CN111078481B - Method, device, electronic equipment and storage medium for acquiring configuration checklist - Google Patents
Method, device, electronic equipment and storage medium for acquiring configuration checklist Download PDFInfo
- Publication number
- CN111078481B CN111078481B CN201911316904.4A CN201911316904A CN111078481B CN 111078481 B CN111078481 B CN 111078481B CN 201911316904 A CN201911316904 A CN 201911316904A CN 111078481 B CN111078481 B CN 111078481B
- Authority
- CN
- China
- Prior art keywords
- cpe
- information
- name
- file
- operating system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 63
- 238000007689 inspection Methods 0.000 claims description 39
- 238000013515 script Methods 0.000 claims description 19
- 238000013519 translation Methods 0.000 claims description 6
- 230000009471 action Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000012423 maintenance Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 238000001514 detection method Methods 0.000 description 2
- 238000010295 mobile communication Methods 0.000 description 2
- VYZAMTAEIAYCRO-UHFFFAOYSA-N Chromium Chemical compound [Cr] VYZAMTAEIAYCRO-UHFFFAOYSA-N 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000009472 formulation Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/22—Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing
- G06F11/2247—Verification or detection of system hardware configuration
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/22—Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing
- G06F11/2273—Test methods
Landscapes
- Engineering & Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Quality & Reliability (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The embodiment of the invention provides a method, a device, electronic equipment and a storage medium for acquiring a configuration checklist, which are used for solving the problems that the existing configuration method consumes time, has extremely high labor cost, is low in safety of manually customizing the configuration checklist, and is not necessarily standard. The method comprises the following steps: acquiring operating system information and software information of a host; establishing a CPE database, and performing fuzzy matching on the acquired operating system information and software information of the host in the CPE database; taking the name and version number in CPE data obtained by fuzzy matching as a retrieval condition; and searching by using the NCP to obtain a checklist, and sending the checklist to a configuration inspector.
Description
Technical Field
The present invention relates to the field of network security technologies, and in particular, to a method, an apparatus, an electronic device, and a storage medium for obtaining a configuration checklist.
Background
At present, the mode of carrying out configuration inspection on a host in the market can only be used for manually making a configuration inspection list one by one according to the operating system of a computer and installed software by a configuration manager. When the number of computer pre-installed software is large or the number of checking configuration computers is large, the following problems exist: time cost and manpower cost are high: because of the large number, configuration administrators can only perfect configuration lists one by one according to computers and software on the computers, hundreds of detection contents are often available for a single host, and detection methods of different versions of different systems are different, so that a great deal of manpower and time are spent. The safety of manual formulation is low: when the configuration checklist is manufactured, part of software may be omitted or an incorrect checking item may be made by manual making, so that the incorrect configuration checklist is used for checking, the checked result is not necessarily correct, and the checked asset cannot be ensured to be safe. The manually formulated manifest is not necessarily canonical: there are many uncertainty factors in manually formulating the checklist, and the produced checklist is determined by the level of the formulator and cannot guarantee the standardization of the configuration checklist. Therefore, there is a need for a method for automatically obtaining a configuration checklist to solve the above-mentioned problems.
Disclosure of Invention
The embodiment of the invention provides a method, a device, electronic equipment and a storage medium for acquiring a configuration checklist, which are used for solving the problems that the existing configuration method consumes time, has extremely high labor cost, and is low in safety and not necessarily standard in manual customization of the configuration checklist.
Based on the above-mentioned problems, a method for obtaining a configuration checklist according to an embodiment of the present invention includes:
acquiring operating system information and software information of a host; establishing a CPE database, and performing fuzzy matching on the acquired operating system information and software information of the host in the CPE database; taking the name and version number in CPE data obtained by fuzzy matching as a retrieval condition; and searching by using the NCP to obtain a checklist, and sending the checklist to a configuration inspector.
Further, the method comprises the steps of obtaining the operating system information and the software information of the host, wherein the operating system information and the software information are specifically: acquiring the name and version number of a host operating system; if the operating system is a Windows series system, acquiring software information and manufacturer information of the operating system installed by the host through scanning a host registry; if the operating system is a Linux series system, acquiring software information installed by the host and manufacturer information of the operating system through a command.
Further, a CPE database is established, specifically: downloading the latest version of CPE file at fixed time; if the file is downloaded for the first time, reading and analyzing an xml file of the CPE file, and inputting the file name and the content item of the xml file into a database; if the current download is not the first download, downloading the latest version of CPE file, comparing the latest version of CPE file with the xml file name of the last downloaded CPE file, if the latest version of CPE file is inconsistent with the xml file name of the last downloaded CPE file, reading and analyzing the xml file of the current download, removing the duplication of the content item according to the cpe_uri field, reserving the newly added xml file content item, and inputting the newly added xml file content item into a database; if the downloaded files are consistent, the downloaded files are not input into the database; wherein the xml file content item includes: vendor, name, version number, type, system version, software version, update information, software platform, hardware platform, language, others, cpe_uri.
Further, before performing fuzzy matching on the acquired host operating system information and software information in the CPE database, the method further includes: establishing a Chinese and English comparison library: acquiring a common Chinese name manufacturer, a Chinese name software name and an operating system version name, calling a translation API interface, and translating into English; judging whether the acquired host operating system information and software information have Chinese names, if so, replacing the Chinese names with the corresponding English names by using a Chinese-English comparison library.
Further, the NCP is utilized for searching, an inspection list is obtained, and the inspection list is sent to configuration inspection personnel, specifically: retrieving by using NCP, obtaining inspection list and detailed information in batches, and downloading script data according to the detailed information to obtain an inspection list data set; duplicate removal is carried out on the checking list data set, and the repetition times are recorded; checking whether the same name corresponds to different versions in the checking list by utilizing regular matching, if so, removing a checking list of a low version and marking; writing each field, the repetition number and the low version removal condition of the checking list into an excel table to obtain a checking list; and sending the checklist and the corresponding script data to configuration inspectors.
The device for acquiring the configuration checklist provided by the embodiment of the invention comprises the following components: an information acquisition module: the method comprises the steps of acquiring operating system information and software information of a host; and a fuzzy matching module: the method comprises the steps of establishing a CPE database, and performing fuzzy matching on acquired operation system information and software information of a host in the CPE database; the retrieval condition acquisition module: the method is used for taking the name and the version number in CPE data obtained by fuzzy matching as a retrieval condition; checklist acquisition module: the method is used for searching by using NCP, obtaining a checklist and sending the checklist to configuration inspectors.
Further, the information acquisition module is specifically configured to: acquiring the name and version number of a host operating system; if the operating system is a Windows series system, acquiring software information and manufacturer information of the operating system installed by the host through scanning a host registry; if the operating system is a Linux series system, acquiring software information installed by the host and manufacturer information of the operating system through a command.
Further, the fuzzy matching module further comprises a CPE database establishing module, specifically configured to: downloading the latest version of CPE file at fixed time; if the file is downloaded for the first time, reading and analyzing an xml file of the CPE file, and inputting the file name and the content item of the xml file into a database; if the current download is not the first download, downloading the latest version of CPE file, comparing the latest version of CPE file with the xml file name of the last downloaded CPE file, if the latest version of CPE file is inconsistent with the xml file name of the last downloaded CPE file, reading and analyzing the xml file of the current download, removing the content item according to the cpe_uri field, reserving the newly added xml file content item, and inputting the newly added xml file content item into a database; if the downloaded files are consistent, the downloaded files are not input into the database; wherein the xml file content item includes: vendor, name, version number, type, system version, software version, update information, software platform, hardware platform, language, others, cpe_uri.
Further, the system also comprises a Chinese and English comparison library establishment module: the method comprises the steps of acquiring a common Chinese name manufacturer, a Chinese name software name and an operating system version name, calling a translation API interface and translating into English; and (3) a replacement module: and the method is used for judging whether the acquired host operating system information and software information have Chinese names, and if so, the Chinese names are replaced by the corresponding English names by utilizing a Chinese-English comparison library.
Further, the checklist obtaining module is specifically configured to: retrieving by using NCP, obtaining inspection list and detailed information in batches, and downloading script data according to the detailed information to obtain an inspection list data set; duplicate removal is carried out on the checking list data set, and the repetition times are recorded; checking whether the same name corresponds to different versions in the checking list by utilizing regular matching, if so, removing a checking list of a low version and marking; writing each field, the repetition number and the low version removal condition of the checking list into an excel table to obtain a checking list; and sending the checklist and the corresponding script data to configuration inspectors.
The embodiment of the invention also discloses an electronic device for acquiring the configuration checklist, which comprises: the device comprises a shell, a processor, a memory, a circuit board and a power circuit, wherein the circuit board is arranged in a space surrounded by the shell, and the processor and the memory are arranged on the circuit board; a power supply circuit for supplying power to each circuit or device of the electronic apparatus; the memory is used for storing executable program codes; the processor executes a program corresponding to the executable program code by reading the executable program code stored in the memory, for performing the method of acquiring a configuration checklist as set forth in any one of the preceding claims.
An embodiment of the present invention provides a computer readable storage medium, where one or more programs are stored, where the one or more programs are executable by one or more processors to implement the method for obtaining a configuration checklist according to any one of the foregoing embodiments.
Compared with the prior art, the method, the device, the electronic equipment and the storage medium for acquiring the configuration checklist provided by the embodiment of the invention have the following beneficial effects: acquiring operating system information and software information of a host; establishing a CPE database, and performing fuzzy matching on the acquired operating system information and software information of the host in the CPE database; taking the name and version number in CPE data obtained by fuzzy matching as a retrieval condition; and searching by using the NCP to obtain a checklist, and sending the checklist to a configuration inspector. The embodiment of the invention can automatically generate the configuration checklist for the assets, reduces the requirement of manual operation, reduces the labor cost and avoids the loss caused by manual misoperation; the NCP is used for obtaining list data items of the list, so that the standardization of the list is ensured, a plurality of uncertain factors are reduced, and the safety of the assets after inspection is ensured; further reduces the operation and maintenance cost and improves the inspection efficiency.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flowchart of a method for obtaining a configuration checklist according to an embodiment of the present invention;
FIG. 2 is a flowchart of another method for obtaining a configuration checklist according to an embodiment of the present invention;
FIG. 3 is a block diagram of an apparatus for obtaining a configuration checklist according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to more clearly illustrate the embodiments of the present invention, the technical terms involved will be explained and illustrated:
CPE: CPE is a method (abbreviation of Common Platform Enumeration) to name software applications, operating systems and hardware in a standardized manner.
NCP: NCP is an abbreviation of National Checklist Program, a library of U.S. government published security listings (or benchmarks) defined by NIST SP800-70, providing detailed guidance for the security configuration of operating systems and applications.
xml: extensible markup language, a subset of standard generic markup language, abbreviated xml. Is a markup language for marking electronic documents to be structured. In an electronic computer, a mark refers to an information symbol that the computer can understand, and by such mark, various information such as articles and the like can be processed between the computers. It can be used to mark data, define data types, and is a source language that allows users to define their own mark-up language.
The following describes a specific implementation manner of a method, an apparatus, an electronic device, and a storage medium for obtaining a configuration checklist according to an embodiment of the present invention with reference to the accompanying drawings.
The method for acquiring the configuration checklist provided by the embodiment of the invention, as shown in fig. 1, specifically comprises the following steps:
s101, acquiring operating system information and software information of a host;
acquiring the name and version number of the host operating system through System. GetProperties (). GetProperty ("os. Name") and System. GetProperty (). GetProperty ("os. Version"); if the operating system is a Windows series system, acquiring software information and manufacturer information of the operating system installed by the host through scanning a host registry; if the operating system is a Linux series system, acquiring software information installed by the host and manufacturer information of the operating system through a command.
S102, establishing a CPE database, and performing fuzzy matching on the acquired operating system information and software information of the host in the CPE database;
the method for establishing the CPE database comprises the following steps: downloading the latest version of CPE file at fixed time; if the file is downloaded for the first time, reading and analyzing an xml file of the CPE file, and inputting the file name and the content item of the xml file into a database; if the current download is not the first download, downloading the latest version of CPE file, comparing the latest version of CPE file with the xml file name of the last downloaded CPE file, if the latest version of CPE file is inconsistent with the xml file name of the last downloaded CPE file, reading and analyzing the xml file of the current download, removing the content item according to the cpe_uri field, reserving the newly added xml file content item, and inputting the newly added xml file content item into a database; if the downloaded files are consistent, the downloaded files are not input into the database; wherein the xml file content item includes: vendor, name, version number, type, system version, software version, updated information, software platform, hardware platform, language, others, cpe_uri, wherein the name refers to software name or operating system name, the type refers to which type of software, hardware or operating system, the system version refers to release, enterprise, professional, etc., and the others can be content such as information remarks, the cpe_uri is unique identification of content items, and the cpe_uri is combined according to a certain format.
S103, taking the name and the version number in CPE data obtained by fuzzy matching as a retrieval condition;
s104, searching by using NCP, obtaining an inspection list, and sending the inspection list to configuration inspectors;
the method comprises the following steps: retrieving by using NCP, obtaining inspection list and detailed information in batches, and downloading script data according to the detailed information to obtain an inspection list data set; duplicate removal is carried out on the checking list data set, and the repetition times are recorded; checking whether the same name corresponds to different versions in the checking list by utilizing regular matching, if so, removing a checking list of a low version and marking; writing each field, the repetition number and the low version removal condition of the checking list into an excel table to obtain a checking list; transmitting the checklist and the corresponding script data to configuration inspectors; wherein the various fields of the checklist include: citation, corollary resources, inspection targets, inspection table abstracts, known questions, inspection table roles, target audience, target operating environment, test information, inspection list names, regulatory compliance, dependencies/requirements, comments/alerts/other contact methods, guarantors, licensing agreements, change history, product support, disclaimers, and the like.
The embodiment of the invention can automatically generate the configuration checklist for the assets, reduces the requirement of manual operation, reduces the labor cost and avoids the loss caused by manual misoperation; the NCP is used for obtaining list data items of the list, so that the standardization of the list is ensured, a plurality of uncertain factors are reduced, and the safety of the assets after inspection is ensured; further reduces the operation and maintenance cost and improves the inspection efficiency.
The method for obtaining the configuration checklist provided by the embodiment of the invention, as shown in fig. 2, specifically includes the following steps:
s201, acquiring operating system information and software information of a host;
s202, establishing a Chinese and English comparison library;
and (3) obtaining a common Chinese name manufacturer, a Chinese name software name and an operating system version name through a crawler, calling a translation API interface, and translating into English.
S203, judging whether the acquired host operating system information and software information have Chinese names, if so, executing a step S204, otherwise, executing a step S205;
s204, replacing the Chinese name with the corresponding English name by using a Chinese-English comparison library;
checking whether the acquired operating system manufacturer, operating system name, operating system version, software manufacturer, software name and software version have Chinese names, and if so, replacing the Chinese names with corresponding English names.
S205, establishing a CPE database, and performing fuzzy matching on the acquired operating system information and software information of the host in the CPE database;
s206, searching by using NCP with names and version numbers in CPE data obtained by fuzzy matching as search conditions;
s207, acquiring an inspection list and detailed information in batches, and downloading script data according to the detailed information to acquire an inspection list data set;
acquiring an inspection list through an NCP website in batches, sequentially accessing the inspection list link, and acquiring detailed information of the inspection list; meanwhile, according to script download links in the detailed information, data are downloaded locally, and as the number of downloaded scripts is possibly larger, a plurality of download tasks can be started for downloading at the same time, so that the download efficiency is improved.
S208, de-duplicating the checking list data set, and recording the repetition times;
and carrying out de-duplication operation on the acquired checking list data set through checking list names, and recording the repetition times of each list.
S209, checking whether the same name corresponds to different versions in the checking list by utilizing regular matching, if so, executing a step S210, otherwise, executing a step S211;
s210, removing the low-version checklist and marking;
s211, writing each field, the repetition number and the low version removal condition of the checking list into an excel table to obtain a checking list;
writing the acquired information into an excel table, sorting according to the repetition times, and checking with high priority if the repetition times are high; writing each field of the checking list into the first behavior table head of the excel table, linking the repetition times of the list and the low version of the list, and sequentially writing configuration checking list data into corresponding cells from the second row according to the just-ordered sequence; the low-version links are written into the low-version link columns of the corresponding list of the corresponding rows, so that configuration personnel can conveniently check the low-version links.
S212, sending the checklist and the corresponding script data to configuration inspectors;
creating folders according to different list lists by using all downloaded script data of the checklist, and naming the corresponding folders as list names; compressing the excel information table and the packed script data, and sending the compressed package to configuration inspectors.
S213, the configuration checking personnel performs configuration checking on the host computer through the list information and the file of the compressed package.
For example, the operating system preloaded on a host is Windows 10, and the preloaded software includes a series of software such as Google Chrome46, microsoft Office 2016,Microsoft PowerPoint 2016, and Microsoft Excel 2016. After processing according to the method provided in this embodiment, a series of Excel list information and script files of configuration checklists such as Microsoft PowerPoint 2016STIG (Version 1, release 1), CIS Microsoft PowerPoint 2016Benchmark (1.0.1), windows 10STIG (Version 1, release 19), CIS Microsoft Windows 10Enterprise Release 1809Benchmark (1.6.0), microsoft Excel 2016STIG (Version 1, release 2), CIS Microsoft Excel 2016Benchmark (1.0.1), CIS Google Chrome Benchmark (2.0.0) and the like can be obtained. The detailed configuration checking guidance is arranged in the excel list information, and configuration checking staff can perform configuration checking more quickly according to the list information and the provided script file.
The embodiment of the invention converts the acquired information into CPE data for searching, can ensure that the searching condition is more accurate, can reduce the inquiry times and improve the searching efficiency; the method has the advantages that the automatic generation of the configuration checklist for the assets is realized, the requirement of manual operation is reduced, the labor cost is reduced, and the errors caused by complicated manual operation are reduced; simultaneously, NCP is used for obtaining list data items, thus adhering to NIST SP800-70 specification, reducing a plurality of uncertain factors and ensuring the safety of the assets after inspection; further reduces the operation and maintenance cost and improves the inspection efficiency.
The embodiment of the invention also provides a device for acquiring the configuration checklist, as shown in fig. 3, which comprises:
the information acquisition module 301: the method comprises the steps of acquiring operating system information and software information of a host;
fuzzy matching module 302: the method comprises the steps of establishing a CPE database, and performing fuzzy matching on acquired operation system information and software information of a host in the CPE database;
the retrieval condition acquisition module 303: the method is used for taking the name and the version number in CPE data obtained by fuzzy matching as a retrieval condition;
checklist acquisition module 304: the method is used for searching by using NCP, obtaining a checklist and sending the checklist to configuration inspectors.
Further, the information acquisition module 301 is specifically configured to: acquiring the name and version number of a host operating system; if the operating system is a Windows series system, acquiring software information and manufacturer information of the operating system installed by the host through scanning a host registry; if the operating system is a Linux series system, acquiring software information installed by the host and manufacturer information of the operating system through a command.
Further, the fuzzy matching module 302 further includes a CPE database creation module 3021, specifically configured to: downloading the latest version of CPE file at fixed time; if the file is downloaded for the first time, reading and analyzing an xml file of the CPE file, and inputting the file name and the content item of the xml file into a database; if the current download is not the first download, downloading the latest version of CPE file, comparing the latest version of CPE file with the xml file name of the last downloaded CPE file, if the latest version of CPE file is inconsistent with the xml file name of the last downloaded CPE file, reading and analyzing the xml file of the current download, removing the content item according to the cpe_uri field, reserving the newly added xml file content item, and inputting the newly added xml file content item into a database; if the downloaded files are consistent, the downloaded files are not input into the database; wherein the xml file content item includes: vendor, name, version number, type, system version, software version, update information, software platform, hardware platform, language, others, cpe_uri.
Further, the method also comprises a Chinese and English comparison library establishment module 305: the method comprises the steps of acquiring a common Chinese name manufacturer, a Chinese name software name and an operating system version name, calling a translation API interface and translating into English; and (3) a replacement module: and the method is used for judging whether the acquired host operating system information and software information have Chinese names, and if so, the Chinese names are replaced by the corresponding English names by utilizing a Chinese-English comparison library.
Further, the checklist obtaining module 304 is specifically configured to: retrieving by using NCP, obtaining inspection list and detailed information in batches, and downloading script data according to the detailed information to obtain an inspection list data set; duplicate removal is carried out on the checking list data set, and the repetition times are recorded; checking whether the same name corresponds to different versions in the checking list by utilizing regular matching, if so, removing a checking list of a low version and marking; writing each field, the repetition number and the low version removal condition of the checking list into an excel table to obtain a checking list; and sending the checklist and the corresponding script data to configuration inspectors.
An embodiment of the present invention further provides an electronic device, and fig. 4 is a schematic structural diagram of an embodiment of the electronic device, where a flow of the embodiment of fig. 1-2 of the present invention may be implemented, as shown in fig. 4, where the electronic device may include: the device comprises a shell 41, a processor 42, a memory 43, a circuit board 44 and a power circuit 45, wherein the circuit board 44 is arranged in a space surrounded by the shell 41, and the processor 42 and the memory 43 are arranged on the circuit board 44; a power supply circuit 45 for supplying power to the respective circuits or devices of the above-described electronic apparatus; the memory 43 is for storing executable program code; the processor 42 runs a program corresponding to the executable program code by reading the executable program code stored in the memory 43 for executing the method described in any of the foregoing embodiments.
The specific implementation of the above steps by the processor 42 and the further implementation of the steps by the processor 42 through the execution of executable program codes may be referred to in the description of the embodiment of fig. 1-2 of the present invention, which is not repeated herein.
The electronic device exists in a variety of forms including, but not limited to:
(1) A mobile communication device: such devices are characterized by mobile communication capabilities and are primarily aimed at providing voice, data communications. Such terminals include: smart phones (e.g., iPhone), multimedia phones, functional phones, and low-end phones, etc.
(2) Ultra mobile personal computer device: such devices are in the category of personal computers, having computing and processing functions, and generally also having mobile internet access characteristics. Such terminals include: PDA, MID, and UMPC devices, etc., such as iPad.
(3) Portable entertainment device: such devices may display and play multimedia content. The device comprises: audio, video players (e.g., iPod), palm game consoles, electronic books, and smart toys and portable car navigation devices.
(4) And (3) a server: the configuration of the server includes a processor, a hard disk, a memory, a system bus, and the like, and the server is similar to a general computer architecture, but is required to provide highly reliable services, and thus has high requirements in terms of processing capacity, stability, reliability, security, scalability, manageability, and the like.
(5) Other electronic devices with data interaction functions.
Embodiments of the present invention also provide a computer-readable storage medium storing one or more programs executable by one or more processors to implement the method of any of the preceding embodiments.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
In this specification, each embodiment is described in a related manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments.
In particular, for the device embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference is made to the description of the method embodiments in part.
For convenience of description, the above apparatus is described as being functionally divided into various units/modules, respectively. Of course, the functions of the various elements/modules may be implemented in the same piece or pieces of software and/or hardware when implementing the present invention.
Those skilled in the art will appreciate that implementing all or part of the above-described methods in accordance with the embodiments may be accomplished by way of a computer program stored on a computer readable storage medium, which when executed may comprise the steps of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), or the like.
The foregoing is merely illustrative of the present invention, and the present invention is not limited thereto, and any changes or substitutions easily contemplated by those skilled in the art within the scope of the present invention should be included in the present invention. Therefore, the protection scope of the invention is subject to the protection scope of the claims.
Claims (8)
1. A method for obtaining a configuration checklist, comprising:
acquiring operating system information and software information of a host;
establishing a CPE database, and performing fuzzy matching on the acquired operating system information and software information of the host in the CPE database; the CPE database is established, specifically:
downloading the latest version of CPE file at fixed time;
if the file is downloaded for the first time, reading and analyzing an xml file of the CPE file, and inputting the file name and the content item of the xml file into a database;
if the current download is not the first download, downloading the latest version of CPE file, comparing the latest version of CPE file with the xml file name of the last downloaded CPE file, if the latest version of CPE file is inconsistent with the xml file name of the last downloaded CPE file, reading and analyzing the xml file of the current download, removing the duplication of the content item according to the cpe_uri field, reserving the newly added xml file content item, and inputting the newly added xml file content item into a database; if the downloaded files are consistent, the downloaded files are not input into the database;
wherein the xml file content item includes: vendor, name, version number, type, system version, software version, update information, software platform, hardware platform, language, others, cpe_uri;
taking the name and version number in CPE data obtained by fuzzy matching as a retrieval condition;
searching by using NCP to obtain an inspection list, and sending the inspection list to configuration inspectors;
the method comprises the steps of searching by using NCP to obtain an inspection list, specifically, searching by using NCP, obtaining an inspection list and detailed information in batches, and downloading script data according to the detailed information to obtain an inspection list data set;
duplicate removal is carried out on the checking list data set, and the repetition times are recorded;
checking whether the same name corresponds to different versions in the checking list by utilizing regular matching, if so, removing a checking list of a low version and marking;
and writing each field, the repetition number and the low version removal condition of the checking list into an excel table to obtain a checking list.
2. The method of claim 1, wherein the operating system information and the software information of the host are obtained, specifically:
acquiring the name and version number of a host operating system;
if the operating system is a Windows series system, acquiring software information and manufacturer information of the operating system installed by the host through scanning a host registry;
if the operating system is a Linux series system, acquiring software information installed by the host and manufacturer information of the operating system through a command.
3. The method of claim 1, wherein prior to fuzzy matching the acquired host operating system information and software information in the CPE database further comprises:
establishing a Chinese and English comparison library: acquiring a common Chinese name manufacturer, a Chinese name software name and an operating system version name, calling a translation API interface, and translating into English;
judging whether the acquired host operating system information and software information have Chinese names, if so, replacing the Chinese names with the corresponding English names by using a Chinese-English comparison library.
4. An apparatus for obtaining a configuration checklist, comprising:
an information acquisition module: the method comprises the steps of acquiring operating system information and software information of a host;
and a fuzzy matching module: the method comprises the steps of establishing a CPE database, and performing fuzzy matching on acquired operation system information and software information of a host in the CPE database; the fuzzy matching module further comprises a CPE database building module, which is specifically used for:
downloading the latest version of CPE file at fixed time;
if the file is downloaded for the first time, reading and analyzing an xml file of the CPE file, and inputting the file name and the content item of the xml file into a database;
if the current download is not the first download, downloading the latest version of CPE file, comparing the latest version of CPE file with the xml file name of the last downloaded CPE file, if the latest version of CPE file is inconsistent with the xml file name of the last downloaded CPE file, reading and analyzing the xml file of the current download, removing the content item according to the cpe_uri field, reserving the newly added xml file content item, and inputting the newly added xml file content item into a database; if the downloaded files are consistent, the downloaded files are not input into the database;
wherein the xml file content item includes: vendor, name, version number, type, system version, software version, update information, software platform, hardware platform, language, others, cpe_uri;
the retrieval condition acquisition module: the method is used for taking the name and the version number in CPE data obtained by fuzzy matching as a retrieval condition;
checklist acquisition module: the method comprises the steps of searching by utilizing NCP, obtaining an inspection list, and sending the inspection list to configuration inspectors; the checklist obtaining module is specifically configured to:
retrieving by using NCP, obtaining inspection list and detailed information in batches, and downloading script data according to the detailed information to obtain an inspection list data set;
duplicate removal is carried out on the checking list data set, and the repetition times are recorded;
checking whether the same name corresponds to different versions in the checking list by utilizing regular matching, if so, removing a checking list of a low version and marking;
writing each field, the repetition number and the low version removal condition of the checking list into an excel table to obtain a checking list;
and sending the checklist and the corresponding script data to configuration inspectors.
5. The apparatus of claim 4, wherein the information acquisition module is specifically configured to:
acquiring the name and version number of a host operating system;
if the operating system is a Windows series system, acquiring software information and manufacturer information of the operating system installed by the host through scanning a host registry;
if the operating system is a Linux series system, acquiring software information installed by the host and manufacturer information of the operating system through a command.
6. The apparatus of claim 4, further comprising a chinese-english collation library creation module: the method comprises the steps of acquiring a common Chinese name manufacturer, a Chinese name software name and an operating system version name, calling a translation API interface and translating into English;
and (3) a replacement module: and the method is used for judging whether the acquired host operating system information and software information have Chinese names, and if so, the Chinese names are replaced by the corresponding English names by utilizing a Chinese-English comparison library.
7. An electronic device, the electronic device comprising: the device comprises a shell, a processor, a memory, a circuit board and a power circuit, wherein the circuit board is arranged in a space surrounded by the shell, and the processor and the memory are arranged on the circuit board; a power supply circuit for supplying power to each circuit or device of the electronic apparatus; the memory is used for storing executable program codes; a processor runs a program corresponding to the executable program code by reading the executable program code stored in the memory for performing the method of acquiring a configuration checklist as claimed in any one of the preceding claims 1 to 3.
8. A computer readable storage medium storing one or more programs executable by one or more processors to implement the method of obtaining a configuration checklist of any one of the preceding claims 1 to 3.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911316904.4A CN111078481B (en) | 2019-12-19 | 2019-12-19 | Method, device, electronic equipment and storage medium for acquiring configuration checklist |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911316904.4A CN111078481B (en) | 2019-12-19 | 2019-12-19 | Method, device, electronic equipment and storage medium for acquiring configuration checklist |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111078481A CN111078481A (en) | 2020-04-28 |
| CN111078481B true CN111078481B (en) | 2023-12-26 |
Family
ID=70315603
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911316904.4A Active CN111078481B (en) | 2019-12-19 | 2019-12-19 | Method, device, electronic equipment and storage medium for acquiring configuration checklist |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111078481B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111611284A (en) * | 2020-05-28 | 2020-09-01 | 联想(北京)有限公司 | Material list generation method and electronic equipment |
| CN112734056A (en) * | 2020-12-29 | 2021-04-30 | 望海康信(北京)科技股份公司 | Operation and maintenance system, method and corresponding equipment and storage medium |
| CN114070638B (en) * | 2021-11-22 | 2023-07-18 | 安天科技集团股份有限公司 | Computer system security defense method and device, electronic equipment and medium |
| CN117151397A (en) * | 2023-08-31 | 2023-12-01 | 应急管理部大数据中心 | Intelligent matching management method for field inspection scheme tasks |
| CN117150097B (en) * | 2023-08-31 | 2024-03-01 | 应急管理部大数据中心 | Automatic matching method for law enforcement checklist |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8725702B1 (en) * | 2012-03-15 | 2014-05-13 | Symantec Corporation | Systems and methods for repairing system files |
| CN106201867A (en) * | 2016-06-29 | 2016-12-07 | 武汉斗鱼网络科技有限公司 | Customizable automatic unit method of testing and system under a kind of Linux platform |
| WO2018121442A1 (en) * | 2016-12-30 | 2018-07-05 | 腾讯科技(深圳)有限公司 | Method and device for processing software information, storage medium, and electronic device |
| CN108900527A (en) * | 2018-07-20 | 2018-11-27 | 南京方恒信息技术有限公司 | A kind of security configuration check system |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9106539B2 (en) * | 2009-03-26 | 2015-08-11 | At&T Intellectual Property I, L.P. | User-controlled network configuration for handling multiple classes of service |
| US9317692B2 (en) * | 2009-12-21 | 2016-04-19 | Symantec Corporation | System and method for vulnerability risk analysis |
-
2019
- 2019-12-19 CN CN201911316904.4A patent/CN111078481B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8725702B1 (en) * | 2012-03-15 | 2014-05-13 | Symantec Corporation | Systems and methods for repairing system files |
| CN106201867A (en) * | 2016-06-29 | 2016-12-07 | 武汉斗鱼网络科技有限公司 | Customizable automatic unit method of testing and system under a kind of Linux platform |
| WO2018121442A1 (en) * | 2016-12-30 | 2018-07-05 | 腾讯科技(深圳)有限公司 | Method and device for processing software information, storage medium, and electronic device |
| CN108900527A (en) * | 2018-07-20 | 2018-11-27 | 南京方恒信息技术有限公司 | A kind of security configuration check system |
Non-Patent Citations (1)
| Title |
|---|
| 引入SCAP标准提高系统配置安全;张力;;信息安全与技术(10);24-28 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111078481A (en) | 2020-04-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111078481B (en) | Method, device, electronic equipment and storage medium for acquiring configuration checklist | |
| CN106897072B (en) | Service engineering calling method and device and electronic equipment | |
| CN111507086B (en) | Automatic discovery of translated text locations in localized applications | |
| US10203953B2 (en) | Identification of duplicate function implementations | |
| CN110866258A (en) | Method for quickly positioning bug, electronic device and storage medium | |
| CN111367531B (en) | Code processing method and device | |
| US20170249143A1 (en) | Detecting open source components built into mobile applications | |
| CN113157315A (en) | Method, device, equipment and medium for identifying difference information of different versions of software | |
| CN110688096A (en) | Method, device, medium and electronic equipment for constructing application program containing plug-in | |
| CN111831920A (en) | User demand analysis method and device, computer equipment and storage medium | |
| CN116868193A (en) | Firmware component identification and vulnerability assessment | |
| CN111488483B (en) | Method, device, terminal and non-transitory computer readable storage medium for updating a library | |
| CN112988583A (en) | Method and device for testing syntax compatibility of database | |
| CN111290961A (en) | Interface test management method and device and terminal equipment | |
| CN116820477A (en) | Dependency management method, device, electronic equipment and storage medium | |
| CN107766228B (en) | Multi-language-based automatic testing method and device | |
| CN114756868A (en) | Network asset and vulnerability association method and device based on fingerprint | |
| CN114816816A (en) | Collapse stack information processing method, device, equipment and storage medium | |
| CN114281688A (en) | Codeless or low-code automatic case management method and device | |
| CN107451050B (en) | Function acquisition method and device and server | |
| CN110674491A (en) | Method and device for real-time evidence obtaining of android application and electronic equipment | |
| CN112711424B (en) | Method and device for determining risk problems of application program and storage medium | |
| CN112947948B (en) | Deployment method and device of application service | |
| CN117271309A (en) | Service testing method, system, electronic equipment and storage medium | |
| CN114169309A (en) | Method and device for modifying behavior data table, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 150028 building 7, innovation and entrepreneurship square, science and technology innovation city, Harbin high tech Industrial Development Zone, Heilongjiang Province (No. 838, Shikun Road) Applicant after: Antan Technology Group Co.,Ltd. Address before: 150028 building 7, innovation and entrepreneurship square, science and technology innovation city, Harbin high tech Industrial Development Zone, Harbin, Heilongjiang Province (No. 838, Shikun Road) Applicant before: Harbin Antian Science and Technology Group Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |