CN111628973A - Remote login control method and device, computer equipment and storage medium - Google Patents
Remote login control method and device, computer equipment and storage medium Download PDFInfo
- Publication number
- CN111628973A CN111628973A CN202010386656.7A CN202010386656A CN111628973A CN 111628973 A CN111628973 A CN 111628973A CN 202010386656 A CN202010386656 A CN 202010386656A CN 111628973 A CN111628973 A CN 111628973A
- Authority
- CN
- China
- Prior art keywords
- information
- verified
- remote login
- remote
- control
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/108—Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/08—Protocols specially adapted for terminal emulation, e.g. Telnet
Abstract
The embodiment of the application provides a method and a device for controlling remote login, computer equipment and a computer storage medium, wherein the method comprises the following steps: if the remote login session is successfully established, prohibiting the control terminal corresponding to the remote login session from remotely controlling the control terminal; outputting prompt information, wherein the prompt information is used for prompting the input of information to be verified; verifying the received information to be verified based on preset first reference information to obtain a verification result; if the verification result is that the verification is passed, the control terminal is allowed to remotely control the control terminal, so that the defense capability of the computer equipment for virus attack or attack by bypassing the protection device after remote login is enhanced.
Description
Technical Field
The embodiment of the application relates to the technical field of information security, and relates to but is not limited to a control method and device for remote login, computer equipment and a computer storage medium.
Background
In recent years, Lesso virus frequently explodes, and a manual countermeasure form of hacker intervention is presented, so that a traditional protection device (such as antivirus software) is easy to bypass and sink, such as most popular Lesso virus of crystals, matrix and the like, an attacker obtains an account password of a Remote Desktop Protocol (RDP) by using a weak password of Remote login or a blasting attack form, the account password of the RDP is remotely logged on a host, all protection devices on the host are manually stopped, Lesso virus is successfully implanted, important file data encryption is carried out, other important assets of an internal network are rapidly attacked by using the host as a jump board in a similar way, serious influence is caused, and a Lesso victim pays redemption to unlock data, and the requirement of profit is met.
The Lessovirus is the most popular attack mode in recent years, and hackers are frequent, because most Internet Technology (IT) personnel have remote operation and maintenance requirements, or inadvertently leak a remote login port, so that the port is utilized by the hackers. The protection devices on the attacked host are all protected from behaviors with obvious threats such as virus protection, attack methods and the like, the behaviors with administrator user authority can be optionally released, or only the possibility of threat occurrence is reminded, but the handling operation is handed to the administrator, and a hacker has the administrator authority after logging in remotely, so that the protection devices can be easily closed, or a hacker tool is utilized to disable the protection devices. In the related art, identification of illegal rights or the like is lacking, and thus the defense against virus attack or attack by bypassing a guard after remote login is missed.
Disclosure of Invention
In view of this, embodiments of the present application provide a method and an apparatus for controlling remote login, a computer device, and a computer storage medium.
The technical scheme of the embodiment of the application is realized as follows:
the embodiment of the application provides a remote login control method, which comprises the following steps:
if the remote login session is successfully established, prohibiting the control terminal corresponding to the remote login session from remotely controlling the control terminal;
outputting prompt information, wherein the prompt information is used for prompting the input of information to be verified;
verifying the received information to be verified based on preset first reference information to obtain a verification result;
and if the verification result is that the verification is passed, allowing the control terminal to remotely control the control terminal.
The embodiment of the application provides a remote login control device, which comprises:
the first forbidding module is used for forbidding the control terminal corresponding to the remote login session to remotely control the control terminal if the remote login session is successfully established;
the first output module is used for outputting prompt information, and the prompt information is used for prompting the input of information to be verified;
the verification module is used for verifying the received information to be verified based on preset first reference information to obtain a verification result;
and the control module is used for allowing the control terminal to remotely control the control terminal if the verification result is that the verification is passed.
An embodiment of the present application provides a computer device, where the computer device at least includes:
a processor; and
a memory for storing a computer program operable on the processor;
wherein the computer program realizes the steps of the control method of telnet when executed by a processor.
An embodiment of the present application provides a computer storage medium, in which computer-executable instructions are stored, and the computer-executable instructions are configured to execute the steps of the control method for telnet.
According to the control method, the control device, the control equipment and the storage medium for the remote login, when the fact that the remote login session is successfully established is monitored, the control terminal corresponding to the remote login session is not allowed to directly remotely control the remote login session, the control terminal is prompted to input a control password (namely information to be verified), the control password is different from the password corresponding to the establishment of the remote login session, when the input control password is correct, the control terminal is allowed to remotely control the remote login session, and therefore the defense capability of computer equipment for virus attack or attack by bypassing a protection device after the remote login is enhanced.
Drawings
In the drawings, which are not necessarily drawn to scale, like reference numerals may describe similar components in different views. The drawings illustrate generally, by way of example, but not by way of limitation, various embodiments discussed herein.
Fig. 1 is a schematic flow chart illustrating an implementation of a method for controlling telnet according to an embodiment of the present application;
fig. 2 is a schematic flowchart of another implementation flow of a control method for telnet according to an embodiment of the present application;
fig. 3 is a schematic flowchart of another implementation of a remote login control method according to an embodiment of the present application;
fig. 4 is a schematic flowchart of another implementation of a remote login control method according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a remote login control device according to an embodiment of the present disclosure;
fig. 6 is a schematic structural diagram of a computer device according to an embodiment of the present application.
Detailed Description
In order to make the objectives, technical solutions and advantages of the present application clearer, the present application will be described in further detail with reference to the attached drawings, the described embodiments should not be considered as limiting the present application, and all other embodiments obtained by a person of ordinary skill in the art without creative efforts shall fall within the protection scope of the present application.
In the following description, reference is made to "some embodiments" which describe a subset of all possible embodiments, but it is understood that "some embodiments" may be the same subset or different subsets of all possible embodiments, and may be combined with each other without conflict.
The following description will be added if a similar description of "first \ second \ third" appears in the application file, and in the following description, the terms "first \ second \ third" merely distinguish similar objects and do not represent a specific ordering for the objects, and it should be understood that "first \ second \ third" may be interchanged under certain circumstances in a specific order or sequence, so that the embodiments of the application described herein can be implemented in an order other than that shown or described herein.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs. The terminology used herein is for the purpose of describing embodiments of the present application only and is not intended to be limiting of the application.
In order to better understand the remote login method, the apparatus, the computer device, and the storage medium provided in the embodiments of the present application, first, a related art in remote login in the related art is analyzed and explained.
Telnet is a UNIX command that logs directly onto a host system using network access via RDP (windows, provided by windows) and Secure Shell (SSH, provided by linux) protocols, and operates as if the user were in the field. Once in the host, the user can do anything the host allows, such as: read, edit, or delete files, etc. In order to facilitate business operation and maintenance, IT personnel generally open a remote login right to the internet for remote maintenance at any time, but the risk is also brought by opening the remote login right to the internet.
The Lessovirus is a novel computer virus and is mainly transmitted in the forms of mails, program trojans and webpage Trojan horses. The virus is bad in nature and extremely harmful, and once infected, immeasurable loss is brought to users. The Lessovirus encrypts the file by using various encryption algorithms, an infected person generally cannot decrypt the file, and the file can be decrypted only by taking a decrypted private key.
The Agent is in the form of a software Agent, and specifically developed software is installed on the host computer so as to do required work.
Network sessions, in computer science, and in particular in networks, are temporary, interactive exchanges of information between two or more communication devices, or between a computer and a user. A session is established at some point in time and then ended at some later point in time. An established communication session may involve multiple messages in each direction. Sessions are typically stateful, meaning that at least one communicating party needs to maintain current state information and maintain information about the history of the session in order to be able to communicate, rather than stateless communications in which communications consist of independent requests with responses. In telnet, a network session between two communication devices may be referred to as a telnet session.
Next, the problems of telnet in the related art will be explained.
In recent years, Lexus viruses frequently explode, and a manual countermeasure form of hacker intervention is presented, so that the traditional protection device (such as antivirus software) is easy to bypass and sink, such as most popular Lexus viruses of crystalis, matrix and the like, an attacker cleverly utilizes a remote login (mainly RDP protocol login) weak password or a blasting attack form to obtain an RDP account password and remotely log in a host computer, manually stops all protection devices on the host computer, successfully implants Lexus viruses, encrypts important file data, and rapidly attacks other important assets of an internal network by using a similar means by taking the host computer as a jump board, so that serious influence is caused, and the Lexus victim pays redemption to unlock data, and the requirement of the Lexus is met.
The Lessovirus is the most popular attack mode in recent years, and hackers are frequent, because most IT personnel have remote operation and maintenance requirements, or risk ports for remote login are leaked unintentionally, so that the ports are utilized by the hackers. In the related technology, the protection devices on the host computer are protected from behaviors with obvious threats such as virus protection and attack methods, the behaviors with administrator user permission are optionally released, or only the threats are reminded to occur, but the handling operation for reminding the occurrence of the threats is handed to the administrator, and hackers have the administrator permission after logging in remotely, so that the protection devices can be easily closed, or hacker tools are used for enabling the protection devices to be invalid.
In summary, the host security device has made many defensive measures on the security door to prevent the entrance of the security door, but the person who enters the security door by holding a key chooses to see it or gives a decision to the person, and the recognition of illegal activities such as illegal legal right is lacked, so the defense against virus attack or attack by bypassing the security device after remote login is missed.
Based on the problems in the related art, the embodiments of the present application provide a method for controlling remote login, where the method is applied to a computer device, and the computer device is a controlled device for remote login, that is, a controlled terminal in remote control. The method provided by this embodiment may be implemented by a computer program, and when the computer program is executed, each step in the method provided by this embodiment is completed. In some embodiments, the computer program may be executed by a processor in a remotely logged in controlled device. Fig. 1 is a schematic implementation flow diagram of a control method for remote login provided in an embodiment of the present application, and as shown in fig. 1, the method includes:
step S101, if the fact that the remote login session is successfully established is monitored, the controlled device of the remote login prohibits the control terminal corresponding to the remote login session from remotely controlling the controlled device.
In the embodiment of the application, the controlled device for remote login can be a personal computer, a server, a mobile terminal and the like. The control terminal is a terminal which applies for accessing the controlled device of remote login, and the control terminal can be a personal computer, a mobile terminal and the like. In the embodiment of the application, when monitoring whether the remote login session is successfully established, whether the remote login session is successfully established can be determined by verifying the RDP account password, if the RDP account password is correct, the remote login session is successfully established, and if the RDP account password is wrong, the remote login session is not successfully established. In the embodiment of the application, if the fact that the remote login session is successfully established is monitored, the controlled device of the remote login prohibits the control terminal corresponding to the remote login session from remotely controlling the controlled device. Disabling remote control may include: forbidding entry into the desktop, forbidding all possible bypassed shortcuts (such as invoking task manager and resource manager), etc. In the embodiment of the application, monitoring whether the remote login session is successfully established or not and prohibiting the control terminal corresponding to the remote login session from remotely controlling the control terminal by installing the proxy software on the controlled equipment for remote login.
And S102, outputting prompt information by the remote login controlled device, wherein the prompt information is used for prompting to input information to be verified.
In this embodiment of the present application, the output prompt information may be output through a login authentication window when the output prompt information is implemented, where the login authentication window provides an interface for inputting information to be verified. In some embodiments, prompting the information may also include providing a display countdown of an interface for entering the information to be verified. In this embodiment of the application, when the controlled device that remotely logs in outputs the prompt information, the prompt information may be output by proxy software on the controlled device that remotely logs in.
Step S103, the controlled device remotely logging in verifies the received information to be verified based on the preset first reference information to obtain a verification result.
In an embodiment of the present application, the first reference information is different from second reference information required for successfully establishing the telnet session. The second reference information is used for verifying the information to be verified during the telnet session. The first reference information and the second reference information may comprise passwords having reasonable password strength, and the passwords of the first reference information and the second reference information are required to be combined by numbers and letters. The first reference information and the second reference information are set to be different, so that the protection capability of the controlled equipment for remote login is enhanced. In the embodiment of the application, the first reference information is compared with the received information to be verified for verification, so that a verification result is obtained. And if the first reference information is the same as the information to be verified, the verification result is that the verification is passed, and if the first reference information is different from the information to be verified, the verification result is that the verification is not passed.
And step S104, if the verification result is that the verification is passed, allowing the control terminal to remotely control the controlled device by the remote login.
Taking over the above example, if the verification result is that the verification is passed, the allowing, by the controlled device, the control terminal to perform remote control on the controlled terminal by itself includes: and allowing the control terminal to enter a desktop of the controlled equipment for remote login, and/or allowing the control terminal to call operations such as a task manager, a resource manager and the like.
According to the control method for remote login, when it is monitored that the remote login session is successfully established, the control terminal corresponding to the remote login session is not allowed to directly remotely control the remote login session, the control terminal is prompted to input a control password (namely information to be verified), the control password is different from the password corresponding to the establishment of the remote login session, when the input control password is correct, the control terminal is allowed to remotely control the remote login session, and therefore the defense capability of controlled equipment of the remote login on virus attack or attack by bypassing a protection device after the remote login is enhanced.
In some embodiments, fig. 2 is a schematic view of another implementation flow of a control method for telnet provided in this embodiment of the present application, as shown in fig. 2, after step S101 "if a controlled device for telnet monitors that a telnet session is successfully established, a control terminal corresponding to the telnet session is prohibited from performing remote control on the controlled device, the method further includes:
step S101A, the controlled device in telnet determines an Internet Protocol (IP) address of the control terminal according to the telnet session.
In the embodiment of the application, when the remote login session is created, a new remote login session can be identified to exist, and the IP address of the control terminal corresponding to the remote login session is extracted through the remote login session.
Step S101B, the remotely logged in controlled device obtains its own stored IP address blacklist.
In step S101C, the remotely logged in controlled device determines whether the IP address of the control terminal corresponding to the remotely logged in session is in the IP address blacklist.
After the IP address of the control terminal corresponding to the remote login session is obtained, the controlled device for remote login may call the IP address blacklist stored in the controlled device for remote login, determine whether the IP address of the control terminal corresponding to the remote login session is in the IP address blacklist, if so, perform step S101D, and if not, perform step S101E.
In step S101D, the controlled device for remote login ends the remote login session.
In the embodiment of the application, if the IP address of the control terminal corresponding to the telnet session is in the IP address blacklist, it indicates that the control terminal corresponding to the IP address may have an attack risk, so that the telnet session is directly ended, and the process is ended at this time.
And step S101E, the controlled device logged in remotely outputs the prompt message.
In this embodiment of the present application, if the IP address is not in the IP address blacklist, the prompt information is output, that is, if the prompt information is not output in the IP address blacklist, verification is performed.
In the embodiment of the present application, step S103 and step S104 are executed after step S101E is executed.
In the embodiment of the application, the safety of the controlled equipment for remote login is improved by judging whether the IP address of the control terminal corresponding to the remote login session is in the blacklist or not and directly blocking the control terminal if the IP address is in the blacklist.
In some embodiments, after determining that the IP address is in an IP address blacklist, the method further comprises:
step S1, the controlled device remotely logging in determines an interval duration between the time when the IP address is added to the IP address blacklist and the current time.
Illustratively, the time when the IP address is added into the IP address blacklist is 0 point, and the current time is 12 points, then the determined interval duration is 12 hours.
Step S2, the remotely logged controlled device determines whether the interval duration reaches a preset prohibited duration threshold.
In the embodiment of the present application, if the interval duration reaches the preset prohibited duration threshold, step S3 is executed, and if the interval duration does not reach the preset prohibited duration threshold, the telnet session is ended.
In some embodiments, the IP addresses in the IP address blacklist may be queried at a certain period to determine whether the interval duration of the IP addresses reaches a duration threshold.
In this embodiment of the present application, the prohibited duration threshold may be set by an administrator of the remotely logged in controlled device. Illustratively, the prohibited duration threshold is 12 hours. If the interval duration is 10 hours and the interval duration does not reach the forbidden duration threshold, the IP address continues to be kept in the IP address blacklist.
And step S3, the controlled device remotely logging in moves the IP address out of the IP address blacklist.
Following the example above, the IP address is removed from the IP address blacklist as the interval duration reaches the prohibit duration threshold.
And step S4, the controlled device remotely logged in outputs the prompt message.
In the embodiment of the application, the prompt information is used for prompting the input of the information to be verified.
According to the method provided by the embodiment of the application, the password of the controlled terminal for remote login is prevented from being broken by the control terminal through frequent login by setting the forbidden duration threshold, and the protection capability of the controlled terminal for remote login is improved.
In some embodiments, after the step S102 "the controlled device remotely logged in outputs the prompt message", the method further includes:
in step S102A, the remotely logged controlled device starts counting down according to the waiting duration threshold.
Illustratively, the wait duration threshold is 90 seconds, and the telnet control device counts down from 90 seconds.
In step S102B, the remotely logged controlled device determines whether the information to be verified is received within the waiting time threshold.
In the embodiment of the present application, if the to-be-verified information is not received within the waiting duration threshold, step S102C is executed. When the information to be verified is received within the waiting time threshold, step S103 is executed.
In the embodiment of the present application, the waiting duration threshold may be set by an administrator of the remotely logged in controlled device, and the administrator of the remotely logged in controlled device sets the waiting duration to 90 seconds, for example.
In step S102C, the controlled device for remote login ends the remote login session.
In the embodiment of the present application, the waiting duration threshold is used to limit the output time of the prompt message, and in connection with the above example, the prompt message is output through the login authentication window, after the waiting duration threshold, if the input to-be-verified message is not received in the interface for inputting to-be-verified message provided by the login authentication window, the output of the login authentication window is ended, the remote login session is ended, and then the process is ended.
In the embodiment of the application, the risk that the control equipment corresponding to the remote login session tries password blasting is effectively avoided by setting the waiting time threshold.
Correspondingly, in step S103, "the controlled device remotely logged in verifies the received information to be verified based on the preset first reference information, and obtains a verification result" may be implemented through the following steps:
in step S103A, the remotely logged in controlled device acquires preset first reference information.
In the embodiment of the application, the preset first reference information comprises a preset user name and a preset user password, and the information to be verified comprises the user name to be verified and the user password to be verified. After receiving the information to be verified and the preset first reference information, the information to be verified can be verified.
Step S103B, the remotely logged controlled device determines whether the first reference information is the same as the information to be verified, so as to verify the information to be verified, and obtain a verification result.
Taking advantage of the above example, the preset user name and user password are compared with the user name and user password to be authenticated, and whether the preset user name and user password are the same as the user name and user password to be authenticated is determined to perform authentication. In the embodiment of the application, if the first reference information is the same as the information to be verified, a verification result that the verification is passed is obtained. And if the first reference information is different from the information to be verified, obtaining a verification result of which the verification fails.
In some embodiments, after step S103B "the controlled device remotely logged in determines whether the first reference information is the same as the information to be verified, so as to verify the information to be verified, and obtain a verification result", the method further includes:
step S103C, if the first reference information is different from the to-be-verified information, the controlled device remotely logged in obtains the input times of the to-be-verified information.
In the embodiment of the application, if the information to be verified is input once, the input times are recorded as 1, and 1 is added to the count input at the previous time every time the information is input once. Illustratively, the information to be authenticated is a password, the count of the password input for the first time is 1, and the count of the password input for the second time is 2, so that it can be determined that any password input is the input for the second time. In the embodiment of the application, the passwords input at any two times can be the same or different.
In step S103D, the remotely logged controlled device determines whether the input frequency reaches a preset frequency threshold.
In the embodiment of the present application, when the input number reaches the preset number threshold, step S103E is executed, and when the input number does not reach the preset number threshold, step S103F is executed.
Step S103E, if the input times reaches a preset time threshold and the first reference information is different from the to-be-verified information, the remotely logged controlled device obtains a verification result that the verification fails.
In the embodiment of the present application, the number threshold may be preset by an administrator, for example, the number threshold may be set to 3 times. And when the information to be verified is input for the 3 rd time, if the first reference information is different from the information to be verified, the controlled equipment which remotely logs in obtains a verification result that the verification fails, at this moment, the remote login session is ended, and the process is ended.
In step S103F, the remotely registered controlled device outputs the prompt information.
In the embodiment of the application, the preset frequency threshold value is set, the fact that the remote login session is directly ended when an input error occurs is avoided, user experience is improved, and the control terminal corresponding to the remote login session can be effectively prevented from breaking the first reference information through the preset frequency threshold value.
In some embodiments, after "verifying the received information to be verified based on the preset first reference information to obtain the verification result" in step S103, the method further includes:
and step S105, if the verification result is that the verification fails, the controlled device of the remote login ends the remote login session.
And step S106, adding the IP address into the IP address blacklist by the remote login controlled device.
In the embodiment of the application, if the verification result is that the verification fails, the remote login session is ended, the IP address is added into the IP address blacklist, and the process is ended at this time.
In some embodiments, after step S104 "if the verification result is that the verification is passed, the controlled device remotely logged in allows the control terminal to perform remote control on itself", the method further includes:
and S107, the controlled device remotely logged in monitors the remote control operation performed by the control terminal.
Step S108, if it is monitored that the control terminal performs remote control operation exceeding the preset authority, the remotely logged controlled equipment is forbidden to respond to the remote control operation.
In the embodiment of the application, the preset authority can be determined according to needs or asset importance conditions. If the remote control operation has the operation exceeding the preset authority, the operation can be regarded as dangerous operation behavior. The preset authority comprises the following steps: loading illegal drivers, running virus files, closing host safety protection devices and the like. Illustratively, the remote control operation includes attempting to load an illegal driver, attempting to run a virus file, attempting to close a host security device, whitening the virus file, running a known hacking tool, etc., and the remote control operation is considered to exceed the preset authority, i.e., the remote control operation is considered to be a dangerous behavior.
In the embodiment of the application, under the condition of RDP login, the preset authority is monitored for the specified important assets, and risks caused by cracking or leakage of the first reference information are avoided.
In some embodiments, the step S102 "the controlled device remotely logged in outputs prompt information for prompting to input information to be verified" may be implemented by the steps S1021 to S1022:
and step S1021, the controlled equipment of remote login outputs a login authentication window, and the login authentication window is used for inputting information to be verified.
In the embodiment of the application, a login authentication window pops up for a Windows system or a Linux system with a display interface, and an account password is required to be input.
In some embodiments, the account password can be input in a shell form for a Linux system without a display interface.
In step S1022, the controlled device for remote login outputs a prompt time for ending the login authentication window.
In the embodiment of the application, when the login authentication window is output, the time for outputting the login authentication window is limited, so that the risk of explosion of the attempted verification information is avoided.
Based on the foregoing embodiments, fig. 3 is a schematic flow chart of another implementation of the control method for remote login according to an embodiment of the present application, and as shown in fig. 3, the method includes:
in step S301, the control device receives an operation instruction for starting remote control by a user.
In this embodiment of the application, the operation instruction may be an instruction triggered by an operation of invoking a port of a controlled device for remote login from a network. The remotely logged in controlled device may be a server.
Step S302, the control device outputs a login interface for establishing a remote login session.
In an embodiment of the application, the login interface is at least used for inputting a password.
Step S303, the control device receives login authentication information input by the user on the login interface.
In an embodiment of the present application, the login information is used to establish a remote login session.
And step S304, the control device sends a request for establishing a login session to the remotely logged in controlled device based on the login authentication information.
In the embodiment of the present application, the request for establishing a login session at least includes login authentication information.
In step S305, the remotely logged controlled device receives the login information and determines whether the authentication is successful based on the second reference information.
In the embodiment of the present application, determining whether the verification is successful or not based on the second reference information includes, when implemented: and comparing the second reference information with the login authentication information, wherein if the second reference information is the same as the login authentication information, the authentication is successful. If the second reference information is different from the login authentication information, the authentication fails. In the embodiment of the present application, if the verification is successful, step S306 is executed, and if the verification is not successful, step S317 is executed.
Step S306, the controlled device of remote login establishes remote login session and forbids the control terminal corresponding to the remote login session to control the remote control of the controlled device.
In the embodiment of the application, an interface on a remotely logged-in controlled terminal is displayed on a display device of a control terminal, so that the control terminal determines that the establishment of a remotely logged-in session is successful, but at this time, the control terminal cannot control the remotely logged-in control device. In the embodiment of the present application, prohibiting remote control includes: forbidding to enter the desktop and/or forbidding to call shortcut keys and the like.
In step S307, the remotely registered controlled device outputs a prompt message.
In the embodiment of the present application, the prompt information is used to input control verification information (to-be-verified information in the above embodiments). In this embodiment, the prompt information may be output through a login authentication window, and the login authentication window provides an interface for inputting the control verification information.
And step S308, the control equipment receives the input control verification information and sends the control verification information to the controlled equipment which is remotely logged in.
In the embodiment of the application, the control verification information is used for verifying whether the control device is allowed to remotely control the remote terminal.
Step S309, the controlled device of the remote login verifies the control verification information based on the preset first reference information to obtain a verification result.
In an embodiment of the present application, the first reference information and the second reference information are different. By setting the first reference information and the second reference information to be different, the defense capability of the remote controlled terminal is improved, and the difficulty of virus attack is improved. In the embodiment of the application, the first reference information is compared with the control verification information to verify the control verification information.
In step S310, the remotely logged in controlled device determines whether the verification result passes the verification.
In the embodiment of the present application, if the first reference information is the same as the control verification information, the verification is passed, and step S311 is performed, and if the first reference information is different from the control verification information, the verification is not passed, and step S312 is performed.
In step S311, the remotely logged controlled device allows the control terminal to remotely control itself.
Taking over the above example, the control device is allowed to enter the desktop and/or a shortcut is invoked. That is, not only the interface of the remotely logged-in control apparatus is displayed on the control terminal, but also the remotely logged-in control apparatus can be controlled.
Step S312, the remote logged-in control device monitors the remote control operation performed by the control terminal.
In step S313, the remote login control device determines whether or not the remote control operation of the preset authority is exceeded.
In the embodiment of the application, if the remote control operation exceeds the preset authority, the response to the remote control operation is forbidden. If the remote control operation does not exceed the preset authority, executing
In step S314, the remote logged-in control apparatus prohibits the response to the remote control operation.
In the embodiment of the present application, after the step S314 is executed, the step S312 is continuously executed.
Step S315, the remotely logged in control device responds to the remote control operation.
In the embodiment of the present application, after step S315 is completed, step S312 is continuously executed.
Step S316, the controlled device for remote login ends the remote login session.
In step S317, the remotely logged in controlled device refuses to establish the remote login session. At which point the process ends.
According to the control method for remote login, when it is monitored that the remote login session is successfully established, the control terminal corresponding to the remote login session is not allowed to directly remotely control the remote login session, the control terminal is prompted to input a control password (namely information to be verified), the control password is different from the password corresponding to the establishment of the remote login session, when the input control password is correct, the control terminal is allowed to remotely control the remote login session, and therefore the defense capability of controlled equipment of the remote login on virus attack or attack by bypassing a protection device after the remote login is enhanced.
The safety protection device (such as antivirus software) on the terminal (the same as the controlled device of the remote login in the above embodiments) has the problem that it is difficult to identify whether the person coming in is a really legal person, and the person is judged only by normal login, so that the person falls down. Therefore, the embodiment of the application mainly achieves protection against the Lesox virus attack by strengthening the security protection after the remote login. Because the identification cost for strengthening whether the login person is legal or not is too high, misjudgment is easy to occur, and usability is lost, in the embodiment of the application, a verification mode is added in the remote login process, whether the login is the real administrator login or not is identified, and the illegal login behavior is blocked instead of an attacker holding a legal key. An embodiment of the present application further provides a method for controlling remote login, where the method is applied to a controlled device for remote login, fig. 4 is a schematic flow chart of the method for controlling remote login provided in the embodiment of the present application, and as shown in fig. 4, the method includes:
in step S401, a successful telnet session is detected (as monitored in the above embodiments).
Step S402, judging the IP address of the control terminal corresponding to the remote login session is a blocking IP address.
In the embodiment of the application, the remote login is identified based on monitoring the RDP protocol, SSH protocol or network session creation of a specified port, for example, the local port of RDP is 3389. When there is a new telnet session creation, it may be identified that there is new telnet activity. The IP address of the remote end (the control terminal in each of the above embodiments) may also be extracted through the network session (the same as the remote login session in each of the above embodiments), and whether the IP address is an IP address in the blocking list (the same as the IP address blacklist in each of the above embodiments) is determined, and if so, the login is blocked (the remote login session is ended in each of the above embodiments).
In the embodiment of the application, the login behavior can be blocked/ended by cutting off the network session, and meanwhile, for the case that the illegal login behavior occurs and the specified time needs to be blocked, the remote IP address is extracted from the network session, and when the IP address tries to log in next time (and the blocking time is not expired), the network session of the IP is directly cut off to realize the blocking.
In the embodiment of the present application, if the time is not expired in the blocking IP address (i.e., in the blocking list), step S408 is executed. If not, step S403 is performed.
Step S403, preventing entry into the desktop and other operations (the remote control of the control terminal corresponding to the remote login session is prohibited to itself in the above embodiments).
Illustratively, a Windows system or bounded-surface Linux system takes over the desktop by the client agent, not letting in, while intercepting all possible bypassed shortcuts (such as call task manager and resource manager).
In step S404, a secondary authentication prompt (i.e., output prompt information in the above embodiments) is popped up.
Taking over the above example, when a secondary authentication prompt, that is, a login authentication window, pops up, and requests to input an account password, and prompts to count down (as the waiting time threshold in the above embodiments), the count down is exemplarily 90 seconds. In the embodiment of the application, the password blasting is effectively avoided by setting the countdown. And if the interface-free Linux system is adopted, taking over the input of the shell style abstract password.
In the embodiment of the present application, a password for secondary authentication (i.e., the first reference information in the above embodiments) known by the administrator is set, and the secondary authentication password is different from a password for remote login (i.e., the second reference information in the above embodiments), but both the password for secondary authentication and the password for remote login have reasonable password strength (e.g., a combination of numerical letters), and after the remote login is successful, secondary authentication is required, and after the authentication is successful, entry into the desktop is allowed for control.
In step S405, it is determined whether a timeout (i.e., the countdown in the above-described embodiment) is input.
In the embodiment of the present application, if the input is timed out, step S413 is executed, and if the input is not timed out, step S406 is executed.
Step S406, determine whether the input is correct.
In the embodiment of the present application, if the input is incorrect, step S407 is executed. If the input is correct, step S409 is executed.
In step S407, it is determined whether or not the multiple input error exceeds the frequency threshold.
In the embodiment of the present application, if the number of times does not exceed the threshold, step S404 is executed. If the number of times threshold is exceeded, step S408 is performed.
And step S408, plugging the remote IP login designated time, and ending the process at this moment.
Step S409, whether the strict mode has been enabled.
In the embodiment of the application, the strict mode can be determined according to needs or asset importance. The strict mode is to monitor and control dangerous behaviors, if the preset authority is exceeded, the remote control operation can be regarded as dangerous operation behaviors, and when the dangerous behaviors exist, the operation of the dangerous behaviors is forbidden. In the embodiment of the present application, the authority may be preset according to needs or important conditions of assets, for example, if exceeding the preset authority includes but is not limited to attempting to load an illegal driver, attempting to run a virus file, attempting to close a host security protection device (such as antivirus software), whitening the virus file, running a well-known hacking tool, and the like, these dangerous behaviors exceeding the preset authority are all the capabilities of the terminal protection software device, but are often passed through by "legal administrator login".
In the embodiment of the application, after the authentication is successful, whether dangerous behaviors exist or not is continuously monitored, for example, illegal drivers are tried to be loaded, virus files are tried to be operated, a host safety protection device (such as antivirus software) is tried to be closed, the virus files are whitened, a known hacker tool is operated, the dangerous behaviors are limited, and the risk of repeated rutting after secondary authentication passwords are leaked is avoided.
In the embodiment of the present application, if the strict mode is enabled, step 410 is executed. If the strict mode is not enabled, step S414 is performed.
Step S410, performing illegal authority monitoring.
In step S411, it is determined whether an illegal operation is performed.
When the illegal operation is not performed, step S410 is performed. When the illegal operation is performed, step S412 is performed.
Step S412, preventing illegal activities.
The illegal action is prevented and then the process continues to step S410.
In step S413, the unauthorized login is determined, and the login is terminated. At which point the process ends.
Step S414, determining a legitimate login.
According to the control method for remote login, the luroso virus attack is protected by carrying out secondary authentication on the remote login, and any attack method which is achieved by bypassing all protection devices after the remote login is carried out is protected. The server is protected by reinforcing the server by performing secondary authentication for telnet.
Based on the foregoing embodiments, the present application provides a remote login control device, where the modules included in the device and the units included in the modules may be implemented by a processor in a computer device; of course, the implementation can also be realized through a specific logic circuit; in the implementation process, the processor may be a Central Processing Unit (CPU), a Microprocessor Unit (MPU), a Digital Signal Processor (DSP), a Field Programmable Gate Array (FPGA), or the like.
An embodiment of the present application further provides a remote login control device, and fig. 5 is a schematic structural diagram of the remote login control device provided in the embodiment of the present application, as shown in fig. 5, the remote login control device 500 includes:
a first prohibiting module 501, configured to prohibit a control terminal corresponding to a remote login session from performing remote control on the control terminal if it is monitored that the remote login session is successfully established;
a first output module 502, configured to output a prompt message, where the prompt message is used to prompt to input information to be verified;
the verification module 503 is configured to verify the received information to be verified based on preset first reference information to obtain a verification result, where the first reference information is different from second reference information required for successfully establishing the telnet session;
and the control module 504 is configured to allow the control terminal to perform remote control on the control terminal if the verification result is that the verification is passed.
In some embodiments, the remote login control device 500 further includes:
the first determining module is used for determining the IP address of the control terminal according to the remote login session;
a first ending module, configured to end the telnet session if the IP address is in an IP address blacklist;
and the second output module is used for outputting the prompt message if the IP address is not in the IP address blacklist.
In some embodiments, the remote login control device 500 further includes:
the second determining module is used for determining the interval duration between the moment when the IP address is added into the IP address blacklist and the current moment;
and the moving-out module is used for moving the IP address out of the IP address blacklist if the interval duration reaches a preset forbidden duration threshold.
In some embodiments, the remote login control device 500 further includes:
a second ending module, configured to end the telnet session if the to-be-verified information is not received within a waiting duration threshold;
correspondingly, the verification module 503 includes:
the acquisition unit is used for acquiring preset first reference information if the information to be verified is received within the waiting time threshold;
and the determining unit is used for determining whether the first reference information is the same as the information to be verified so as to verify the information to be verified to obtain a verification result, wherein if the first reference information is the same as the information to be verified, the verification result which passes the verification is obtained.
In some embodiments, the remote login control device 500 further includes:
the acquisition module is used for acquiring the input times of the information to be verified if the first reference information is different from the information to be verified;
the obtaining module is used for obtaining a verification result which is not verified if the input times reach a preset time threshold value and the first reference information is different from the information to be verified;
and the third output module is used for outputting prompt information if the input times do not reach the time threshold value.
In some embodiments, the remote login control device 500 further includes:
a third ending module, configured to end the telnet session if the verification result is that the verification fails;
and the adding module is used for adding the IP address into the IP address blacklist.
In some embodiments, the remote login control device 500 further includes:
the monitoring module is used for monitoring the remote control operation of the control terminal;
and the second forbidding module is used for forbidding to respond to the remote control operation if the remote control operation exceeding the preset authority is monitored to be performed by the control terminal.
In some embodiments, the first output module 502 includes:
the system comprises a first output unit, a second output unit and a verification unit, wherein the first output unit is used for outputting a login authentication window which is used for inputting information to be verified;
and the second output unit is used for outputting the prompt time for finishing the login authentication window.
The above description of the apparatus embodiments, similar to the above description of the method embodiments, has similar beneficial effects as the method embodiments. For technical details not disclosed in the embodiments of the apparatus of the present application, reference is made to the description of the embodiments of the method of the present application for understanding.
According to the control device for remote login provided by the embodiment of the application, when the first forbidding module 501 monitors that the remote login session is successfully established, the control terminal corresponding to the remote login session is forbidden to remotely control the control terminal, the first output module 502 outputs the prompt message prompting the input of the information to be verified, the verification module 503 verifies the input information to be verified based on the first reference message, and the control module 504 allows the control terminal to remotely control the control terminal if the verification is successful, so that the defense against virus attack or attack bypassing the protection device after the remote login is enhanced.
It should be noted that, in the embodiment of the present application, if the above-mentioned remote login control method is implemented in the form of a software functional module and is sold or used as a standalone product, it may also be stored in a computer readable storage medium. Based on such understanding, the technical solutions of the embodiments of the present application may be essentially implemented or portions thereof contributing to the prior art may be embodied in the form of a software product stored in a storage medium, and including several instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read Only Memory (ROM), a magnetic disk, or an optical disk. Thus, embodiments of the present application are not limited to any specific combination of hardware and software.
Accordingly, an embodiment of the present application provides a storage medium, on which a computer program is stored, wherein the computer program is executed by a processor to implement the steps in the control method for remote login provided in the above embodiment.
An embodiment of the present application provides a computer device, fig. 6 is a schematic structural diagram of a composition of the computer device provided in the embodiment of the present application, and as shown in fig. 6, the computer device 600 includes: a processor 601, at least one communication bus 602, a user interface 603, at least one external communication interface 604, and memory 605. Wherein the communication bus 602 is configured to enable connective communication between these components. The user interface 603 may comprise a display screen, and the external communication interface 604 may comprise a standard wired interface and a wireless interface, among others. Wherein the processor 601 is configured to execute the program of the control method of remote login stored in the memory to realize the steps in the control method of remote login provided in the above embodiments
The above description of the computer device and storage medium embodiments is similar to the description of the method embodiments above, with similar beneficial effects as the method embodiments. For technical details not disclosed in the embodiments of the computer device and the storage medium of the present application, reference is made to the description of the embodiments of the method of the present application for understanding.
Here, it should be noted that: the above description of the storage medium and device embodiments is similar to the description of the method embodiments above, with similar advantageous effects as the method embodiments. For technical details not disclosed in the embodiments of the storage medium and apparatus of the present application, reference is made to the description of the embodiments of the method of the present application for understanding.
It should be appreciated that reference throughout this specification to "one embodiment" or "an embodiment" means that a particular feature, structure or characteristic described in connection with the embodiment is included in at least one embodiment of the present application. Thus, the appearances of the phrases "in one embodiment" or "in an embodiment" in various places throughout this specification are not necessarily all referring to the same embodiment. Furthermore, the particular features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. It should be understood that, in the various embodiments of the present application, the sequence numbers of the above-mentioned processes do not mean the execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present application. The above-mentioned serial numbers of the embodiments of the present application are merely for description and do not represent the merits of the embodiments.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above-described device embodiments are merely illustrative, for example, the division of the unit is only a logical functional division, and there may be other division ways in actual implementation, such as: multiple units or components may be combined, or may be integrated into another system, or some features may be omitted, or not implemented. In addition, the coupling, direct coupling or communication connection between the components shown or discussed may be through some interfaces, and the indirect coupling or communication connection between the devices or units may be electrical, mechanical or other forms.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units; can be located in one place or distributed on a plurality of network units; some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, all functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may be separately regarded as one unit, or two or more units may be integrated into one unit; the integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional unit.
Those of ordinary skill in the art will understand that: all or part of the steps for realizing the method embodiments can be completed by hardware related to program instructions, the program can be stored in a computer readable storage medium, and the program executes the steps comprising the method embodiments when executed; and the aforementioned storage medium includes: various media that can store program codes, such as a removable Memory device, a Read Only Memory (ROM), a magnetic disk, or an optical disk.
Alternatively, the integrated units described above in the present application may be stored in a computer-readable storage medium if they are implemented in the form of software functional modules and sold or used as independent products. Based on such understanding, the technical solutions of the embodiments of the present application may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a controller to execute all or part of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: a removable storage device, a ROM, a magnetic or optical disk, or other various media that can store program code.
The above description is only for the embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of changes or substitutions within the technical scope of the present application, and shall be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (11)
1. A method for controlling telnet, the method comprising:
if the remote login session is successfully established, prohibiting the control terminal corresponding to the remote login session from remotely controlling the control terminal;
outputting prompt information, wherein the prompt information is used for prompting the input of information to be verified;
verifying the received information to be verified based on preset first reference information to obtain a verification result;
and if the verification result is that the verification is passed, allowing the control terminal to remotely control the control terminal.
2. The method of claim 1, further comprising:
determining the IP address of the control terminal according to the remote login session;
if the IP address is in an IP address blacklist, ending the remote login session;
and if the IP address is not in the IP address blacklist, outputting the prompt message.
3. The method of claim 2, further comprising:
determining the interval duration between the moment when the IP address is added into the IP address blacklist and the current moment;
and if the interval time reaches a preset forbidden time threshold, moving the IP address out of the IP address blacklist.
4. The method of claim 1, wherein after the outputting the prompt message, the method further comprises:
if the information to be verified is not received within the waiting time threshold, ending the remote login session;
correspondingly, the received information to be verified is verified based on the preset first reference information to obtain a verification result, and the verification result comprises the following steps:
if the information to be verified is received in the waiting time threshold, acquiring preset first reference information;
and determining whether the first reference information is the same as the information to be verified to verify the information to be verified to obtain a verification result, wherein if the first reference information is the same as the information to be verified, a verification result which passes the verification is obtained.
5. The method of claim 4, further comprising:
if the first reference information is different from the information to be verified, acquiring the input times of the information to be verified;
if the input times reach a preset time threshold value and the first reference information is different from the information to be verified, obtaining a verification result that the verification fails;
and if the input times do not reach the time threshold value, outputting prompt information.
6. The method of claim 2, further comprising:
if the verification result is that the verification fails, ending the remote login session;
and adding the IP address into the IP address blacklist.
7. The method according to any one of claims 1 to 6, further comprising:
monitoring remote control operation performed by the control terminal;
and if the control terminal is monitored to perform remote control operation exceeding the preset authority, forbidding to respond to the remote control operation.
8. The method according to claim 1, wherein the outputting prompt information, the prompt information being used for prompting to input information to be verified, comprises:
outputting a login authentication window, wherein the login authentication window is used for inputting information to be verified;
and outputting the prompt time for finishing the login authentication window.
9. A telnet control device, the device comprising:
the first forbidding module is used for forbidding the control terminal corresponding to the remote login session to remotely control the control terminal if the remote login session is successfully established;
the first output module is used for outputting prompt information, and the prompt information is used for prompting the input of information to be verified;
the verification module is used for verifying the received information to be verified based on preset first reference information to obtain a verification result;
and the control module is used for allowing the control terminal to remotely control the control terminal if the verification result is that the verification is passed.
10. A computer device, characterized in that the computer device comprises at least:
a processor; and
a memory for storing a computer program operable on the processor;
wherein the computer program realizes the steps of the method of controlling telnet according to any one of claims 1 to 8 when executed by a processor.
11. A computer storage medium having computer-executable instructions stored therein, the computer-executable instructions configured to perform the steps of the method of controlling telnet according to any of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010386656.7A CN111628973B (en) | 2020-05-09 | 2020-05-09 | Remote login control method and device, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010386656.7A CN111628973B (en) | 2020-05-09 | 2020-05-09 | Remote login control method and device, computer equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111628973A true CN111628973A (en) | 2020-09-04 |
| CN111628973B CN111628973B (en) | 2022-11-22 |
Family
ID=72272700
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010386656.7A Active CN111628973B (en) | 2020-05-09 | 2020-05-09 | Remote login control method and device, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111628973B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114338072A (en) * | 2021-11-08 | 2022-04-12 | 国网浙江省电力有限公司宁波供电公司 | Remote login permission detection method for Root account of power distribution automation terminal |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070294524A1 (en) * | 2006-06-16 | 2007-12-20 | Fujitsu Limited | Storage control apparatus, storage control method, and storage apparatus |
| CN105262774A (en) * | 2015-11-11 | 2016-01-20 | 浪潮(北京)电子信息产业有限公司 | Remote login method |
| US20180077568A1 (en) * | 2016-09-09 | 2018-03-15 | Dell Products L.P. | Enabling remote access to a service controller having a factory-installed unique default password |
| CN109257338A (en) * | 2018-08-29 | 2019-01-22 | 厦门快快网络科技有限公司 | A kind of System and method for of server log re-authentication |
| CN110931015A (en) * | 2019-12-04 | 2020-03-27 | 奇瑞新能源汽车股份有限公司 | Safety verification system and method for remotely controlling vehicle |
-
2020
- 2020-05-09 CN CN202010386656.7A patent/CN111628973B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070294524A1 (en) * | 2006-06-16 | 2007-12-20 | Fujitsu Limited | Storage control apparatus, storage control method, and storage apparatus |
| CN105262774A (en) * | 2015-11-11 | 2016-01-20 | 浪潮(北京)电子信息产业有限公司 | Remote login method |
| US20180077568A1 (en) * | 2016-09-09 | 2018-03-15 | Dell Products L.P. | Enabling remote access to a service controller having a factory-installed unique default password |
| CN109257338A (en) * | 2018-08-29 | 2019-01-22 | 厦门快快网络科技有限公司 | A kind of System and method for of server log re-authentication |
| CN110931015A (en) * | 2019-12-04 | 2020-03-27 | 奇瑞新能源汽车股份有限公司 | Safety verification system and method for remotely controlling vehicle |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114338072A (en) * | 2021-11-08 | 2022-04-12 | 国网浙江省电力有限公司宁波供电公司 | Remote login permission detection method for Root account of power distribution automation terminal |
| CN114338072B (en) * | 2021-11-08 | 2023-09-22 | 国网浙江省电力有限公司宁波供电公司 | Remote login permission detection method for Root account of power distribution automation terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111628973B (en) | 2022-11-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109766699B (en) | Operation behavior intercepting method and device, storage medium and electronic device | |
| US11604861B2 (en) | Systems and methods for providing real time security and access monitoring of a removable media device | |
| US9648029B2 (en) | System and method of active remediation and passive protection against cyber attacks | |
| US20040103317A1 (en) | Method and apparatus for protecting secure credentials on an untrusted computer platform | |
| CN107431705B (en) | Dynamic security module terminal device and driving method thereof | |
| RU2583710C2 (en) | System and method for providing privacy of information used during authentication and authorisation operations using trusted device | |
| US20210320787A1 (en) | Storing and using multipurpose secret data | |
| US20170201528A1 (en) | Method for providing trusted service based on secure area and apparatus using the same | |
| CN111628973B (en) | Remote login control method and device, computer equipment and storage medium | |
| CN112822176B (en) | Remote APP identity authentication method | |
| KR101265474B1 (en) | Security service providing method for mobile virtualization service | |
| KR101404537B1 (en) | A server access control system by automatically changing user passwords and the method thereof | |
| US11070372B2 (en) | Storing and using multipurpose secret data | |
| US20210004472A1 (en) | Storing and using multipurpose secret data | |
| Dehghantanha et al. | Towards data centric mobile security | |
| US10972469B2 (en) | Protecting critical data and application execution from brute force attacks | |
| Alrubaie et al. | A Cybersecurity Architecture to Mitigate Shamoon Attacks | |
| Banda et al. | Technological paradox of hackers begetting hackers: A case of ethical and unethical hackers and their subtle tools | |
| Hamadi | Investigating vulnerabilities in a home network with Kali Linux | |
| CN111343194A (en) | Camera violation identification method, system and equipment and computer storage medium | |
| Choi | IoT (Internet of Things) based Solution Trend Identification and Analysis Research | |
| Verma | Cybersecurity and Privacy Fundamentals | |
| Mubeen et al. | Strategies to Avoid Illegal Data Access | |
| Shen et al. | The Impact of Attacking Windows Using a Backdoor Trojan | |
| Abdulhamid et al. | Advanced Computer and Network Security |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |