CN111490991B - Multiple server connection request system and method based on communication equipment - Google Patents

Multiple server connection request system and method based on communication equipment Download PDF

Info

Publication number
CN111490991B
CN111490991B CN202010281755.9A CN202010281755A CN111490991B CN 111490991 B CN111490991 B CN 111490991B CN 202010281755 A CN202010281755 A CN 202010281755A CN 111490991 B CN111490991 B CN 111490991B
Authority
CN
China
Prior art keywords
server
servers
submodule
security
communication terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010281755.9A
Other languages
Chinese (zh)
Other versions
CN111490991A (en
Inventor
不公告发明人
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SUZHOU LEMIFAN ELECTRIC TECHNOLOGY Co.,Ltd.
Original Assignee
Suzhou Lemifan Electric Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Suzhou Lemifan Electric Technology Co ltd filed Critical Suzhou Lemifan Electric Technology Co ltd
Priority to CN202110186028.9A priority Critical patent/CN112953935A/en
Priority to CN202010281755.9A priority patent/CN111490991B/en
Publication of CN111490991A publication Critical patent/CN111490991A/en
Application granted granted Critical
Publication of CN111490991B publication Critical patent/CN111490991B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a system and a method for requesting connection of a plurality of servers based on communication equipment, wherein the system comprises a user identifier allocation login module, a server unified data feedback module, a server security authentication module, a plurality of server response time grading modules and a server operation and maintenance state real-time scanning module, the user identifier allocation login module is used for logging in according to a unique user identifier which is registered and connected with a communication terminal by the server, the server unified data feedback module acquires the connection information and the address information of the server, the server security authentication module is used for carrying out unified analysis on the security of the plurality of servers, the plurality of server response time grading modules are used for judging the response time of the plurality of servers connected with the communication terminal and carrying out response grading, the server operation and maintenance state real-time scanning module is used for carrying out real-time scanning on the operation and maintenance states of the plurality of servers, the updating state of the server is confirmed, and the safety of different servers can be monitored.

Description

Multiple server connection request system and method based on communication equipment
Technical Field
The invention relates to the field of communication, in particular to a system and a method for requesting connection of a plurality of servers based on communication equipment.
Background
The communication equipment is used for wired communication equipment and wireless communication equipment in an industrial control environment. The wired communication equipment mainly introduces equipment for solving serial port communication, professional bus type communication, industrial Ethernet communication and conversion among various communication protocols in industrial fields, and mainly comprises equipment such as a router, a switch, a modem and the like. The wireless communication equipment mainly comprises wireless AP, a wireless network bridge, a wireless network card, a wireless lightning arrester, an antenna and the like. The communication also includes military communication and civil communication, and the three communication operators in China are mobile communication, communication and telecommunication communication.
The wireless communication device has the greatest advantages of environment, no limitation of wires, certain mobility, low construction difficulty and low cost, but has weak interference resistance, slow transmission rate, limited bandwidth, limited transmission distance and low cost. But wireless communication is changing corresponding technology to make the higher transmission rate reach 100Mbps not lower than wired communication), more stable and convenient, so wireless communication devices will be a development trend.
Servers, also known as servers, are devices that provide computing services. Since the server needs to respond to and process the service request, the server generally has the capability of assuming and securing the service. The server is constructed to include a processor, a hard disk, a memory, a system bus, etc., similar to a general-purpose computer architecture, but requires high processing power, stability, reliability, security, scalability, manageability, etc., due to the need to provide highly reliable services.
At present, when a plurality of servers are connected, managers often use the stable and efficient operation of maintaining the servers as own work targets, but the security of the servers is often considered less, so that the security of the servers is lower, a leak is generated, the whole connection system is broken down, and loss is caused.
Disclosure of Invention
The invention aims to provide a system and a method for requesting connection of a plurality of servers based on communication equipment, which aim to solve the problems in the prior art.
In order to achieve the purpose, the invention provides the following technical scheme:
a system for acquiring a plurality of server requests based on communication equipment comprises a user identifier distribution login module, a server unified data feedback module, a server security authentication module, a plurality of server response time grading modules and a server operation and maintenance state real-time scanning module, wherein the user identifier distribution login module, the server unified data feedback module and the server security authentication module are mutually connected through an intranet, and the server security authentication module, the plurality of server response time grading modules and the server operation and maintenance state real-time scanning module are sequentially connected through the intranet;
the system comprises a user identification distribution login module, a server unified data feedback module, a server security authentication module, a plurality of server response time grading modules and a server operation and maintenance state real-time scanning module, wherein the user identification distribution login module is used for logging in according to a unique user identification which is registered and connected with a communication terminal by a server, the server unified data feedback module is used for acquiring connection information and address information of the server, the server security authentication module is used for carrying out unified analysis on the security of a plurality of servers, the plurality of server response time grading modules are used for judging the response time of the plurality of servers connected with the communication terminal and grading responses, and the server operation and maintenance state real-time scanning.
By adopting the technical scheme: the user identification distribution login module comprises a registration information request submodule and a carried information connection screening submodule, wherein the registration information request submodule is used for a plurality of servers to send signals requesting connection to the communication terminal, the communication terminal collects the signals requesting connection and sends different user identifications in a unified mode, the servers are connected with the communication terminal through unique user identifications, the carried information connection screening submodule is used for screening the types of the servers according to the registration login information of the servers, the servers which are not necessarily connected are removed, and the server information which is successfully connected is sent to the server unified data feedback module.
By adopting the technical scheme: the server unified data feedback module comprises an equipment information statistics submodule and a server address analysis submodule, wherein the equipment information statistics submodule is used for carrying out statistics on server information connected with a communication terminal, the server information comprises a processor, a CPU, a chip set, a memory and a disk system, the server information which is well counted is made into a list to be stored, the server address analysis submodule is used for analyzing the IP address and the access port number of the server, whether the IP addresses corresponding to different servers belong to abnormal IP addresses and access port numbers or not is confirmed, and the server IP address and the access port number which are successfully verified are stored.
By adopting the technical scheme: the server security authentication module comprises an authentication information acquisition submodule and an authentication information security analysis submodule, wherein the authentication information acquisition submodule is used for acquiring security certificates of the server, the security of different IP sections is scanned through a scanner, the IP sections comprise A-type addresses, B-type addresses, C-type addresses and D-type addresses, the D-type addresses are not included in the server security analysis, the authentication information acquisition submodule classifies the different IP sections in the server into A, B, C-type addresses for security scanning detection, the security data of the scanned different servers are sent to the authentication information security analysis submodule, and the authentication information security analysis submodule is used for analyzing the security data of the server scanned by the authentication information acquisition submodule.
By adopting the technical scheme: the authentication information security analysis submodule receives security data of a plurality of IP sections in different servers and sets N IP sections in a certain server, wherein the number of A-type addresses in the IP sections is NiThe number of class B addresses being NgThe number of class C addresses is NkSetting the safety factor scanning data of the authentication information acquisition submodule to the class A address as A1、A2、A3、…、AiThe safety factor scanning data of the authentication information acquisition submodule to the B-type address is B1、B2、B3、…、BgThe safety factor scanning data of the authentication information acquisition submodule to the C-type address is C1、C2、C3、…、CkWherein, the security detection percentage of the class A address in the IP section is 55%, the security detection percentage of the class B address is 35%, the security detection percentage of the class C address is 10%, the total security detection data of the server is set as Z, according to the formula:
Z=55%(
Figure 376470DEST_PATH_IMAGE001
)+35%(
Figure 85581DEST_PATH_IMAGE002
)+10%(
Figure 222165DEST_PATH_IMAGE003
and calculating the total security detection data of the server, calculating the security of the servers connected with the communication terminal one by one according to the method, sequencing the security of the plurality of servers, and marking the servers with the security less than a set threshold.
By adopting the technical scheme: the server response time grading modules comprise a remote communication request time counting submodule and a response time recording and analyzing submodule, wherein the remote communication request time counting submodule is used for sending a virtual signal to a server connected with a communication terminal, counting the time of connection between the virtual signal and the server, the response time recording and analyzing submodule analyzes the response time of different servers according to the sending and arrival time of the virtual signal, and responses of different servers are graded according to the response time of the servers.
By adopting the technical scheme: the server operation and maintenance state real-time scanning module comprises a bug fixing submodule and a big data platform, wherein the bug fixing submodule is used for scanning bugs of the server system when the server system is updated and fixing the scanned bugs, and the big data platform is used for recording bug fixing time and detecting the stability of the server updating system.
A method for acquiring a plurality of server requests based on communication equipment comprises the following steps:
s1: the system comprises a user identification distribution login module, a registration information request submodule, a carrying information connection screening submodule, a server unified data feedback module and a server unified data feedback module, wherein the user identification distribution login module is used for distributing unique user identification for login according to the registration connection between a server and a communication terminal, the registration information request submodule is used for sending a signal for requesting connection to the communication terminal by a plurality of servers, the communication terminal collects the signal for requesting connection and sends different user identifications in a unified mode, the server is connected with the communication terminal through the unique user identification, the carrying information connection screening submodule is used for screening the types of the servers according to the registration login information of the servers, the servers which are not necessarily connected;
s2: the server unified data feedback module is used for collecting the connection information and the address information of the server, the equipment information statistics submodule is used for carrying out statistics on the server information connected with the communication terminal, the server information comprises a processor, a CPU, a chip set, a memory and a disk system, the server information which is well counted is made into a list to be stored, the server address analysis submodule is used for analyzing the IP address and the access port number of the server, whether the IP addresses corresponding to different servers belong to abnormal IP addresses and access port numbers or not is confirmed, and the server IP address and the access port number which are successfully verified are stored;
s3: the security of a plurality of servers is analyzed in a unified mode by utilizing a server security authentication module, an authentication information acquisition submodule acquires security certificates of the servers, the security of different IP sections is scanned through a scanner, the IP sections comprise A-type addresses, B-type addresses, C-type addresses and D-type addresses, the D-type addresses are not included in the server security analysis, the authentication information acquisition submodule classifies the different IP sections in the servers into A, B, C-type addresses for security scanning detection, security data scanning different servers are sent to the authentication information security analysis submodule, and the authentication information security analysis submodule analyzes the security data of the servers scanned by the authentication information acquisition submodule;
s4: the method comprises the steps that response time of a plurality of servers connected to a communication terminal is judged by a plurality of server response time grading modules, response grading is carried out, a remote communication request time counting submodule sends a virtual signal to the servers connected with the communication terminal, the time for establishing connection between the virtual signal and the servers is counted, a response time recording and analyzing submodule analyzes response time of different servers according to the time for sending and arriving the virtual signal, and response grading is carried out on different servers according to the response time of the servers;
s5: the operation and maintenance states of the servers are scanned in real time by the server operation and maintenance state real-time scanning module, the updating state of the servers is confirmed, the vulnerability repair submodule is used for scanning vulnerabilities of the server system when the server system is updated, the scanned vulnerabilities are repaired, and the big data platform is used for recording vulnerability repair time and detecting the stability of the server updating system.
By adopting the technical scheme: in step S4, the method further includes the steps of determining response times of a plurality of servers connected to the communication terminal by using a plurality of server response time ranking modules, performing response ranking, sending a virtual signal to a server connected to the communication terminal by the remote communication request time counting submodule, counting time for establishing connection between the virtual signal and the server, analyzing response times of different servers by the response time recording and analyzing submodule according to the sending and arrival time of the virtual signal, and performing response ranking on different servers according to the response times of the servers, including:
the time for sending the statistical virtual signal to the server to try to establish the connection is set as T1、T2、T3、…、Tn-1、TnThe time for establishing connection between the virtual signal and the server is t1、t2、t3、…、tn-1、tnThe method comprises the following steps that the connection establishment time of a virtual signal and a server is influenced by the current network speed and the distance between the server and a communication terminal, the current network speed is set to be Ls, when Ls is more than or equal to 500kb/s and less than or equal to 1M/s, the influence rate of the current network speed on signal connection is 21%, when Ls is more than 1M/s and less than or equal to 2M/s, the influence rate of the current network speed on signal connection is 14%, when Ls is more than 2M/s, the influence rate of the current network speed on signal connection is 3%, the influence rate of the distance between the current server and the communication terminal on the connection establishment of the virtual signal and the server is set to be 7%, and the response time of the current server and the communication terminal is set to be ts (unit:
Figure 31989DEST_PATH_IMAGE005
calculating response time of the current server and the communication terminal, calculating response time of different servers one by one, sorting according to the calculated response time, grading response time after sorting is finished, and sending the response time grades of the server and the communication terminal to a big data platform for storage.
Compared with the prior art, the invention has the beneficial effects that: the method can monitor the safety of different servers, repair system bugs of the scanning servers in time, classify the response time of the servers, and preferentially select the server with high response speed for connection operation;
the system comprises a communication terminal, a user identification distribution login module, a server unified data feedback module, a server security authentication module, a plurality of server response time grading modules, a server operation and maintenance state real-time scanning module and a server update state real-time scanning module, wherein the server registration connection login module is used for registering and distributing unique user identification according to a server and the communication terminal, the server unified data feedback module is used for collecting connection information and address information of the server, the server security authentication module is used for carrying out unified analysis on the security of a plurality of servers, the plurality of server response time grading modules are used for judging the response time of the plurality of servers.
Drawings
In order that the present invention may be more readily and clearly understood, a more particular description of the invention briefly described above will be rendered by reference to specific embodiments that are illustrated in the appended drawings.
FIG. 1 is a block diagram of a system for requesting connection of multiple servers based on a communication device according to the present invention;
FIG. 2 is a diagram illustrating specific steps of a method for requesting connection among multiple servers according to a communication device of the present invention;
fig. 3 is a schematic diagram of an implementation method of a method for requesting connection by multiple servers based on a communication device according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1 to 3, in an embodiment of the present invention, a system and a method for requesting connection of multiple servers based on a communication device include a user identifier allocation login module, a server unified data feedback module, a server security authentication module, multiple server response time classification modules, and a server operation and maintenance state real-time scanning module, where the user identifier allocation login module, the server unified data feedback module, and the server security authentication module are connected to each other through an intranet, and the server security authentication module, the multiple server response time classification modules, and the server operation and maintenance state real-time scanning module are connected to each other through the intranet in sequence;
the system comprises a user identification distribution login module, a server unified data feedback module, a server security authentication module, a plurality of server response time grading modules and a server operation and maintenance state real-time scanning module, wherein the user identification distribution login module is used for logging in according to a unique user identification which is registered and connected with a communication terminal by a server, the server unified data feedback module is used for acquiring connection information and address information of the server, the server security authentication module is used for carrying out unified analysis on the security of a plurality of servers, the plurality of server response time grading modules are used for judging the response time of the plurality of servers connected with the communication terminal and grading responses, and the server operation and maintenance state real-time scanning.
By adopting the technical scheme: the user identification distribution login module comprises a registration information request submodule and a carried information connection screening submodule, wherein the registration information request submodule is used for a plurality of servers to send signals requesting connection to the communication terminal, the communication terminal collects the signals requesting connection and sends different user identifications in a unified mode, the servers are connected with the communication terminal through unique user identifications, the carried information connection screening submodule is used for screening the types of the servers according to the registration login information of the servers, the servers which are not necessarily connected are removed, and the server information which is successfully connected is sent to the server unified data feedback module.
By adopting the technical scheme: the server unified data feedback module comprises an equipment information statistics submodule and a server address analysis submodule, wherein the equipment information statistics submodule is used for carrying out statistics on server information connected with a communication terminal, the server information comprises a processor, a CPU, a chip set, a memory and a disk system, the server information which is well counted is made into a list to be stored, the server address analysis submodule is used for analyzing the IP address and the access port number of the server, whether the IP addresses corresponding to different servers belong to abnormal IP addresses and access port numbers or not is confirmed, and the server IP address and the access port number which are successfully verified are stored.
By adopting the technical scheme: the server security authentication module comprises an authentication information acquisition submodule and an authentication information security analysis submodule, wherein the authentication information acquisition submodule is used for acquiring security certificates of the server, the security of different IP sections is scanned through a scanner, the IP sections comprise A-type addresses, B-type addresses, C-type addresses and D-type addresses, the D-type addresses are not included in the server security analysis, the authentication information acquisition submodule classifies the different IP sections in the server into A, B, C-type addresses for security scanning detection, the security data of the scanned different servers are sent to the authentication information security analysis submodule, and the authentication information security analysis submodule is used for analyzing the security data of the server scanned by the authentication information acquisition submodule.
By adopting the technical scheme: the authentication information security analysis submodule receives security data of a plurality of IP sections in different servers and sets N IP sections in a certain server, wherein the number of A-type addresses in the IP sections is NiThe number of class B addresses being NgThe number of class C addresses is NkSetting the safety factor scanning data of the authentication information acquisition submodule to the class A address as A1、A2、A3、…、AiThe safety factor scanning data of the authentication information acquisition submodule to the B-type address is B1、B2、B3、…、BgThe safety factor scanning data of the authentication information acquisition submodule to the C-type address is C1、C2、C3、…、CkWherein, the security detection percentage of the class A address in the IP section is 55%, the security detection percentage of the class B address is 35%, the security detection percentage of the class C address is 10%, the total security detection data of the server is set as Z, according to the formula:
Z=55%(
Figure 759773DEST_PATH_IMAGE006
)+35%(
Figure 91266DEST_PATH_IMAGE002
)+10%(
Figure 562699DEST_PATH_IMAGE003
and calculating the total security detection data of the server, calculating the security of the servers connected with the communication terminal one by one according to the method, sequencing the security of the plurality of servers, and marking the servers with the security less than a set threshold.
By adopting the technical scheme: the server response time grading modules comprise a remote communication request time counting submodule and a response time recording and analyzing submodule, wherein the remote communication request time counting submodule is used for sending a virtual signal to a server connected with a communication terminal, counting the time of connection between the virtual signal and the server, the response time recording and analyzing submodule analyzes the response time of different servers according to the sending and arrival time of the virtual signal, and responses of different servers are graded according to the response time of the servers.
By adopting the technical scheme: the server operation and maintenance state real-time scanning module comprises a bug fixing submodule and a big data platform, wherein the bug fixing submodule is used for scanning bugs of the server system when the server system is updated and fixing the scanned bugs, and the big data platform is used for recording bug fixing time and detecting the stability of the server updating system.
A method for acquiring a plurality of server requests based on communication equipment comprises the following steps:
s1: the system comprises a user identification distribution login module, a registration information request submodule, a carrying information connection screening submodule, a server unified data feedback module and a server unified data feedback module, wherein the user identification distribution login module is used for distributing unique user identification for login according to the registration connection between a server and a communication terminal, the registration information request submodule is used for sending a signal for requesting connection to the communication terminal by a plurality of servers, the communication terminal collects the signal for requesting connection and sends different user identifications in a unified mode, the server is connected with the communication terminal through the unique user identification, the carrying information connection screening submodule is used for screening the types of the servers according to the registration login information of the servers, the servers which are not necessarily connected;
s2: the server unified data feedback module is used for collecting the connection information and the address information of the server, the equipment information statistics submodule is used for carrying out statistics on the server information connected with the communication terminal, the server information comprises a processor, a CPU, a chip set, a memory and a disk system, the server information which is well counted is made into a list to be stored, the server address analysis submodule is used for analyzing the IP address and the access port number of the server, whether the IP addresses corresponding to different servers belong to abnormal IP addresses and access port numbers or not is confirmed, and the server IP address and the access port number which are successfully verified are stored;
s3: the security of a plurality of servers is analyzed in a unified mode by utilizing a server security authentication module, an authentication information acquisition submodule acquires security certificates of the servers, the security of different IP sections is scanned through a scanner, the IP sections comprise A-type addresses, B-type addresses, C-type addresses and D-type addresses, the D-type addresses are not included in the server security analysis, the authentication information acquisition submodule classifies the different IP sections in the servers into A, B, C-type addresses for security scanning detection, security data scanning different servers are sent to the authentication information security analysis submodule, and the authentication information security analysis submodule analyzes the security data of the servers scanned by the authentication information acquisition submodule;
s4: the method comprises the steps that response time of a plurality of servers connected to a communication terminal is judged by a plurality of server response time grading modules, response grading is carried out, a remote communication request time counting submodule sends a virtual signal to the servers connected with the communication terminal, the time for establishing connection between the virtual signal and the servers is counted, a response time recording and analyzing submodule analyzes response time of different servers according to the time for sending and arriving the virtual signal, and response grading is carried out on different servers according to the response time of the servers;
s5: the operation and maintenance states of the servers are scanned in real time by the server operation and maintenance state real-time scanning module, the updating state of the servers is confirmed, the vulnerability repair submodule is used for scanning vulnerabilities of the server system when the server system is updated, the scanned vulnerabilities are repaired, and the big data platform is used for recording vulnerability repair time and detecting the stability of the server updating system.
By adopting the technical scheme: in step S4, the method further includes the steps of determining response times of a plurality of servers connected to the communication terminal by using a plurality of server response time ranking modules, performing response ranking, sending a virtual signal to a server connected to the communication terminal by the remote communication request time counting submodule, counting time for establishing connection between the virtual signal and the server, analyzing response times of different servers by the response time recording and analyzing submodule according to the sending and arrival time of the virtual signal, and performing response ranking on different servers according to the response times of the servers, including:
the time for sending the statistical virtual signal to the server to try to establish the connection is set as T1、T2、T3、…、Tn-1、TnThe time for establishing connection between the virtual signal and the server is t1、t2、t3、…、tn-1、tnThe method comprises the following steps that the connection establishment time of a virtual signal and a server is influenced by the current network speed and the distance between the server and a communication terminal, the current network speed is set to be Ls, when Ls is more than or equal to 500kb/s and less than or equal to 1M/s, the influence rate of the current network speed on signal connection is 21%, when Ls is more than 1M/s and less than or equal to 2M/s, the influence rate of the current network speed on signal connection is 14%, when Ls is more than 2M/s, the influence rate of the current network speed on signal connection is 3%, the influence rate of the distance between the current server and the communication terminal on the connection establishment of the virtual signal and the server is set to be 7%, and the response time of the current server and the communication terminal is set to be ts (unit:
Figure 663248DEST_PATH_IMAGE005
calculating response time of the current server and the communication terminal, calculating response time of different servers one by one, sorting according to the calculated response time, grading response time after sorting is finished, and sending the response time grades of the server and the communication terminal to a big data platform for storage.
Example 1: the method comprises the steps of setting safety factor scanning data of an authentication information acquisition submodule on class A addresses in an IP section of a server to be 0.62, 0.71, 0.80, 0.69 and 0.77, setting safety factor scanning data of the authentication information acquisition submodule on class B addresses to be 0.56, 0.67, 0.62 and 0.72, setting safety factor scanning data of the authentication information acquisition submodule on class C addresses to be 0.83, 0.55, 0.74 and 0.66, wherein the maximum safety factor is 1, the safety detection occupation ratio of the class A addresses in the IP section is 55%, the safety detection occupation ratio of the class B addresses is 35%, the safety detection occupation ratio of the class C addresses is 10%, setting total safety detection data of the server to be Z, and according to the formula:
Z=55%(
Figure 561934DEST_PATH_IMAGE007
)+35%(
Figure 147767DEST_PATH_IMAGE008
)+10%(
Figure 390267DEST_PATH_IMAGE009
)≈0.69
and calculating to obtain total security detection data of the server as 0.69, continuously calculating the security of the servers connected with the communication terminal one by one, sequencing the security of the plurality of servers, marking the servers with the security less than a set threshold value, and setting the threshold value as 0.5.
Example 2: the method comprises the following steps of setting safety factor scanning data of an authentication information acquisition submodule on class A addresses in an IP section of a server to be 0.53, 0.45, 0.41, 0.42 and 0.51, setting safety factor scanning data of the authentication information acquisition submodule on class B addresses to be 0.45, 0.61 and 0.52, setting safety factor scanning data of the authentication information acquisition submodule on class C addresses to be 0.46, 0.42, 0.54 and 0.47, wherein the maximum safety factor is 1, the safety detection occupation ratio of the class A addresses in the IP section is 55%, the safety detection occupation ratio of the class B addresses is 35%, the safety detection occupation ratio of the class C addresses is 10%, setting total safety detection data of the server to be Z, and according to a formula:
Z=55%(
Figure 377946DEST_PATH_IMAGE010
)+35%(
Figure 181954DEST_PATH_IMAGE011
)+10%(
Figure 36776DEST_PATH_IMAGE012
)≈0.49
and calculating to obtain total security detection data of the server as 0.49, wherein the security factor of the server is lower than a set threshold value of 0.5, and marking the server.
Example 3: and limiting conditions, wherein the time for sending the statistical virtual signal to the server A to try to establish the connection is 13:01:11, the time for establishing the connection between the virtual signal and the server is 13:02:27, the time for establishing the connection between the virtual signal and the server is influenced by the current network speed and the distance between the server and the communication terminal, and the current network speed is set to be 13
Figure DEST_PATH_IMAGE013
And =1.1M/s, wherein 1M/s < 1.1M/s > 2M/s, the influence rate of the current network speed on the signal connection is 14%, the response time of the current server and the communication terminal is set to be ts (unit: second), and according to the formula:
Figure 958333DEST_PATH_IMAGE014
calculating to obtain the response time of the current server and the communication terminal as 0.74s, calculating the response time of different servers one by one, sorting according to the calculated response time, grading the response time after sorting is finished, and sending the response time grades of the server and the communication terminal to a big data platform for storage.
Example 4: and limiting conditions, wherein the time for sending the statistical virtual signal to the server A to try to establish the connection is 2:32:14, the time for establishing the connection between the virtual signal and the server is 2:32:55, the time for establishing the connection between the virtual signal and the server is influenced by the current network speed and the distance between the server and the communication terminal, and the current network speed is set to be 2
Figure 800518DEST_PATH_IMAGE013
And =2.7M/s, where 2.7M/s > 2M/s, the influence rate of the current network speed on the signal connection is 3%, the response time of the current server and the communication terminal is set to be ts (unit: second), and according to the formula:
Figure DEST_PATH_IMAGE015
calculating to obtain the response time of the current server and the communication terminal as 0.09s, calculating the response time of different servers one by one, sorting according to the calculated response time, grading the response time after sorting is finished, and sending the response time grades of the server and the communication terminal to a big data platform for storage.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein.

Claims (6)

1. A multiple server request acquisition system based on a communication device, characterized by: the system comprises a user identifier distribution login module, a server unified data feedback module, a server security authentication module, a plurality of server response time grading modules and a server operation and maintenance state real-time scanning module, wherein the user identifier distribution login module, the server unified data feedback module and the server security authentication module are mutually connected through an intranet, and the server security authentication module, the plurality of server response time grading modules and the server operation and maintenance state real-time scanning module are sequentially connected through the intranet;
the system comprises a user identification distribution login module, a server unified data feedback module, a server security authentication module, a plurality of server response time grading modules and a server operation and maintenance state real-time scanning module, wherein the user identification distribution login module is used for logging in according to a unique user identification which is registered, connected and distributed by a server and a communication terminal, the server unified data feedback module is used for acquiring connection information and address information of the server, the server security authentication module is used for carrying out unified analysis on the security of a plurality of servers, the plurality of server response time grading modules are used for judging the response time of the plurality of servers connected to the communication terminal and carrying out response grading, and the server operation and maintenance state;
the server security authentication module comprises an authentication information acquisition submodule and an authentication information security analysis submodule, wherein the authentication information acquisition submodule is used for acquiring security certificates of the server and scanning the security of different IP sections through a scanner, the IP sections comprise A-type addresses, B-type addresses, C-type addresses and D-type addresses, the D-type addresses are not included in the server security analysis, the authentication information acquisition submodule classifies the different IP sections in the server into A, B, C-type addresses for security scanning detection and sends the security data of the scanned different servers to the authentication information security analysis submodule, and the authentication information security analysis submodule is used for analyzing the security data of the server scanned by the authentication information acquisition submodule;
the server response time grading modules comprise a remote communication request time counting submodule and a response time recording and analyzing submodule, wherein the remote communication request time counting submodule is used for sending a virtual signal to a server connected with a communication terminal and counting the time of establishing connection between the virtual signal and the server;
the server operation and maintenance state real-time scanning module comprises a bug fixing submodule and a big data platform, wherein the bug fixing submodule is used for scanning bugs of the server system when the server system is updated and fixing the scanned bugs, and the big data platform is used for recording bug fixing time and detecting the stability of the server updating system.
2. The system of claim 1, wherein the plurality of server requests from the communication device are received from a plurality of communication devices, and wherein: the user identification distribution login module comprises a registration information request submodule and a carried information connection screening submodule, wherein the registration information request submodule is used for a plurality of servers to send signals requesting connection to the communication terminal, the communication terminal collects the signals requesting connection and sends different user identifications in a unified mode, the servers are connected with the communication terminal through unique user identifications, the carried information connection screening submodule is used for screening the types of the servers according to the registration login information of the servers, the servers which are not necessarily connected are removed, and the server information which is successfully connected is sent to the server unified data feedback module.
3. The system of claim 1, wherein the plurality of server requests from the communication device are received from a plurality of communication devices, and wherein: the server unified data feedback module comprises an equipment information statistics submodule and a server address analysis submodule, wherein the equipment information statistics submodule is used for carrying out statistics on server information connected with the communication terminal, the server information comprises a processor, a CPU, a chip set, a memory and a disk system, the server information which is well counted is made into a list to be stored, the server address analysis submodule is used for analyzing the IP address and the access port number of the server, whether the IP addresses corresponding to different servers belong to abnormal IP addresses and access port numbers or not is confirmed, and the server IP address and the access port number which are successfully verified are stored.
4. The system of claim 1, wherein the plurality of server requests from the communication device are received from a plurality of communication devices, and wherein: the authentication information security analysis submodule receives security data of a plurality of IP sections in different servers and sets N IP sections in a certain server, wherein the number of A-type addresses in the IP sections is NiThe number of class B addresses being NgThe number of class C addresses is NkSetting the safety factor scanning data of the authentication information acquisition submodule to the class A address as A1、A2、A3、…、AiThe safety factor scanning data of the authentication information acquisition submodule to the B-type address is B1、B2、B3、…、BgThe safety factor scanning data of the authentication information acquisition submodule to the C-type address is C1、C2、C3、…、CkWherein, the security detection percentage of the class A address in the IP section is 55%, the security detection percentage of the class B address is 35%, the security detection percentage of the class C address is 10%, the total security detection data of the server is set as Z, according to the formula:
Figure FDA0002789688250000031
and calculating the total security detection data of the server, calculating the security of the servers connected with the communication terminal one by one according to the method, sequencing the security of the plurality of servers, and marking the servers with the security less than a set threshold.
5. A method for obtaining a plurality of server requests based on communication equipment is characterized in that:
s1: the system comprises a user identification distribution login module, a registration information request submodule, a carrying information connection screening submodule, a server unified data feedback module and a server unified data feedback module, wherein the user identification distribution login module is used for distributing unique user identification for login according to the registration connection between a server and a communication terminal, the registration information request submodule is used for sending a signal for requesting connection to the communication terminal by a plurality of servers, the communication terminal collects the signal for requesting connection and sends different user identifications in a unified mode, the server is connected with the communication terminal through the unique user identification, the carrying information connection screening submodule is used for screening the types of the servers according to the registration login information of the servers, the servers which are not necessarily connected;
s2: the server unified data feedback module is used for collecting connection information and address information of a server, an equipment information counting submodule is used for counting server information connected with a communication terminal, the server information comprises a processor, a CPU, a chip set, a memory and a disk system, the counted server information is made into a list to be stored, a server address analyzing submodule is used for analyzing an IP address and an access port number of the server, whether the IP addresses corresponding to different servers belong to abnormal IP addresses and access port numbers or not is confirmed, and the successfully verified server IP address and access port number are stored;
s3: the security of a plurality of servers is analyzed in a unified mode by utilizing a server security authentication module, an authentication information acquisition submodule acquires security certificates of the servers, the security of different IP sections is scanned through a scanner, the IP sections comprise A-type addresses, B-type addresses, C-type addresses and D-type addresses, the D-type addresses are not included in the server security analysis, the authentication information acquisition submodule classifies the different IP sections in the servers into A, B, C-type addresses for security scanning detection, security data scanning different servers are sent to the authentication information security analysis submodule, and the authentication information security analysis submodule analyzes the security data of the servers scanned by the authentication information acquisition submodule;
s4: the method comprises the steps that response time of a plurality of servers connected to a communication terminal is judged by a plurality of server response time grading modules, response grading is carried out, a remote communication request time counting submodule sends a virtual signal to the servers connected with the communication terminal, the time for establishing connection between the virtual signal and the servers is counted, a response time recording and analyzing submodule analyzes response time of different servers according to the time for sending and arriving the virtual signal, and response grading is carried out on different servers according to the response time of the servers;
s5: the operation and maintenance states of the servers are scanned in real time by the server operation and maintenance state real-time scanning module, the updating state of the servers is confirmed, the vulnerability repair submodule is used for scanning vulnerabilities of the server system when the server system is updated, the scanned vulnerabilities are repaired, and the big data platform is used for recording vulnerability repair time and detecting the stability of the server updating system.
6. The method of claim 5, wherein the method comprises: in step S4, the method further includes the steps of determining response times of a plurality of servers connected to the communication terminal by using a plurality of server response time ranking modules, performing response ranking, sending a virtual signal to a server connected to the communication terminal by the remote communication request time counting submodule, counting time for establishing connection between the virtual signal and the server, analyzing response times of different servers by the response time recording and analyzing submodule according to the sending and arrival time of the virtual signal, and performing response ranking on different servers according to the response times of the servers, including:
setting the time for the statistical virtual signal to be sent to the server to try to establish the connection to be T1、T2、T3、…、Tn-1、TnThe time for establishing connection between the virtual signal and the server is t1、t2、t3、…、tn-1、tnThe connection establishment time of the virtual signal and the server is influenced by the current network speed and the distance between the server and the communication terminal, the current network speed is set to be Ls, when Ls is more than or equal to 500kb/s and less than or equal to 1M/s, the influence rate of the current network speed on the signal connection is 21%, when Ls is more than 1M/s and less than or equal to 2M/s, the influence rate of the current network speed on the signal connection is 14%, when Ls is more than 2M/s, the influence rate of the current network speed on the signal connection is 3%, and the current server and the communication terminal are setThe influence rate of the distance on the connection establishment between the virtual signal and the server is 7%, the response time of the current server and the current communication terminal is set to be ts, and the unit is as follows: seconds, according to the formula:
Figure FDA0002789688250000061
calculating response time of the current server and the communication terminal, calculating response time of different servers one by one, sorting according to the calculated response time, grading response time after sorting is finished, and sending the response time grades of the server and the communication terminal to a big data platform for storage.
CN202010281755.9A 2020-04-11 2020-04-11 Multiple server connection request system and method based on communication equipment Active CN111490991B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202110186028.9A CN112953935A (en) 2020-04-11 2020-04-11 Multiple server request connection system based on communication equipment
CN202010281755.9A CN111490991B (en) 2020-04-11 2020-04-11 Multiple server connection request system and method based on communication equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010281755.9A CN111490991B (en) 2020-04-11 2020-04-11 Multiple server connection request system and method based on communication equipment

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CN202110186028.9A Division CN112953935A (en) 2020-04-11 2020-04-11 Multiple server request connection system based on communication equipment

Publications (2)

Publication Number Publication Date
CN111490991A CN111490991A (en) 2020-08-04
CN111490991B true CN111490991B (en) 2021-04-27

Family

ID=71812716

Family Applications (2)

Application Number Title Priority Date Filing Date
CN202010281755.9A Active CN111490991B (en) 2020-04-11 2020-04-11 Multiple server connection request system and method based on communication equipment
CN202110186028.9A Withdrawn CN112953935A (en) 2020-04-11 2020-04-11 Multiple server request connection system based on communication equipment

Family Applications After (1)

Application Number Title Priority Date Filing Date
CN202110186028.9A Withdrawn CN112953935A (en) 2020-04-11 2020-04-11 Multiple server request connection system based on communication equipment

Country Status (1)

Country Link
CN (2) CN111490991B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111953710B (en) * 2020-08-25 2021-08-27 四川中电启明星信息技术有限公司 Terminal equipment virtual agent system and method based on big data
CN115694885B (en) * 2022-09-14 2023-05-30 华能信息技术有限公司 Data security policy management method and system

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8751794B2 (en) * 2011-12-28 2014-06-10 Pitney Bowes Inc. System and method for secure nework login
CN103188329A (en) * 2011-12-31 2013-07-03 上海伊可夫信息科技有限公司 Real-time multi-task remote network control system
CN105721895A (en) * 2014-12-02 2016-06-29 北京天籁传音数字技术有限公司 Data interaction method and data interaction system
CN109413096B (en) * 2018-11-30 2019-08-09 北京海泰方圆科技股份有限公司 A kind of login method and device more applied

Also Published As

Publication number Publication date
CN112953935A (en) 2021-06-11
CN111490991A (en) 2020-08-04

Similar Documents

Publication Publication Date Title
US10873594B2 (en) Test system and method for identifying security vulnerabilities of a device under test
CN100339838C (en) Methods apparatus and program products for wireless access points
CN111935170B (en) Network abnormal flow detection method, device and equipment
US8533819B2 (en) Method and apparatus for detecting compromised host computers
US7672283B1 (en) Detecting unauthorized wireless devices in a network
CN107733851A (en) DNS tunnels Trojan detecting method based on communication behavior analysis
US20030084321A1 (en) Node and mobile device for a mobile telecommunications network providing intrusion detection
CN111490991B (en) Multiple server connection request system and method based on communication equipment
KR20080066653A (en) Method and apparatus for whole-network anomaly diagnosis and methods to detect and classify network anomalies using traffic feature distributions
CN105868040A (en) Log collection method and collection terminal
US20220103442A1 (en) Internet of things operations monitoring system
White et al. Cooperating security managers: Distributed intrusion detection systems
CN114374626A (en) Router performance detection method under 5G network condition
CN106911665A (en) A kind of method and system for recognizing malicious code weak passwurd intrusion behavior
CN102638442A (en) System and method for detecting GTP (GPRS Tunnel Protocol) attack
CN113765850B (en) Internet of things abnormality detection method and device, computing equipment and computer storage medium
CN111565196B (en) KNXnet/IP protocol intrusion detection method, device, equipment and medium
US20130028259A1 (en) System for finding potential origins of spoofed internet protocol attack traffic
JP2020022133A (en) Infection expansion attack detection device, attack source identification method and program
CN117375889A (en) Big data abnormal behavior monitoring method, system, equipment and storage medium
CN116939589A (en) Student internet monitoring system based on campus wireless network
CN111565124A (en) Topology analysis method and device
US20230171264A1 (en) Method, Apparatus, System, Device, and Storage Medium for Implementing Terminal Verification
US11528211B2 (en) Data inspection system for inspecting operating situations of multiple IoT devices in a plurality of target IoT systems
CN115665259A (en) Encrypted HTTP request acquisition device, system and method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20210407

Address after: Room 704, building 5, No. 556, Changjiang Road, high tech Zone, Suzhou, Jiangsu 215000

Applicant after: SUZHOU LEMIFAN ELECTRIC TECHNOLOGY Co.,Ltd.

Address before: 215000 No.133, Nanshi street, Suzhou Industrial Park, Jiangsu Province

Applicant before: Suzhou Taoxi Network Technology Co.,Ltd.

GR01 Patent grant
GR01 Patent grant