CN112069093A - Detection method and device for illegal external connection of IPKVM (Internet protocol-virtual keyboard and video mouse) equipment - Google Patents

Detection method and device for illegal external connection of IPKVM (Internet protocol-virtual keyboard and video mouse) equipment Download PDF

Info

Publication number
CN112069093A
CN112069093A CN202010788458.3A CN202010788458A CN112069093A CN 112069093 A CN112069093 A CN 112069093A CN 202010788458 A CN202010788458 A CN 202010788458A CN 112069093 A CN112069093 A CN 112069093A
Authority
CN
China
Prior art keywords
mode
equipment
terminal
connection
illegal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010788458.3A
Other languages
Chinese (zh)
Inventor
林皓
宋海英
杨泳
毕永东
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing North Source Software Co ltd
Beijing VRV Software Corp Ltd
Original Assignee
Beijing North Source Software Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing North Source Software Co ltd filed Critical Beijing North Source Software Co ltd
Priority to CN202010788458.3A priority Critical patent/CN112069093A/en
Publication of CN112069093A publication Critical patent/CN112069093A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F13/10Program control for peripheral devices
    • G06F13/102Program control for peripheral devices where the programme performs an interfacing function, e.g. device driver
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the invention provides a method and a device for detecting illegal external connection of IPKVM equipment, wherein the method comprises the following steps: selecting a starting mode of a server according to a user instruction; sending the starting mode to a terminal; receiving violation data sent by the terminal; and the violation data is detected and acquired by the terminal according to the starting mode. The server is provided with the blacklist mode and the white list mode, and the client is issued with the strategy to manage the connection equipment of the management terminal, so that monitoring and management of illegal external connection of an intranet and an extranet of an enterprise are realized, meanwhile, whether hardware equipment is connected with illegal equipment or not can be judged, a report and an early warning are generated, and the secret-related risk of the enterprise is reduced.

Description

Detection method and device for illegal external connection of IPKVM (Internet protocol-virtual keyboard and video mouse) equipment
Technical Field
The invention relates to the technical field of information security, in particular to a method and a device for detecting illegal external connection of IPKVM equipment.
Background
KVM devices are abbreviations for Keyboard (Keyboard), display (Video), Mouse (Mouse). The IPKVM appliance is an appliance of a KVM switch with a remote management function. The device can remotely control the server through the network, once the server of the enterprise is remotely connected and controlled, great risk of disclosure is brought to the enterprise, so the method and the device for finding the illegal external connection can directly control the external connection device by monitoring the server in real time and setting the illegal external connection strategy according to the situation, and if the illegal external connection situation is found, the external connection device can not correctly display information, thereby reducing the risk of the disclosure.
At present, the installation and connection of the IPKVM (KVM switcher with remote management function) equipment in the market are simple, the IPKVM equipment and a controlled computer are connected by an HDMI (high definition multimedia interface) line and a USB-B (universal serial bus-B) data line, and the equipment can be remotely controlled through a network (wired, WIFI (wireless fidelity) and hot spot). The controlled equipment range comprises hardware equipment such as a PC (personal computer), a server, a PLC (programmable logic controller) industrial control computer and the like, a control end only needs to transmit desktop content of an intranet through the Internet by means of an IP (Internet protocol) network, if the desktop content of the intranet is displayed on an outer network, photographing extraction cannot be controlled, and intranet data leakage is caused.
Therefore, how to monitor and manage illegal external connection of an intranet and an extranet to judge whether hardware equipment is connected in violation of rules and regulations, and generate report early warning is needed, so that the problem that secret-related risks of enterprises are reduced is urgently solved.
Disclosure of Invention
The embodiment of the invention provides a detection method and a detection device for illegal external connection of IPKVM (Internet protocol virtual keyboard and video mouse) equipment, which are used for solving the defect that secret leakage risks can be brought to an enterprise when an enterprise server is remotely connected and controlled in the prior art, realizing monitoring and management of illegal external connection of an intranet and an extranet of the enterprise, judging whether hardware equipment is connected with the illegal equipment, generating reports and early warning at the same time and reducing the secret-related risks of the enterprise.
The embodiment of the invention provides a method for detecting illegal external connection of IPKVM equipment, which comprises the following steps:
selecting a starting mode of a server according to a user instruction;
sending the starting mode to a terminal;
receiving violation data sent by the terminal; and the violation data is detected and acquired by the terminal according to the starting mode.
Optionally, the enabling mode of the server specifically includes a blacklist mode and a whitelist mode;
the blacklist mode sets a blacklist and/or a USB access blacklist of the display equipment according to a user instruction;
and the white list mode sets a white list of display equipment and/or a USB access white list according to a user instruction.
Optionally, after receiving the violation data sent by the terminal, the method further includes:
and generating an illegal report according to the illegal data and generating an alarm.
The embodiment of the invention provides another detection method for illegal external connection of IPKVM equipment, which comprises the following steps:
receiving an enabling mode sent by the server, and managing the connection equipment of the terminal according to the enabling mode;
and sending the data of the illegal connection in the connection equipment of the terminal to the server.
Optionally, the managing the connection device of the terminal according to the enabling mode specifically includes:
determining whether the enabling mode is a blacklist mode or a whitelist mode;
if the starting mode is a white list mode, judging whether the connection equipment of the terminal belongs to a display equipment white list or a USB access white list, and if so, allowing the connection equipment of the terminal to be connected;
and if the starting mode is a blacklist mode, judging whether the connection equipment of the terminal belongs to a blacklist of display equipment or a USB access blacklist, if so, judging that the connection equipment of the terminal is in illegal connection, and performing corresponding processing.
Optionally, the performing the corresponding processing specifically includes:
and disabling the connection of the connection equipment of the terminal, generating violation data and sending the violation data to the server.
The embodiment of the invention provides a detection device for illegal external connection of IPKVM equipment, which comprises the following steps:
the starting mode selection module: the starting mode of the server is selected according to the user instruction;
the starting mode sending module: the starting mode is used for sending the starting mode to the terminal;
violation data receiving module: the terminal is used for receiving violation data sent by the terminal; and the violation data is detected and acquired by the terminal according to the starting mode.
An embodiment of the present invention provides another apparatus for detecting an illegal external connection of an IPKVM device, including:
the enabling mode receiving module: the connection equipment is used for receiving the starting mode sent by the server and managing the terminal according to the starting mode;
the violation data sending module: and the data used for sending the illegal connection in the connection equipment of the terminal to the server.
The embodiment of the present invention further provides an electronic device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the steps of any one of the above methods for detecting an illegal external connection of an IPKVM device when executing the program.
Embodiments of the present invention further provide a non-transitory computer readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the steps of the method for detecting an illegal external connection of an IPKVM device as described in any one of the above.
According to the detection method and device for illegal external connection of the IPKVM equipment, provided by the embodiment of the invention, the blacklist mode and the whitelist mode are set in the server, and the strategy is issued to the client to manage the connection equipment of the management terminal, so that monitoring and management of illegal external connection of an intranet and an extranet of an enterprise are realized, whether hardware equipment is connected with the illegal equipment or not can be judged, a report and early warning are generated, and the secret-related risk of the enterprise is reduced.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
FIG. 1 is a flowchart illustrating a method for detecting illegal external connection of an IPKVM device according to an embodiment of the present invention;
FIG. 2 is a flowchart illustrating another exemplary method for detecting illegal external connection of an IPKVM device according to the present invention;
FIG. 3 is a schematic structural diagram of a detection apparatus for illegal external connection of an IPKVM device according to an embodiment of the present invention;
FIG. 4 is a schematic structural diagram of another detecting apparatus for illegal external connection of IPKVM device according to the embodiment of the present invention;
fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The invention mainly aims to provide a detection method and a detection device for illegal external connection of IPKVM equipment.
Fig. 1 is a method for detecting an illegal external connection of an IPKVM device according to an embodiment of the present invention, and as shown in fig. 1, the process may specifically include:
step 101, selecting a starting mode of a server according to a user instruction;
specifically, the server in the present invention may have different corresponding enabling modes according to the preset instruction of the user. The method comprises a blacklist mode and a white list mode, wherein the blacklist mode can be added with a blacklist according to a user instruction, and after the blacklist mode is started, when equipment connected with a terminal is on the blacklist, the equipment can be processed according to a preset instruction. And if the white list is selected, setting the device white list and the USB access white list. The blacklist and whitelist contain VID (USB devices both have vendor ID) and product identification code (PID) of the client, and the host distinguishes different devices by different VID and PID.
The server blacklist mode and the server whitelist mode are set, and the strategy is issued to the client to manage the connection equipment of the management terminal, so that monitoring and management of illegal external connection of an intranet and an extranet of an enterprise are realized, and meanwhile, whether hardware equipment is connected with illegal equipment or not can be judged.
102, sending the starting mode to a terminal;
specifically, after a user selects the enabling mode of the server on one side of the server, the terminal judges the type of the device according to the enabling mode strategy issued by the server, namely if the connecting device belongs to a white list range, connection is allowed, if the connecting device belongs to a black list range, connection is forbidden, and the connection forbidding mode is failure of the USB keyboard device and black screen of the display device.
The starting mode of the server is issued to the terminal, so that the terminal manages the connection equipment, monitoring and management of illegal external connection of the intranet and the extranet of the enterprise are realized, and meanwhile, whether the hardware equipment is connected with illegal equipment or not can be judged.
Step 103, receiving violation data sent by the terminal; and the violation data is detected and acquired by the terminal according to the starting mode.
Specifically, after receiving the information of the server enabling mode, the terminal judges the device type according to the enabling mode strategy, namely if the connection device belongs to a white list range, connection is allowed, if the connection device belongs to a black list range, connection is forbidden, and the connection forbidding mode is failure of a USB keyboard device and black screen of a display device. And if the connecting equipment belongs to the blacklist range, generating violation data for the connecting equipment, and sending the violation data to the server. And the server receives violation data sent by the terminal.
According to the detection method for illegal external connection of the IPKVM equipment, provided by the embodiment of the invention, the blacklist mode and the whitelist mode are set in the server, and the strategy is issued to the client to manage the connection equipment of the management terminal, so that the monitoring management of illegal external connection of the intranet and the extranet of the enterprise is realized, meanwhile, whether the hardware equipment is connected with the illegal equipment or not can be judged, a report and early warning are generated, and the secret-related risk of the enterprise is reduced.
Optionally, on the basis of the foregoing embodiments, the enabling mode of the server specifically includes a blacklist mode and a whitelist mode;
the blacklist mode sets a blacklist and/or a USB access blacklist of the display equipment according to a user instruction;
and the white list mode sets a white list of display equipment and/or a USB access white list according to a user instruction.
Specifically, the server in the present invention may have different corresponding enabling modes according to the preset instruction of the user. The method comprises a blacklist mode and a white list mode, wherein the blacklist and the white list are set aiming at an enabling mode, if the blacklist is selected, the blacklist and/or the USB access blacklist of the display device are set, and if the white list is selected, the white list and/or the USB access white list of the device are set. The blacklist and whitelist contain VID (USB devices both have vendor ID) and product identification code (PID) of the client, and the host distinguishes different devices by different VID and PID.
The server blacklist mode and the server whitelist mode are set, and the strategy is issued to the client to manage the connection equipment of the management terminal, so that monitoring and management of illegal external connection of an intranet and an extranet of an enterprise are realized, and meanwhile, whether hardware equipment is connected with illegal equipment or not can be judged.
Optionally, on the basis of the foregoing embodiments, after receiving the violation data sent by the terminal, the method further includes:
and generating an illegal report according to the illegal data and generating an alarm.
Specifically, after receiving the violation data sent by the terminal, the server generates a violation report according to the violation content, where the violation report includes the type, mode, number, time, and the like of the violation device. And generating an alarm according to the illegal content according to the requirement, and reminding an administrator.
By generating the violation report and the alarm according to the violation data, the content of violation equipment can be recorded, and an administrator is reminded through the alarm, so that the security risk of an enterprise is reduced.
Fig. 2 is another detection method for illegal external connection of the IPKVM device according to the embodiment of the present invention, as shown in fig. 2, the process may specifically include:
step 201, receiving an enabling mode sent by the server, and managing a connection device of a terminal according to the enabling mode;
specifically, the server in the present invention may have different corresponding enabling modes according to the preset instruction of the user. The method comprises a blacklist mode and a white list mode, wherein the blacklist mode can be added with a blacklist according to a user instruction, and after the blacklist mode is started, when equipment connected with a terminal is on the blacklist, the equipment can be processed according to a preset instruction. And if the white list is selected, setting the device white list and the USB access white list. The blacklist and whitelist contain VID (USB devices both have vendor ID) and product identification code (PID) of the client, and the host distinguishes different devices by different VID and PID.
Step 202, sending the data of the illegal connection in the connection equipment of the terminal to the server.
Specifically, the terminal receives the enabling mode sent by the server, and manages the connection device of the terminal according to the received enabling mode. And meanwhile, sending the collected violation data of the connecting equipment of the terminal to the server.
By receiving the starting mode issued by the server and correspondingly managing the connection equipment according to the starting mode, monitoring and management of illegal external connection of the intranet and the extranet of the enterprise are realized, meanwhile, whether the hardware equipment is connected with illegal equipment or not can be judged, and illegal data are generated and sent to the server.
Optionally, on the basis of the foregoing embodiments, the managing, according to the enabling manner, the connection device of the terminal specifically includes:
determining whether the enabling mode is a blacklist mode or a whitelist mode;
if the starting mode is a white list mode, judging whether the connection equipment of the terminal belongs to a display equipment white list or a USB access white list, and if so, allowing the connection equipment of the terminal to be connected;
and if the starting mode is a blacklist mode, judging whether the connection equipment of the terminal belongs to a blacklist of display equipment or a USB access blacklist, if so, judging that the connection equipment of the terminal is in illegal connection, and performing corresponding processing.
Specifically, the enabling mode received by the terminal includes a blacklist mode and a whitelist mode; the server has the main functions of starting and setting a black and white list, issuing a strategy to the terminal, collecting terminal violation data, generating a report and giving an alarm. The main functions of the terminal are that the strategy issued by the server is received, whether the connection is the IPKVM equipment connection is judged according to the strategy, if the connection is the equipment connection, the connection is illegal, the connection is forbidden, the USB keyboard device is disabled, and the display device is in a black screen state. The embodiment provided by the invention applies a pc machine and needs to be installed. The terminal judges the type of the connecting equipment according to the strategy, if the connecting equipment belongs to the white list range, the connection is allowed, if the connecting equipment belongs to the black list range, the connection is forbidden, and the connection forbidding mode is that the USB keyboard device fails and the display device is in a black screen mode.
The server blacklist mode and the server whitelist mode are set, and the strategy is issued to the client to manage the connection equipment of the management terminal, so that monitoring and management of illegal external connection of an intranet and an extranet of an enterprise are realized, and meanwhile, whether hardware equipment is connected with illegal equipment or not can be judged.
Optionally, on the basis of the foregoing embodiments, the performing the corresponding processing specifically includes:
and disabling the connection of the connection equipment of the terminal, generating violation data and sending the violation data to the server.
Specifically, after the enabling mode is selected, a black list and a white list are set aiming at the enabling mode, and if the black list is selected, a black list and/or a USB access black list of the display device are set. When the connecting equipment belongs to the display equipment blacklist and/or the USB accesses the blacklist, the terminal disables the connection of the connecting equipment and prohibits the connection, and the connection disabling mode is the USB keyboard device failure and the display device black screen. And meanwhile, violation data is generated and sent to the server.
By receiving the starting mode issued by the server and correspondingly managing the connection equipment according to the starting mode, monitoring and management of illegal external connection of the intranet and the extranet of the enterprise are realized, meanwhile, whether the hardware equipment is connected with illegal equipment or not can be judged, and illegal data are generated and sent to the server.
Fig. 3 is a detection apparatus for detecting an illegal external connection of an IPKVM device according to an embodiment of the present invention, as shown in fig. 3, the detection apparatus specifically includes: an enabling mode selection module 301, an enabling mode sending module 302, and a violation data receiving module 303. The enabling mode selecting module 301 is configured to select an enabling mode of the server according to a user instruction; the enabling mode sending module 302 is configured to send the enabling mode to the terminal; the violation data receiving module 303 is configured to receive violation data sent by the terminal; and the violation data is detected and acquired by the terminal according to the starting mode.
Specifically, the enabling mode selecting module 301 is configured to select, according to a user instruction, an enabling mode of the server, where the enabling mode includes a blacklist mode and a whitelist mode; the starting mode sending module 302 is configured to send the starting mode to the terminal, and the terminal performs corresponding management on the external device after receiving the starting mode; the violation data receiving module 303 is configured to receive violation data sent by the terminal, and perform corresponding processing according to the received violation data; and the violation data is detected and acquired by the terminal according to the starting mode.
According to the detection device for the illegal external connection of the IPKVM equipment, provided by the embodiment of the invention, the blacklist mode and the whitelist mode are set in the server through the starting mode selection module 301, and the strategy is issued to the client through the starting mode sending module 302 to manage the connection equipment of the management terminal, so that the monitoring and management of the illegal external connection of the intranet and the extranet of an enterprise are realized, meanwhile, whether the hardware equipment is connected with the illegal equipment or not can be judged, a report and an early warning are generated, and the secret-related risk of the enterprise is reduced.
Fig. 4 is another detection apparatus for detecting an illegal external connection of an IPKVM device according to an embodiment of the present invention, as shown in fig. 4, the detection apparatus specifically includes: an enable mode reception module 401 and an offending data transmission module 402. The enabling mode receiving module 401 is configured to receive an enabling mode sent by the server, and manage a connection device of a terminal according to the enabling mode; the illegal data sending module 402 is configured to send data of the illegal connection in the connection device of the terminal to the server.
Specifically, the enabling mode receiving module 401 is configured to receive an enabling mode sent by the server, where the enabling mode includes a blacklist mode and a whitelist mode; managing the connection equipment of the terminal according to the received starting mode, judging whether the starting mode is a blacklist mode or a whitelist mode, if the starting mode is the whitelist mode, judging whether the connection equipment of the terminal belongs to a white list of display equipment or a USB access white list, and if so, allowing the connection equipment of the terminal to be connected; and if the starting mode is a blacklist mode, judging whether the connection equipment of the terminal belongs to a blacklist of display equipment or a USB access blacklist, if so, judging that the connection equipment of the terminal is in illegal connection, and performing corresponding processing. The illegal data sending module 402 is configured to send data of the illegal connection in the connection device of the terminal to the server.
The detection device for illegal external connection of the IPKVM equipment provided by the embodiment of the invention realizes monitoring and management of illegal external connection of an intranet and an extranet by receiving the starting mode issued by the server and correspondingly managing the connecting equipment according to the starting mode, and can judge whether the hardware equipment is connected with the illegal equipment, generate illegal data and send the illegal data to the server.
Fig. 5 illustrates a physical structure diagram of an electronic device, which may include, as shown in fig. 5: a processor (processor)810, a communication Interface 820, a memory 830 and a communication bus 840, wherein the processor 810, the communication Interface 820 and the memory 830 communicate with each other via the communication bus 840. The processor 810 may call logic instructions in the memory 830 to perform a method for detecting an IPKVM device violation outreach, the method comprising:
selecting a starting mode of a server according to a user instruction; sending the starting mode to a terminal; receiving violation data sent by the terminal; and the violation data is detected and acquired by the terminal according to the starting mode.
Or comprises the following steps:
receiving an enabling mode sent by the server, and managing the connection equipment of the terminal according to the enabling mode;
and sending the data of the illegal connection in the connection equipment of the terminal to the server.
In addition, the logic instructions in the memory 830 may be implemented in software functional units and stored in a computer readable storage medium when the logic instructions are sold or used as independent products. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
In another aspect, an embodiment of the present invention further provides a computer program product, where the computer program product includes a computer program stored on a non-transitory computer-readable storage medium, where the computer program includes program instructions, and when the program instructions are executed by a computer, the computer is capable of executing the method for detecting an ip kvm device violation external connection provided by the above-mentioned method embodiments, where the method includes:
selecting a starting mode of a server according to a user instruction; sending the starting mode to a terminal; receiving violation data sent by the terminal; and the violation data is detected and acquired by the terminal according to the starting mode.
Or comprises the following steps:
receiving an enabling mode sent by the server, and managing the connection equipment of the terminal according to the enabling mode;
and sending the data of the illegal connection in the connection equipment of the terminal to the server.
In another aspect, an embodiment of the present invention further provides a non-transitory computer-readable storage medium, on which a computer program is stored, where the computer program is implemented to, when executed by a processor, perform the method for detecting an illegal external connection of an IPKVM device provided in the foregoing embodiments, where the method includes:
selecting a starting mode of a server according to a user instruction; sending the starting mode to a terminal; receiving violation data sent by the terminal; and the violation data is detected and acquired by the terminal according to the starting mode.
Or comprises the following steps:
receiving an enabling mode sent by the server, and managing the connection equipment of the terminal according to the enabling mode;
and sending the data of the illegal connection in the connection equipment of the terminal to the server.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims (10)

1. The detection method for illegal external connection of the IPKVM equipment is characterized by comprising the following steps:
selecting a starting mode of a server according to a user instruction;
sending the starting mode to a terminal;
receiving violation data sent by the terminal; and the violation data is detected and acquired by the terminal according to the starting mode.
2. The method for detecting an illegal external connection of an IPKVM device according to claim 1, wherein the server is enabled in a black list mode and a white list mode;
the blacklist mode sets a blacklist and/or a USB access blacklist of the display equipment according to a user instruction;
and the white list mode sets a white list of display equipment and/or a USB access white list according to a user instruction.
3. The method for detecting illegal external connection of IPKVM (Internet protocol virtual keyboard and video mouse) equipment according to claim 1, wherein after receiving the illegal data sent by the terminal, the method further comprises:
and generating an illegal report according to the illegal data and generating an alarm.
4. The detection method for illegal external connection of the IPKVM equipment is characterized by comprising the following steps:
receiving an enabling mode sent by the server, and managing the connection equipment of the terminal according to the enabling mode;
and sending the data of the illegal connection in the connection equipment of the terminal to the server.
5. The method for detecting illegal external connection of IPKVM (Internet protocol virtual keyboard video mouse) equipment according to claim 4, wherein the managing the connection equipment of the terminal according to the enabling mode specifically comprises:
determining whether the enabling mode is a blacklist mode or a whitelist mode;
if the starting mode is a white list mode, judging whether the connection equipment of the terminal belongs to a display equipment white list or a USB access white list, and if so, allowing the connection equipment of the terminal to be connected;
and if the starting mode is a blacklist mode, judging whether the connection equipment of the terminal belongs to a blacklist of display equipment or a USB access blacklist, if so, judging that the connection equipment of the terminal is in illegal connection, and performing corresponding processing.
6. The method for detecting an illegal external connection of an IPKVM device according to claim 5, wherein the performing the corresponding process specifically comprises:
and disabling the connection of the connection equipment of the terminal, generating violation data and sending the violation data to the server.
7. Detection apparatus to IPKVM equipment violation external connection includes:
the starting mode selection module: the starting mode of the server is selected according to the user instruction;
the starting mode sending module: the starting mode is used for sending the starting mode to the terminal;
violation data receiving module: the terminal is used for receiving violation data sent by the terminal; and the violation data is detected and acquired by the terminal according to the starting mode.
8. Detection apparatus to IPKVM equipment violation external connection includes:
the enabling mode receiving module: the connection equipment is used for receiving the starting mode sent by the server and managing the terminal according to the starting mode;
the violation data sending module: and the data used for sending the illegal connection in the connection equipment of the terminal to the server.
9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor executes the program to implement the steps of the method for detecting an IPKVM device illegal external connection according to any of claims 1 to 6.
10. A non-transitory computer readable storage medium, having stored thereon a computer program, which, when being executed by a processor, performs the steps of the method for detecting an IPKVM device violation external connection according to any one of claims 1 to 6.
CN202010788458.3A 2020-08-07 2020-08-07 Detection method and device for illegal external connection of IPKVM (Internet protocol-virtual keyboard and video mouse) equipment Pending CN112069093A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010788458.3A CN112069093A (en) 2020-08-07 2020-08-07 Detection method and device for illegal external connection of IPKVM (Internet protocol-virtual keyboard and video mouse) equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010788458.3A CN112069093A (en) 2020-08-07 2020-08-07 Detection method and device for illegal external connection of IPKVM (Internet protocol-virtual keyboard and video mouse) equipment

Publications (1)

Publication Number Publication Date
CN112069093A true CN112069093A (en) 2020-12-11

Family

ID=73661639

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010788458.3A Pending CN112069093A (en) 2020-08-07 2020-08-07 Detection method and device for illegal external connection of IPKVM (Internet protocol-virtual keyboard and video mouse) equipment

Country Status (1)

Country Link
CN (1) CN112069093A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113554186A (en) * 2021-06-02 2021-10-26 京东科技控股股份有限公司 Device detection method, device detection apparatus, and readable storage medium
CN114531280A (en) * 2022-01-25 2022-05-24 北京北信源软件股份有限公司 Data leakage prevention method and device based on mobile terminal connected enterprise terminal
CN115987675A (en) * 2022-12-30 2023-04-18 北京明朝万达科技股份有限公司 Illegal external connection detection method and device, mobile terminal and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102549561A (en) * 2009-07-30 2012-07-04 弗莱克斯电子有限责任公司 Remote device diagnostic and repair apparatus and methods
US8286253B1 (en) * 2009-11-23 2012-10-09 Trend Micro Incorporated Data leakage prevention for resource limited device
CN103391216A (en) * 2013-07-15 2013-11-13 中国科学院信息工程研究所 Alarm and blocking method for illegal external connections
CN109804375A (en) * 2016-08-12 2019-05-24 日本鼎意株式会社 The system and method for generation for notification event
CN111212041A (en) * 2019-12-24 2020-05-29 贵州航天计量测试技术研究所 Mobile storage medium illegal external connection alarm system and method
CN210722478U (en) * 2019-12-03 2020-06-09 四川智康科技有限责任公司 Remote medical system based on KVM

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102549561A (en) * 2009-07-30 2012-07-04 弗莱克斯电子有限责任公司 Remote device diagnostic and repair apparatus and methods
US8286253B1 (en) * 2009-11-23 2012-10-09 Trend Micro Incorporated Data leakage prevention for resource limited device
CN103391216A (en) * 2013-07-15 2013-11-13 中国科学院信息工程研究所 Alarm and blocking method for illegal external connections
CN109804375A (en) * 2016-08-12 2019-05-24 日本鼎意株式会社 The system and method for generation for notification event
CN210722478U (en) * 2019-12-03 2020-06-09 四川智康科技有限责任公司 Remote medical system based on KVM
CN111212041A (en) * 2019-12-24 2020-05-29 贵州航天计量测试技术研究所 Mobile storage medium illegal external connection alarm system and method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
王国庄: "高校图书馆内网安全隐患与防范策略探讨", 《信息安全与通信保密》 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113554186A (en) * 2021-06-02 2021-10-26 京东科技控股股份有限公司 Device detection method, device detection apparatus, and readable storage medium
CN114531280A (en) * 2022-01-25 2022-05-24 北京北信源软件股份有限公司 Data leakage prevention method and device based on mobile terminal connected enterprise terminal
CN115987675A (en) * 2022-12-30 2023-04-18 北京明朝万达科技股份有限公司 Illegal external connection detection method and device, mobile terminal and storage medium
CN115987675B (en) * 2022-12-30 2024-03-19 北京明朝万达科技股份有限公司 Illegal external connection detection method and device, mobile terminal and storage medium

Similar Documents

Publication Publication Date Title
CN112069093A (en) Detection method and device for illegal external connection of IPKVM (Internet protocol-virtual keyboard and video mouse) equipment
CN104333863B (en) Connection management method and device, electronic equipment
EP2915089B1 (en) Privacy aware camera and device status indicator system
US9913315B2 (en) Method and device for connection management
CN105635122A (en) Wifi access method and device and electronic equipment
CN105450714A (en) Method and device for remotely controlling terminal application installation
CN109547449B (en) Safety detection method and related device
CN111881460A (en) Vulnerability exploitation detection method, system, equipment and computer storage medium
US20170372311A1 (en) Secure payment-protecting method and related electronic device
US9814091B2 (en) Information processing apparatus and computer program product
CN103841120A (en) Data security management method, mobile terminal and system based on digital watermarking
CN110213379B (en) Gateway setting method, system, gateway and computer readable storage medium
CN108344001A (en) User's guard method, device, system and micro-wave oven based on micro-wave oven
CN104657152B (en) Data transfer management method and electronic equipment
CN110493247B (en) Power distribution terminal communication detection method, system, equipment and computer medium
CN106162053B (en) Video monitoring equipment and network client thereof
CN111225378B (en) Intelligent wifi screening method, mobile terminal and terminal readable storage medium
WO2016026332A1 (en) Login processing method, apparatus and system
CN112954684A (en) Distribution network identifier generation method and device for testing to-be-distributed network equipment and terminal
CN104994225A (en) Short message sending control method and short message sending control device
CN107566146B (en) Method for automatically switching network cards
CN109874140A (en) A kind of network safety protection method, device, equipment and storage medium
CN114143075B (en) Security vulnerability early warning method, device and electronic equipment
CN112751721B (en) Cooking control method, device, server, computer storage medium and cooking control system
CN116627825A (en) Method, device, equipment and storage medium for detecting software behavior

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination