, extracting a login account corresponding to the error password input when the IP address is logged in;
in this embodiment, after disabling an IP address for which an input error password is equal to or greater than a first preset value, a warning may be further given to a login account corresponding to an input password error during login, so that a login account corresponding to an input password error during login of the IP address needs to be extracted first, and a reserved account corresponding to the login account is further extracted;
and S100, sending the information of the monitoring alarm and the forbidden IP address to a reserved account corresponding to the extracted login account.
After the login account and the corresponding reserved account are extracted, the monitoring alarm information and the forbidden IP address can be sent to the reserved account corresponding to the extracted login account, so that a user can be reminded of preventing in time, and operations such as password modification are performed.
The present invention further provides a device for disabling an IP address, the device comprising:
the recording module is used for recording the times of inputting wrong passwords when each IP address is logged in;
the judging module is used for judging whether the times of inputting the wrong password in the preset time is equal to or greater than a first preset value or not; if the IP address is equal to or greater than the first preset value, extracting data recorded in an IP address white list, and judging whether the IP address is the data recorded in the white list; if the IP address is the data recorded in the white list, the authority of continuing login of the IP address is granted, otherwise, the IP address is forbidden.
The specific embodiment of the apparatus for disabling an IP address of the present invention is substantially the same as the embodiments of the method for disabling an IP address described above, and will not be described herein again.
The embodiment of the invention further provides equipment for disabling the IP address.
Referring to fig. 5, fig. 5 is a schematic device structure diagram of a hardware operating environment according to an embodiment of the present invention.
As shown in fig. 5, the IP address disabled device may include: a processor 1001, such as a CPU, a network interface 1002, a user interface 1003, and a memory 1004. Connection communication between these components may be realized by a communication bus. The network interface 1002 may optionally include a standard wired interface (for connecting to a wired network), a wireless interface (e.g., a WI-FI interface, a bluetooth interface, an infrared interface, etc., for connecting to a wireless network). The user interface 1003 may include a Display screen (Display), an input unit such as a Keyboard (Keyboard), and the optional user interface 1003 may also include a standard wired interface (e.g., for connecting a wired Keyboard, a wired mouse, etc.) and/or a wireless interface (e.g., for connecting a wireless Keyboard, a wireless mouse). The memory 1004 may be a high-speed RAM memory or a non-volatile memory (e.g., a disk memory). The memory 1004 may alternatively be a storage device separate from the processor 1001.
Optionally, the IP address disabled device may further include a camera, a Radio Frequency (RF) circuit, a sensor, an audio circuit, a WiFi module, and the like.
Those skilled in the art will appreciate that the IP address disabling device configurations shown in the figures do not constitute a limitation of IP address disabling devices and may include more or fewer components than shown, or some components may be combined, or a different arrangement of components.
As shown in fig. 5, the memory 1004, which is a kind of computer storage medium, may include therein an operating system, a network communication module, a user interface module, and a program for IP address disabling. The operating system is a program for managing and controlling the hardware and software resources of the equipment with disabled IP addresses, and supports the running of a network communication module, a user interface module, the program with disabled IP addresses and other programs or software; the network communication module is used for managing and controlling the network interface 1002; the user interface module is used to manage and control the user interface 1003.
In the IP address disabled device shown in fig. 5, the network interface 1002 is mainly used for connecting to a database and performing data communication with the database; the user interface 1003 is mainly used to connect a client (which may be understood as a user side) and perform data communication with the client, for example, display information to the client through a window or receive operation information sent by the client; and processor 1001 may be configured to execute programs for IP address disablement stored in memory 1004 to implement the steps of the above-described method embodiments of IP address disablement.
Embodiments of the present invention also provide a computer-readable storage medium, which stores one or more programs that are executable by one or more processors to implement the steps of the above-described embodiments of the method for disabling an IP address.
It should also be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (such as a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.
Claims (5)
1. A method of IP address disabling, the method comprising the steps of:
recording the times of inputting wrong passwords for each IP address during login;
judging whether the number of times of inputting wrong passwords in the preset time is equal to or greater than a first preset value or not;
if the IP address is equal to or greater than the first preset value, extracting data recorded in an IP address white list, and judging whether the IP address is the data recorded in the white list;
if the IP address is data recorded in a white list, granting the IP address permission to continue logging, otherwise, forbidding the IP address;
after the IP address is forbidden, acquiring a login account corresponding to the error password input when the IP address logs in, and generating monitoring alarm information;
sending the information of the monitoring alarm and the forbidden IP address to a reserved account corresponding to the login account, wherein the forbidden IP address can be unpacked;
recording the IP address after decapsulation into an IP address white list, and dynamically updating the IP address white list;
acquiring the number of times of errors of a password input by a login request initiated by each IP address in a white list in a preset period;
judging whether the number of times of errors of the password input by the login request initiated by each IP address is greater than a second preset value or not;
and when the number of times of errors of the password input by the login request initiated by the IP address is greater than a second preset value, removing the corresponding IP address from the white list, or sending the IP address to a monitoring end for confirmation.
2. The method of IP address disabling according to claim 1, wherein said step of recording the number of times each IP address enters a wrong password at login, further comprises:
and establishing an IP address white list according to the received instruction, and recording the IP addresses meeting preset conditions in the IP address white list.
3. An apparatus for IP address disabling, the apparatus comprising:
the recording module is used for recording the times of inputting wrong passwords when each IP address is logged in;
the judging module is used for judging whether the times of inputting the wrong password in the preset time is equal to or greater than a first preset value or not; if the IP address is equal to or greater than the first preset value, extracting data recorded in an IP address white list, and judging whether the IP address is the data recorded in the white list; if the IP address is data recorded in a white list, granting the IP address permission to continue logging, otherwise, forbidding the IP address;
the warning module is used for acquiring a login account corresponding to the error password input when the IP address is logged in after the IP address is forbidden, and generating monitoring warning information; sending the information of the monitoring alarm and the forbidden IP address to a reserved account corresponding to the login account, wherein the forbidden IP address can be unpacked;
the white list recording module is used for recording the IP address after the unsealing into an IP address white list and dynamically updating the IP address white list;
the white list removing module is used for acquiring the number of times of errors of passwords input by login requests initiated by all IP addresses in the white list in a preset period; judging whether the number of times of errors of the password input by the login request initiated by each IP address is greater than a second preset value or not; and when the number of times of errors of the password input by the login request initiated by the IP address is greater than a second preset value, removing the corresponding IP address from the white list, or sending the IP address to a monitoring end for confirmation.
4. An IP address disabling device comprising a memory, a processor and an IP address disabling program stored on the memory and executable on the processor, the IP address disabling program when executed by the processor implementing the steps of the method of IP address disabling according to any one of claims 1 to 2.
5. A computer-readable storage medium, characterized in that the computer-readable storage medium has stored thereon a program for IP address disabling, which program, when executed by a processor, carries out the steps of the method for IP address disabling according to any one of claims 1 to 2.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810192262.0A CN108494749B (en) | 2018-03-07 | 2018-03-07 | Method, device and equipment for disabling IP address and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810192262.0A CN108494749B (en) | 2018-03-07 | 2018-03-07 | Method, device and equipment for disabling IP address and computer readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108494749A CN108494749A (en) | 2018-09-04 |
| CN108494749B true CN108494749B (en) | 2021-06-04 |
Family
ID=63338092
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810192262.0A Active CN108494749B (en) | 2018-03-07 | 2018-03-07 | Method, device and equipment for disabling IP address and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108494749B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110011992B (en) * | 2019-03-25 | 2022-07-26 | 联想(北京)有限公司 | System login method and electronic equipment |
| CN114499973B (en) * | 2021-12-28 | 2023-09-01 | 重庆医药高等专科学校 | Safety protection system for asset management system |
| CN117035891A (en) * | 2023-08-17 | 2023-11-10 | 慧众合(山东)科技创新发展有限公司 | Market trading system based on knowledge graph |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050188222A1 (en) * | 2004-02-24 | 2005-08-25 | Covelight Systems, Inc. | Methods, systems and computer program products for monitoring user login activity for a server application |
| CN101431449B (en) * | 2008-11-04 | 2011-05-04 | 中国科学院计算技术研究所 | Network flux cleaning system |
| CN106874744A (en) * | 2017-01-19 | 2017-06-20 | 深圳市金立通信设备有限公司 | A kind of method and terminal for preventing from missing locking terminal |
| CN107231346A (en) * | 2017-05-03 | 2017-10-03 | 北京海顿中科技术有限公司 | A kind of method of cloud platform identification |
| CN107295017A (en) * | 2017-08-10 | 2017-10-24 | 四川长虹电器股份有限公司 | CC means of defences based on user authentication |
-
2018
- 2018-03-07 CN CN201810192262.0A patent/CN108494749B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN108494749A (en) | 2018-09-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20200162466A1 (en) | Certificate based profile confirmation | |
| US10735964B2 (en) | Associating services to perimeters | |
| US8464320B2 (en) | System and method for providing authentication continuity | |
| US8839354B2 (en) | Mobile enterprise server and client device interaction | |
| CN108701175B (en) | Associating user accounts with enterprise workspaces | |
| CN110324338B (en) | Data interaction method, device, fort machine and computer readable storage medium | |
| US10542044B2 (en) | Authentication incident detection and management | |
| JP2016541082A (en) | Connection management method, apparatus, electronic equipment, program, and recording medium | |
| US20170118647A1 (en) | Transmitting Management Commands to a Client Device | |
| CN108494749B (en) | Method, device and equipment for disabling IP address and computer readable storage medium | |
| CN111800408B (en) | Policy configuration device, security policy configuration method of terminal, and readable storage medium | |
| CN111433770A (en) | User-selected key authentication | |
| US20200267146A1 (en) | Network analytics for network security enforcement | |
| WO2015039562A1 (en) | Method and device for account information processing | |
| WO2016072833A1 (en) | System and method to disable factory reset | |
| CN111737232A (en) | Database management method, system, device, equipment and computer storage medium | |
| US9607176B2 (en) | Secure copy and paste of mobile app data | |
| CN114244568B (en) | Security access control method, device and equipment based on terminal access behavior | |
| CN106919812B (en) | Application process authority management method and device | |
| CN106485104B (en) | Automatic restoration method, device and system for terminal security policy | |
| US8477747B1 (en) | Automatic capture of wireless endpoints for connection enforcement | |
| CN114519184B (en) | Account number encryption method, account number encryption device, account number encryption equipment and medium based on Agent process | |
| CN111970225B (en) | Monitoring method and system of terminal equipment, computer equipment and storage medium | |
| JP4437259B2 (en) | Network management method and network management system | |
| CN118132247A (en) | Cloud platform access method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |