CN108667689A - Network layer Cookie monitor and detections method, apparatus, electronic equipment, storage medium - Google Patents
Network layer Cookie monitor and detections method, apparatus, electronic equipment, storage medium Download PDFInfo
- Publication number
- CN108667689A CN108667689A CN201810470986.7A CN201810470986A CN108667689A CN 108667689 A CN108667689 A CN 108667689A CN 201810470986 A CN201810470986 A CN 201810470986A CN 108667689 A CN108667689 A CN 108667689A
- Authority
- CN
- China
- Prior art keywords
- cookie
- queue
- detected
- application server
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/50—Testing arrangements
Abstract
A kind of network layer Cookie monitor and detections method, apparatus of present invention offer, electronic equipment, storage medium.Method includes:S110:The inquiry message of the addresses ip comprising application server to be detected is sent to first queue;S120:Inquiry message is obtained from first queue, it is determined whether Cookie packet capturings are carried out to the application server to be detected of the addresses ip;S130:It will indicate whether that the determination message that Cookie packet capturings are carried out to the application servers to be detected of the addresses ip is sent to second queue:S140:It is obtained from second queue and determines message, carry out Cookie packet capturings;S150:Cookie data is sent to third queue;S160:Cookie data is obtained from third queue, judges whether captured Cookie data meets predefined rule collection;S170:The Cookie data for not meeting predefined rule collection is sent to the 4th queue;S180:Cookie data is obtained from the 4th queue, will not met in the Cookie data deposit Cookie data library of predefined rule collection.Method and device provided by the invention improves the efficiency of Cookie monitor and detections by way of detecting automatically.
Description
Technical field
The present invention relates to computer application technology more particularly to a kind of network layer Cookie monitor and detections method, dresses
It sets, electronic equipment, storage medium.
Background technology
With increasing for Internet company's number of users, data volume also can be increasing, and company wants in Cookie secure contexts
That asks is also increasingly stringenter.For the preferably use of specification intra-company Cookie, avoid because Cookie lack of standardization or
Inappropriate use impacts business, and tester just needs, when test phase carries out functional verification to website, browsing
Manual test is carried out to Cookie in device.
Above-mentioned technical proposal can have as a drawback that:
(1) mode of manual test takes;
(2) since exploitation version is always in iteration, retest will be carried out by causing to issue every time;
(3) mode of manual test is easy to happen Cookie against regulation and omits;
(4) Test Strategy disunity, website between corporate department are numerous, tester is too many, it is not easy to implement one
The test of new type.
It can be seen that the Cookie test mode efficiency of the prior art is very low.
Invention content
The present invention provides a kind of monitor and detection sides network layer Cookie to overcome the problems of the above-mentioned prior art
Method, device, electronic equipment, storage medium can improve the efficiency of Cookie monitor and detections by way of detecting automatically.
According to an aspect of the present invention, a kind of network layer Cookie monitor and detection methods are provided, including:
S110:The inquiry message of the addresses ip comprising application server to be detected is sent to first queue;
S120:The addresses ip of the application server to be detected in the inquiry message are obtained from the first queue, and really
It is fixed whether Cookie packet capturings to be carried out to the application server to be detected of the addresses ip;
S130:It will indicate whether that the application server to be detected to the addresses ip carries out the determination message hair of Cookie packet capturings
It send to second queue:
S140:It is obtained from the second queue and determines message, and the application to be detected for carrying out Cookie packet capturings to instruction takes
Business device carries out Cookie packet capturings;
S150:The Cookie data captured from application server to be detected by Cookie packet capturings is sent to third team
Row;
S160:The Cookie data of application server crawl to be detected is obtained from the third queue, and judges to be captured
Cookie data whether meet predefined rule collection;
S170:The Cookie data for not meeting predefined rule collection is sent to the 4th queue;And
S180:The Cookie data for not meeting predefined rule collection is obtained from the 4th queue, it is predefined when not meeting
The Cookie data of rule set is accumulated to predetermined quantity, then the Cookie data for not meeting predefined rule collection is stored in Cookie
In database.
Optionally, each application server deployment to be detected has packet capturing device, the packet capturing device to be used for described to be detected
Application server carries out the Cookie packet capturings of network layer.
Optionally, the Cookie packet capturings include:
Inquiry simultaneously confirms whether application server to be detected opens Cookie inspections;
The value of the Cookie fields in primary contact is captured in the TCP data stream for being associated with application server to be detected.
Optionally, distributed to execute the step S160.
Optionally, the predefined rule collection includes at least:
Of length no more than predetermined limit;
Without Chinese character;And
Without dynamic key assignments.
Optionally, further include after the step S180:
Cookie data in the Cookie data library is stored by its detected application server;
The Cookie data of same detected application server is sent to the associated exploitation terminal of the application server.
Optionally, the corresponding predefined rule collection of application server to be detected is distributed by processor-server, processor clothes
Business device forms the predefined rule collection of the classification of corresponding application server according to the classification of application server.
According to another aspect of the invention, a kind of network layer Cookie monitor and detection devices are also provided, including:
Module is inquired, for sending the inquiry message for the addresses ip for including application server to be detected to first queue;
Determining module, the ip for obtaining the application server to be detected in the inquiry message from the first queue
Location, and determine whether to carry out Cookie packet capturings to the application server to be detected of the addresses ip;
Indicating module, for that will indicate whether that the application server to be detected to the addresses ip carries out Cookie packet capturings really
Determine message and is sent to second queue:
Packet capturing module determines message for being obtained from the second queue, and carries out the to be checked of Cookie packet capturings to instruction
It surveys application server and carries out Cookie packet capturings;
First sending module, for will be sent out by the Cookie data that Cookie packet capturings are captured from application server to be detected
It send to third queue;
Judgment module, the Cookie data for obtaining application server crawl to be detected from the third queue, and sentence
Whether captured Cookie data of breaking meets predefined rule collection;
Second sending module:For the Cookie data for not meeting predefined rule collection to be sent to the 4th queue;And
Storage module does not meet the Cookie data of predefined rule collection for being obtained from the 4th queue, when not being inconsistent
The Cookie data for closing predefined rule collection is accumulated to predetermined quantity, then deposits the Cookie data for not meeting predefined rule collection
Enter in Cookie data library.
According to another aspect of the invention, a kind of electronic equipment is also provided, the electronic equipment includes:Processor;Storage
Medium, is stored thereon with computer program, and the computer program executes step as described above when being run by the processor.
According to another aspect of the invention, a kind of storage medium is also provided, computer journey is stored on the storage medium
Sequence, the computer program execute step as described above when being run by processor.
Compared with prior art, advantage of the invention is that:It is arranged by four queues, realizes the extensive application clothes of automation
The all stage of the Cookie monitor and detections of business device, Cookie monitor and detections participates in without artificial.In the present invention, Cookie monitoring
Detection method and device can automatically capture all contact Cookie of associated application server;The monitor and detection sides Cookie
Method and device can automatically detect the compliance of Cookie according to predefined rule collection;Cookie monitor and detection method and devices
Problem Cookie can be sent from the corresponding exploitation terminal of trend.
Description of the drawings
Its example embodiment is described in detail by referring to accompanying drawing, above and other feature of the invention and advantage will become
It is more obvious.
Fig. 1 shows the flow chart of network layer Cookie monitor and detection methods according to the ... of the embodiment of the present invention.
Fig. 2 shows the flow charts according to the network layer Cookie monitor and detection methods of the specific embodiment of the invention.
Fig. 3 shows the schematic diagram of network layer Cookie monitor and detection devices according to the ... of the embodiment of the present invention.
Fig. 4 schematically shows a kind of computer readable storage medium schematic diagram in disclosure exemplary embodiment.
Fig. 5 schematically shows a kind of electronic equipment schematic diagram in disclosure exemplary embodiment.
Specific implementation mode
Example embodiment is described more fully with reference to the drawings.However, example embodiment can be with a variety of shapes
Formula is implemented, and is not understood as limited to example set forth herein;On the contrary, thesing embodiments are provided so that the disclosure will more
Fully and completely, and by the design of example embodiment comprehensively it is communicated to those skilled in the art.Described feature, knot
Structure or characteristic can be in any suitable manner incorporated in one or more embodiments.
In addition, attached drawing is only the schematic illustrations of the disclosure, it is not necessarily drawn to scale.Identical attached drawing mark in figure
Note indicates same or similar part, thus will omit repetition thereof.Some block diagrams shown in attached drawing are work(
Energy entity, not necessarily must be corresponding with physically or logically independent entity.Software form may be used to realize these work(
Energy entity, or these functional entitys are realized in one or more hardware modules or integrated circuit, or at heterogeneous networks and/or place
These functional entitys are realized in reason device device and/or microcontroller device.
In order to solve the defects of prior art, a kind of network layer Cookie monitor and detections method, apparatus of present invention offer, electricity
Sub- equipment, storage medium can improve the efficiency of Cookie monitor and detections by way of detecting automatically.
The flow of network layer Cookie monitor and detection methods according to the ... of the embodiment of the present invention is shown referring first to Fig. 1, Fig. 1
Figure.Fig. 1 shows 8 steps altogether:
S110:The inquiry message of the addresses ip comprising application server to be detected is sent to first queue.
S120:The addresses ip of the application server to be detected in the inquiry message are obtained from the first queue, and really
It is fixed whether Cookie packet capturings to be carried out to the application server to be detected of the addresses ip.
S130:It will indicate whether that the application server to be detected to the addresses ip carries out the determination message hair of Cookie packet capturings
It send to second queue.
S140:It is obtained from the second queue and determines message, and the application to be detected for carrying out Cookie packet capturings to instruction takes
Business device carries out Cookie packet capturings.
Specifically, each application server to be detected can be deployed with packet capturing device.The packet capturing device is used for institute
State the Cookie packet capturings that application server to be detected carries out network layer.
The step of Cookie packet capturings may include:Inquiry simultaneously confirms whether application server to be detected opens Cookie
It checks;The value of the Cookie fields in primary contact is captured in the TCP data stream for being associated with application server to be detected.
S150:The Cookie data captured from application server to be detected by Cookie packet capturings is sent to third team
Row.
S160:The Cookie data of application server crawl to be detected is obtained from the third queue, and judges to be captured
Cookie data whether meet predefined rule collection.
Specifically, the predefined rule collection includes at least:Of length no more than predetermined limit;Without Chinese character;
And do not have dynamic key assignments.Depending on predefined rule collection also can be according to different exploitation parts, application server pair to be detected
The predefined rule collection answered is distributed by processor-server, and processor-server is formed according to the classification of application server and answered
Can have not with the predefined rule collection of the predefined rule collection of the classification of server, the classification of corresponding different application server
Same predefined rule, the present invention are not so limited.
S170:The Cookie data for not meeting predefined rule collection is sent to the 4th queue.
Specifically, as long as Cookie data does not meet any one of predefined rule collection rule, that is, think Cookie numbers
According to not meeting predefined rule collection.
S180:The Cookie data for not meeting predefined rule collection is obtained from the 4th queue, it is predefined when not meeting
The Cookie data of rule set is accumulated to predetermined quantity, then the Cookie data for not meeting predefined rule collection is stored in Cookie
In database.
Specifically, further including following steps after the step S180:By the Cookie in the Cookie data library
Data are stored by its detected application server;The Cookie data of same detected application server is sent to application clothes
The business associated exploitation terminal of device.As a result, the Cookie data in Cookie data library is sent to corresponding developer's
Cookie data in Cookie data library (is such as formed report and is sent to developer by way of mail, notice by terminal
The terminals such as computer, mobile phone.
In a specific embodiment with reference to Fig. 2 description present invention, Fig. 2 shows according to the specific embodiment of the invention
Network layer Cookie monitor and detection methods flow chart.
In Fig. 2, the present invention realizes network layer Cookie monitor and detection methods provided with 3 devices and 4 queues.
Three devices include data packet capturing device 380, data processor 370 and platform end 390.Data packet capturing device 380 passes through
The mode of the network packet capturing at application server end fishes for the Cookie data of contact in real time.Data processor 370 is according to predefined
Whether rule set compares the Cookie that packet capturing device is fished for against regulation.The unified regulation and control data in platform end 390 fish for the unlatching at end/
Out code carries out result to problem Cookie and summarizes, export report.
It is by the form of 310 to the 4th queue 340 of first queue between three devices provided, asynchronous process disappears
Breath.Whether the inquiry message of packet capturing, 320 user of second queue store confirms to be turned on and off and grab for 310 user of first queue storage
Determination message, 330 use of third queue of packet store Cookie data to be compared, the 4th queue 340 is not met for storing
The Cookie data of predefined rule collection.
For data packet capturing device 380, test environment can include many Web site applications, these application respectively by
Publication is deployed on multiple application servers.The network layer of each application server has the transaction data of Cookie.This hair
Bright technical solution is and by way of network layer packet capturing, to fish for network layer for every application server deployment packet capturing device
Cookie data.
In some embodiments, if the unified publication deployed environment of company is Docker containers, peace can directly be provided
Script is filled, all application servers can be installed with automatic deployment.If the unified publication deployed environment of company is traditional linux
Machine, windows machines can then support one-touch deployment or manual installation and deployment.
Data packet capturing device 380 executes following steps:
Step 201 and step S202 send application service to be detected when data packet capturing device 380 starts to first queue 310
The IP address of device, to inquire whether the IP address of the application server to be detected opens packet capturing.
Step 207 and step 208 consume from second queue 320 and determine that message is with the determining application server to be detected
No unlatching packet capturing.
If packet capturing is opened, thens follow the steps S209 and execute packet capturing logic, packet capturing logic using the packet catcher class increased income
In IP be the application server to be detected IP address, the port numbers of packet capturing logic are according to the application port of different company's specification
Definition, is under normal circumstances 80 or 8080:tcp and dst IP and((dst port 80)or(dst port 8080))
and ip[2:2]>100.If packet capturing is closed, then packet capturing thread can be closed.
Followed by step S210, data packet capturing device 380 fish for the Cookie data in network layer, fish for mode:TCP data
Format in stream is fixed, and the value of the Cookie fields in primary contact is taken.Also can by Cookie original texts, IP information,
The information such as URL, timestamp are sent to third queue 330 together.
For data processor 370, since data packet capturing device 380 is deployed in more application servers of test environment
On, and Cookie data amount is huge, so accordingly, according to the actual conditions of process performance, more number of units can be disposed according to place
Manage device 370.
Data processor 370 can execute following steps:
Step S211:Cookie data is fished for from third queue 330.
Step S212:Cookie data resolves to the form of single Cookie key-value pairs list, cycle criterion each
Whether Cookie key-value pairs meet predefined rule collection.The rule that predefined rule is concentrated include length limitation, Chinese forbid and
Dynamic Key forbids.Some other rule can be according to actual needs to determine whether need that predefined rule collection is added.It will not
The Cookie data for meeting predefined rule collection is sent to the 4th queue 340.
Step S213:After the 4th queue 340 accumulates a certain number of Cookie datas, Cookie data is stored to number
According in library.
For platform end 390, following steps can be executed:
The message of first queue 310, and service to be detected in query messages are consumed in step S204 real-time receptions in platform end
Corresponding unlatching/the closed state of device directly will confirm that message is sent to second queue 320 or by platform end 390 in step
The switch of the unlatching that S205 is provided/closing Cookie scannings, will determine that message is sent to second queue 320 by step S206.
In addition to the foregoing steps, platform end 390 also executes the following steps:
Step S214:Platform end 390 can maintain application message, responsible person's information, affiliated team information, using portion of institute
The machine information of administration.
Step S215 and step S216:Platform end 390 provides the Cookie that inquiry does not meet predefined rule collection to the user
The function of data, and support to export.
Step S214, sequencing can not be limited between step S215, step S215 and remaining step.
In the embodiment of fig. 2, correlation logic is simple between three devices of the invention, can according to technical solution
To conveniently realize such a set of Cookie monitoring and inspection system automatically.The system is not necessarily to manpower intervention, saves manual work(
Energy test session, saves human cost, promotes the code quality of developer.
Above is only the specific embodiment of the present invention, and the present invention is not so limited.
According to another aspect of the invention, a kind of network layer Cookie monitor and detection devices are also provided, as shown in Figure 3.Net
Network layers Cookie monitor and detections device 400 include inquiry module 410, determining module 420, indicating module 430, packet capturing module 440,
First sending module 450, judgment module 460, the second sending module 470 and storage module 480.
Inquiry module 410 is used to send the inquiry message for the addresses ip for including application server to be detected to first queue.
Determining module 420 is used to obtain the ip of the application server to be detected in the inquiry message from the first queue
Address, and determine whether to carry out Cookie packet capturings to the application server to be detected of the addresses ip.
Indicating module 430 is used to indicate whether to carry out Cookie packet capturings to the application server to be detected of the addresses ip
Determine that message is sent to second queue.
Packet capturing module 440, which is used to obtain from the second queue, determines message, and carries out Cookie packet capturings to instruction and wait for
It detects application server and carries out Cookie packet capturings.
The Cookie data that first sending module 450 is used to capture from application server to be detected by Cookie packet capturings
It is sent to third queue.
Judgment module 460 is used to obtain the Cookie data of application server crawl to be detected from the third queue, and
Judge whether captured Cookie data meets predefined rule collection.
Second sending module 470 is used to the Cookie data for not meeting predefined rule collection being sent to the 4th queue.
Storage module 480 is used to obtain the Cookie data for not meeting predefined rule collection from the 4th queue, when not
The Cookie data for meeting predefined rule collection is accumulated to predetermined quantity, then will not meet the Cookie data of predefined rule collection
It is stored in Cookie data library.
Fig. 3 is only the module map for showing schematically network layer Cookie monitor and detection devices provided by the invention,
Under the premise of present inventive concept, the fractionation of module, increases all within protection scope of the present invention merging.
In an exemplary embodiment of the disclosure, a kind of computer readable storage medium is additionally provided, meter is stored thereon with
The circulation of electronic prescription described in any one above-mentioned embodiment may be implemented in calculation machine program, the program when being executed by such as processor
The step of processing method.In some possible embodiments, various aspects of the invention are also implemented as a kind of program production
The form of product comprising program code, when described program product is run on the terminal device, said program code is for making institute
State terminal device execute described in this specification above-mentioned electronic prescription circulation processing method part according to the various examples of the present invention
The step of property embodiment.
Refering to what is shown in Fig. 4, describing the program product for realizing the above method according to the embodiment of the present invention
800, portable compact disc read only memory (CD-ROM) may be used and include program code, and can in terminal device,
Such as it is run on PC.However, the program product of the present invention is without being limited thereto, in this document, readable storage medium storing program for executing can be with
To be any include or the tangible medium of storage program, the program can be commanded execution system, device either device use or
It is in connection.
The arbitrary combination of one or more readable mediums may be used in described program product.Readable medium can be readable letter
Number medium or readable storage medium storing program for executing.Readable storage medium storing program for executing for example can be but be not limited to electricity, magnetic, optical, electromagnetic, infrared ray or
System, device or the device of semiconductor, or the arbitrary above combination.The more specific example of readable storage medium storing program for executing is (non exhaustive
List) include:It is electrical connection, portable disc, hard disk, random access memory (RAM) with one or more conducting wires, read-only
Memory (ROM), erasable programmable read only memory (EPROM or flash memory), optical fiber, portable compact disc read only memory
(CD-ROM), light storage device, magnetic memory device or above-mentioned any appropriate combination.
The computer readable storage medium may include the data letter propagated in a base band or as a carrier wave part
Number, wherein carrying readable program code.Diversified forms, including but not limited to electromagnetism may be used in the data-signal of this propagation
Signal, optical signal or above-mentioned any appropriate combination.Readable storage medium storing program for executing can also be any other than readable storage medium storing program for executing
Readable medium, which can send, propagate either transmission for being used by instruction execution system, device or device or
Person's program in connection.The program code for including on readable storage medium storing program for executing can transmit with any suitable medium, packet
Include but be not limited to wireless, wired, optical cable, RF etc. or above-mentioned any appropriate combination.
It can be write with any combination of one or more programming languages for executing the program that operates of the present invention
Code, described program design language include object oriented program language-Java, C++ etc., further include conventional
Procedural programming language-such as " C " language or similar programming language.Program code can be fully in tenant
It is executed on computing device, partly executes in tenant's equipment, executed as an independent software package, partly calculated in tenant
Upper side point is executed or is executed in remote computing device or server completely on a remote computing.It is being related to far
In the situation of journey computing device, remote computing device can pass through the network of any kind, including LAN (LAN) or wide area network
(WAN), it is connected to tenant's computing device, or, it may be connected to external computing device (such as utilize ISP
To be connected by internet).
In an exemplary embodiment of the disclosure, a kind of electronic equipment is also provided, which may include processor,
And the memory of the executable instruction for storing the processor.Wherein, the processor is configured to via described in execution
Executable instruction is come the step of executing the circulation processing method of electronic prescription described in any one above-mentioned embodiment.
Person of ordinary skill in the field it is understood that various aspects of the invention can be implemented as system, method or
Program product.Therefore, various aspects of the invention can be embodied in the following forms, i.e.,:It is complete hardware embodiment, complete
The embodiment combined in terms of full Software Implementation (including firmware, microcode etc.) or hardware and software, can unite here
Referred to as circuit, " module " or " system ".
The electronic equipment 600 of this embodiment according to the present invention is described referring to Fig. 5.The electronics that Fig. 5 is shown
Equipment 600 is only an example, should not bring any restrictions to the function and use scope of the embodiment of the present invention.
As shown in figure 5, electronic equipment 600 is showed in the form of universal computing device.The component of electronic equipment 600 can wrap
It includes but is not limited to:At least one processing unit 610, at least one storage unit 620, (including the storage of connection different system component
Unit 620 and processing unit 610) bus 630, display unit 640 etc..
Wherein, the storage unit has program stored therein code, and said program code can be held by the processing unit 610
Row so that the processing unit 610 execute described in this specification above-mentioned electronic prescription circulation processing method part according to this
The step of inventing various illustrative embodiments.For example, the processing unit 610 can execute step as illustrated in fig. 1 or fig. 2
Suddenly.
The storage unit 620 may include the readable medium of volatile memory cell form, such as random access memory
Unit (RAM) 6201 and/or cache memory unit 6202 can further include read-only memory unit (ROM) 6203.
The storage unit 620 can also include program/practicality work with one group of (at least one) program module 6205
Tool 6204, such program module 6205 include but not limited to:Operating system, one or more application program, other programs
Module and program data may include the realization of network environment in each or certain combination in these examples.
Bus 630 can be to indicate one or more in a few class bus structures, including storage unit bus or storage
Cell controller, peripheral bus, graphics acceleration port, processing unit use the arbitrary bus structures in a variety of bus structures
Local bus.
Electronic equipment 600 can also be with one or more external equipments 700 (such as keyboard, sensing equipment, bluetooth equipment
Deng) communication, can also enable the equipment that tenant interact with the electronic equipment 600 to communicate with one or more, and/or with make
Any equipment that the electronic equipment 600 can be communicated with one or more of the other computing device (such as router, modulation /demodulation
Device etc.) communication.This communication can be carried out by input/output (I/O) interface 650.Also, electronic equipment 600 can be with
By network adapter 660 and one or more network (such as LAN (LAN), wide area network (WAN) and/or public network,
Such as internet) communication.Network adapter 660 can be communicated by bus 630 with other modules of electronic equipment 600.It should
Understand, although not shown in the drawings, other hardware and/or software module can be used in conjunction with electronic equipment 600, including but it is unlimited
In:Microcode, device driver, redundant processing unit, external disk drive array, RAID system, tape drive and number
According to backup storage system etc..
Through the above description of the embodiments, those skilled in the art is it can be readily appreciated that example described herein is implemented
Mode can also be realized by software realization in such a way that software is in conjunction with necessary hardware.Therefore, according to the disclosure
The technical solution of embodiment can be expressed in the form of software products, the software product can be stored in one it is non-volatile
Property storage medium (can be CD-ROM, USB flash disk, mobile hard disk etc.) in or network on, including some instructions are so that a calculating
Equipment (can be personal computer, server or network equipment etc.) executes the above-mentioned electronics according to disclosure embodiment
Prescription circulation processing method.
Compared with prior art, advantage of the invention is that:It is arranged by four queues, realizes the extensive application clothes of automation
The all stage of the Cookie monitor and detections of business device, Cookie monitor and detections participates in without artificial.In the present invention, Cookie monitoring
Detection method and device can automatically capture all contact Cookie of associated application server;The monitor and detection sides Cookie
Method and device can automatically detect the compliance of Cookie according to predefined rule collection;Cookie monitor and detection method and devices
Problem Cookie can be sent from the corresponding exploitation terminal of trend.
Those skilled in the art after considering the specification and implementing the invention disclosed here, will readily occur to its of the disclosure
Its embodiment.This application is intended to cover any variations, uses, or adaptations of the disclosure, these modifications, purposes or
Person's adaptive change follows the general principles of this disclosure and includes the undocumented common knowledge in the art of the disclosure
Or conventional techniques.The description and examples are only to be considered as illustrative, and the true scope and spirit of the disclosure are by appended
Claim is pointed out.
Claims (10)
1. a kind of network layer Cookie monitor and detection methods, which is characterized in that including:
S110:The inquiry message of the addresses ip comprising application server to be detected is sent to first queue;
S120:The addresses ip of the application server to be detected in the inquiry message are obtained from the first queue, and determination is
The no application server to be detected to the addresses ip carries out Cookie packet capturings;
S130:It will indicate whether that the determination message that Cookie packet capturings are carried out to the application servers to be detected of the addresses ip is sent to
Second queue:
S140:It is obtained from the second queue and determines message, and carry out the application server to be detected of Cookie packet capturings to instruction
Carry out Cookie packet capturings;
S150:The Cookie data captured from application server to be detected by Cookie packet capturings is sent to third queue;
S160:The Cookie data of application server to be detected crawl is obtained from the third queue, and judge to be captured
Whether Cookie data meets predefined rule collection;
S170:The Cookie data for not meeting predefined rule collection is sent to the 4th queue;And
S180:It is obtained from the 4th queue and does not meet the Cookie data of predefined rule collection, when not meeting predefined rule
The Cookie data of collection is accumulated to predetermined quantity, then the Cookie data for not meeting predefined rule collection is stored in Cookie data
In library.
2. network layer Cookie monitor and detection methods as described in claim 1, which is characterized in that each application clothes to be detected
Business device is deployed with packet capturing device, and the packet capturing device is used to carry out the application server to be detected the Cookie packet capturings of network layer.
3. network layer Cookie monitor and detection methods as claimed in claim 2, which is characterized in that the Cookie packet capturings packet
It includes:
Inquiry simultaneously confirms whether application server to be detected opens Cookie inspections;
The value of the Cookie fields in primary contact is captured in the TCP data stream for being associated with application server to be detected.
4. network layer Cookie monitor and detection methods as described in claim 1, which is characterized in that distribution executes the step
S160。
5. network layer Cookie monitor and detection methods as described in claim 1, which is characterized in that the predefined rule collection is extremely
Include less:
Of length no more than predetermined limit;
Without Chinese character;And
Without dynamic key assignments.
6. network layer Cookie monitor and detection methods as described in claim 1, which is characterized in that after the step S180 also
Including:
Cookie data in the Cookie data library is stored by its detected application server;
The Cookie data of same detected application server is sent to the associated exploitation terminal of the application server.
7. network layer Cookie monitor and detection methods as described in claim 1, which is characterized in that application server pair to be detected
The predefined rule collection answered is distributed by processor-server, and processor-server is formed according to the classification of application server and answered
With the predefined rule collection of the classification of server.
8. a kind of network layer Cookie monitor and detection devices, which is characterized in that including:
Module is inquired, for sending the inquiry message for the addresses ip for including application server to be detected to first queue;
Determining module, the addresses ip for obtaining the application server to be detected in the inquiry message from the first queue,
And determine whether to carry out Cookie packet capturings to the application server to be detected of the addresses ip;
Indicating module, for will indicate whether that the determination for carrying out Cookie packet capturings to the application servers to be detected of the addresses ip disappears
Breath is sent to second queue:
Packet capturing module determines message for being obtained from the second queue, and carries out the to be detected of Cookie packet capturings to instruction and answer
Cookie packet capturings are carried out with server;
First sending module, for the Cookie data captured from application server to be detected by Cookie packet capturings to be sent to
Third queue;
Judgment module, the Cookie data for obtaining application server crawl to be detected from the third queue, and judge institute
Whether the Cookie data of crawl meets predefined rule collection;
Second sending module, for the Cookie data for not meeting predefined rule collection to be sent to the 4th queue;And
Storage module, it is pre- when not meeting for obtaining the Cookie data for not meeting predefined rule collection from the 4th queue
The Cookie data of definition rule set is accumulated to predetermined quantity, then is stored in the Cookie data for not meeting predefined rule collection
In Cookie data library.
9. a kind of electronic equipment, which is characterized in that the electronic equipment includes:
Processor;
Storage medium is stored thereon with computer program, and such as right is executed when the computer program is run by the processor
It is required that 1 to 7 any one of them step.
10. a kind of storage medium, which is characterized in that be stored with computer program, the computer program on the storage medium
Step as described in any one of claim 1 to 7 is executed when being run by processor.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810470986.7A CN108667689A (en) | 2018-05-16 | 2018-05-16 | Network layer Cookie monitor and detections method, apparatus, electronic equipment, storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810470986.7A CN108667689A (en) | 2018-05-16 | 2018-05-16 | Network layer Cookie monitor and detections method, apparatus, electronic equipment, storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108667689A true CN108667689A (en) | 2018-10-16 |
Family
ID=63779926
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810470986.7A Pending CN108667689A (en) | 2018-05-16 | 2018-05-16 | Network layer Cookie monitor and detections method, apparatus, electronic equipment, storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108667689A (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140359065A1 (en) * | 2011-12-27 | 2014-12-04 | Zte Corporation | Terminal device and user information synchronization method |
| CN106027528A (en) * | 2016-05-24 | 2016-10-12 | 微梦创科网络科技(中国)有限公司 | WEB horizontal authority automatic identification method and device |
| CN107480063A (en) * | 2017-08-10 | 2017-12-15 | 上海携程国际旅行社有限公司 | Method and system, electronic equipment, the storage medium of dynamic scan SQL sentences |
-
2018
- 2018-05-16 CN CN201810470986.7A patent/CN108667689A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140359065A1 (en) * | 2011-12-27 | 2014-12-04 | Zte Corporation | Terminal device and user information synchronization method |
| CN106027528A (en) * | 2016-05-24 | 2016-10-12 | 微梦创科网络科技(中国)有限公司 | WEB horizontal authority automatic identification method and device |
| CN107480063A (en) * | 2017-08-10 | 2017-12-15 | 上海携程国际旅行社有限公司 | Method and system, electronic equipment, the storage medium of dynamic scan SQL sentences |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11323471B2 (en) | Advanced cybersecurity threat mitigation using cyberphysical graphs with state changes | |
| US11075932B2 (en) | Appliance extension for remote communication with a cyber security appliance | |
| US11750659B2 (en) | Cybersecurity profiling and rating using active and passive external reconnaissance | |
| US20220263845A1 (en) | System and method for comprehensive data loss prevention and compliance management | |
| US10432660B2 (en) | Advanced cybersecurity threat mitigation for inter-bank financial transactions | |
| US11303659B2 (en) | Detecting inappropriate activity in the presence of unauthenticated API requests using artificial intelligence | |
| US20220232040A1 (en) | Advanced cybersecurity threat mitigation using software supply chain analysis | |
| CN108667855A (en) | Network traffic anomaly monitor method, apparatus, electronic equipment and storage medium | |
| US11765192B2 (en) | System and method for providing cyber security | |
| CN109862003A (en) | Local generation method, device, system and the storage medium for threatening information bank | |
| US20220014561A1 (en) | System and methods for automated internet-scale web application vulnerability scanning and enhanced security profiling | |
| KR100966073B1 (en) | Apparatus and method for managing terminal users | |
| CN107370806A (en) | HTTP conditional codes monitoring method, device, storage medium and electronic equipment | |
| CN104836696B (en) | A kind of detection method and device of IP address | |
| Solaiman et al. | Monitoring internet of things application ecosystems for failure | |
| CN109660426A (en) | Monitoring method and system, computer-readable medium and electronic equipment | |
| CN109951562A (en) | NAT penetrating method and system, electronic equipment and storage medium | |
| WO2019018829A1 (en) | Advanced cybersecurity threat mitigation using behavioral and deep analytics | |
| Subramani et al. | PhishInPatterns: measuring elicited user interactions at scale on phishing websites | |
| Liu et al. | MMWD: An efficient mobile malicious webpage detection framework based on deep learning and edge cloud | |
| CN108667689A (en) | Network layer Cookie monitor and detections method, apparatus, electronic equipment, storage medium | |
| CN108092795A (en) | A kind of reminding method, terminal device and computer-readable medium | |
| CN115398861A (en) | Abnormal file detection method and related product | |
| EP3679506A2 (en) | Advanced cybersecurity threat mitigation for inter-bank financial transactions | |
| CN109194756A (en) | Application features information extracting method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181016 |
|
| RJ01 | Rejection of invention patent application after publication |