CN112738104B - Scanning method and device of weak password equipment - Google Patents

Scanning method and device of weak password equipment Download PDF

Info

Publication number
CN112738104B
CN112738104B CN202011599670.1A CN202011599670A CN112738104B CN 112738104 B CN112738104 B CN 112738104B CN 202011599670 A CN202011599670 A CN 202011599670A CN 112738104 B CN112738104 B CN 112738104B
Authority
CN
China
Prior art keywords
weak
scanning
passwords
password
target
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011599670.1A
Other languages
Chinese (zh)
Other versions
CN112738104A (en
Inventor
孙诗帅
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou DPTech Technologies Co Ltd
Original Assignee
Hangzhou DPTech Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou DPTech Technologies Co Ltd filed Critical Hangzhou DPTech Technologies Co Ltd
Priority to CN202011599670.1A priority Critical patent/CN112738104B/en
Publication of CN112738104A publication Critical patent/CN112738104A/en
Application granted granted Critical
Publication of CN112738104B publication Critical patent/CN112738104B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computing Systems (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Storage Device Security (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The application provides a scanning method and a device of weak password equipment, wherein the method comprises the following steps: grouping all weak passwords, and respectively adding each group of weak passwords to a scanning list corresponding to at least one target device; respectively scanning corresponding target equipment according to the weak passwords contained in each scanning list, and determining login weak passwords used by the target equipment which successfully logs in and the target equipment which does not successfully log in; adding the login weak password into a scanning list corresponding to target equipment which is not successfully logged in, and determining the target equipment which is successfully logged in as weak password equipment; according to the method and the device, the weak passwords are grouped, so that the utilization rate of the weak passwords is improved, meanwhile, the weak passwords which are successfully logged in are added to the scanning list corresponding to the target device which is not successfully logged in, and the accuracy and the efficiency of scanning are improved.

Description

Scanning method and device of weak password equipment
Technical Field
The present application relates to the field of network communication technologies, and in particular, to a method and an apparatus for scanning a weak password device.
Background
The network brings convenience to life and brings a lot of potential safety hazards, some lawbreakers carry out destruction activities after stealing the login password of the network account, the login password strength set by the network account is very important for protecting the safety of the network account, and the simpler weak password is easy to be cracked by the lawbreakers, so that the safety of the network account is influenced, therefore, the network equipment needs to be scanned regularly to determine the equipment using the weak password, and the subsequent modification of the login password is facilitated.
In the related art, a dictionary composed of a plurality of commonly used weak passwords downloaded on a network is usually used for scanning the same network device, but the quality of the dictionary on the network is uneven, and some network devices have the limitation of login times, and the dictionary is downloaded from the network blindly for scanning, so that not only the accuracy of scanning is not high, the efficiency is low, but also an IP (Internet Protocol) address used by a scanning end is forbidden.
Disclosure of Invention
In view of this, the present application provides a method and an apparatus for scanning a weak password device.
Specifically, the method is realized through the following technical scheme:
according to a first aspect of the present application, a method for scanning a weak password device is provided, which includes:
grouping all weak passwords, and respectively adding each group of weak passwords to a scanning list corresponding to at least one target device;
respectively scanning corresponding target equipment according to the weak passwords contained in each scanning list, and determining login weak passwords used by the target equipment which successfully logs in and the target equipment which does not successfully log in;
and adding the login weak password into a scanning list corresponding to the target equipment which is not successfully logged in, and determining the target equipment which is successfully logged in as weak password equipment.
According to a second aspect of the present application, a scanning apparatus for a weak password device is provided, which includes:
the grouping unit is used for grouping all the weak passwords and respectively adding each group of weak passwords to a scanning list corresponding to at least one target device, so that each group of weak passwords exists in the scanning list of each target device;
the scanning unit is used for respectively scanning corresponding target equipment according to the weak passwords contained in each scanning list and determining login weak passwords used by the target equipment which successfully logs in and target equipment which does not successfully log in;
and the adding unit is used for adding the login weak password into a scanning list corresponding to the target device which has not successfully logged in, and determining the target device which has successfully logged in as the weak password device.
According to a third aspect of the present application, there is provided an electronic device comprising:
a processor;
a memory for storing processor-executable instructions;
wherein the processor implements the method as described in the embodiments of the first aspect above by executing the executable instructions.
According to a fourth aspect of embodiments of the present application, there is provided a computer-readable storage medium having stored thereon computer instructions which, when executed by a processor, implement the steps of the method as described in the embodiments of the first aspect above.
According to the technical scheme provided by the application, all weak passwords are grouped, each group of weak passwords is added to the scanning list corresponding to at least one target device, so that a plurality of network devices respectively use different weak passwords to scan, all the weak passwords can be completely traversed, and the trial utilization rate of the weak passwords is improved; the weak passwords are grouped instead of all the weak passwords are used for scanning the same network equipment, so that the problem of IP (Internet protocol) forbidding caused by too many times of login attempts of the same network equipment is solved; meanwhile, because the login weak password used by the target equipment which successfully logs in is higher in the probability of being used in other target equipment scanned in the same batch, the login weak password used by the target equipment which successfully logs in is added into the scanning list corresponding to the target equipment which does not successfully log in, the probability of successfully logging in by using the weak password in the scanning list by the target equipment which does not successfully log in can be improved, and the scanning accuracy and efficiency are further improved.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the application and, together with the description, serve to explain the principles of the application.
FIG. 1 is a flow chart illustrating a weak password device scanning method according to an exemplary embodiment of the present application;
FIG. 2 is a network architecture diagram illustrating a weak password device scanning method according to an exemplary embodiment of the present application;
FIG. 3 is a detailed flow diagram of a weak password device scanning method according to an exemplary embodiment of the present application;
FIG. 4 is a diagram illustrating a weak password device scanning method according to an exemplary embodiment of the present application;
FIG. 5 is a schematic structural diagram of an electronic device applying a scanning method of a weak password device according to an exemplary embodiment of the present application;
fig. 6 is a block diagram illustrating a weak password device scanning apparatus according to an exemplary embodiment of the present application.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the application, as detailed in the appended claims.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present application. The word "if," as used herein, may be interpreted as "at … …" or "at … …" or "in response to a determination," depending on the context.
Next, examples of the present application will be described in detail.
Fig. 1 is a flowchart illustrating a weak password device scanning method according to an exemplary embodiment of the present application. As shown in fig. 1, the method is applied to a scanning device, which may be a device dedicated to scanning or a device with a scanning function, and the method is not limited in this application, and the method may include the following steps:
step 102: and grouping all the weak passwords, and adding each group of weak passwords to a scanning list corresponding to at least one target device respectively.
In one embodiment, passwords that are generally considered to be easily guessed by others or broken by network cracking tools are weak passwords, for example, a weak password may refer to a password that only contains simple numbers and letters, such as "123456", "abc123456", etc., and since a weak password is easily broken, the use of a weak password by a network device may jeopardize its security. In the prior art, the weak password can be acquired from multiple ways, and the method for acquiring the weak password is not limited in the application, for example, the weak password set can be downloaded from a network, can be summarized from multiple scanning results, or can be any method for acquiring the weak password set. The method includes the steps of obtaining all target network devices needing to be scanned, wherein the target network devices include but are not limited to other communicable network devices such as terminal devices, basic devices, intermediate devices, protective devices and the like in a network environment, for example, switches, servers, hosts, cameras, ticket gate machines and the like. Grouping all weak passwords in an acquired weak password set, and adding each group of weak passwords to a scan list of at least one target device, for example, when 100 weak passwords for scanning exist and 1000 target devices need to be scanned, 100 weak passwords can be divided into 10 groups, each group contains 10 weak passwords, each group of weak passwords is added to one or more scan lists corresponding to 1000 devices, and the scan list corresponding to each target device can be allocated to one or more groups of weak passwords or not; of course, the number of groups of weak passwords may be flexibly adjusted according to actual needs, and the number of weak passwords in each group may be the same or different.
In one embodiment, the grouping all weak passwords comprises: determining the maximum legal scanning times of the target equipment; and grouping all the weak passwords to ensure that the number of the weak passwords in each group is not more than the maximum legal scanning times. The maximum legal scanning times can be the maximum times of inputting a wrong login password within a preset time length; alternatively, the maximum number of times of incorrect login passwords is continuously input. The target device sets a preset rule to avoid the malicious access behavior in order to prevent the malicious access behavior, and if the access behavior does not conform to the rule, the target device determines the IP address used by the access behavior as a malicious IP, and even blocks the IP address. The rule may be the maximum number of times of inputting the wrong password within a preset time length, for example, the target device determines that the access behavior of inputting 10 wrong login passwords within 60 seconds is a malicious access behavior, so that all weak passwords are grouped according to the method, the number of the weak passwords in each group is not more than 10, and even if all the weak passwords in each group are wrong login passwords, the access behavior performed by the scanning device cannot be classified into the malicious access behavior; meanwhile, the rule may be the maximum number of times of continuously inputting wrong passwords, for example, the target device determines that the access behavior of continuously inputting 10 times of wrong login passwords is a malicious access behavior, so that all weak passwords are grouped according to the method, the number of the weak passwords in each group is not more than 10, and even if all the weak passwords in each group are wrong login passwords, the access behavior performed by the scanning device is not classified into the malicious access behavior. In the embodiment, the number of the weak passwords in each group is limited, so that the target device is prevented from determining the IP used by the scanning device as a malicious IP, and the IP used by the scanning device is further prohibited, and the condition that the scanning efficiency is influenced because the scanning cannot be continued due to the prohibition of the IP is avoided.
In an embodiment, the adding each group of weak passwords to the scan list corresponding to at least one target device respectively includes: when n groups of weak passwords exist, dividing the target equipment into m equipment groups, wherein each equipment group comprises n target equipment; and respectively adding the ith group of weak passwords to the ith target equipment in each equipment group, wherein i is more than or equal to 1 and less than or equal to n, and m and n are positive integers. For example, when there are 100 weak passwords, the weak passwords may be divided into 10 groups, i.e., n =10; assuming that there are 1000 target devices, the target devices may be divided into 100 groups, that is, m =100, each group includes 10 target devices, and the first group weak passwords are respectively added to the scan lists corresponding to the first devices in the respective device groups, that is, the first group weak passwords are respectively added to the scan lists corresponding to the 1 st, 11 th, 21 st, and 31 st target devices … …; similarly, the second group of weak passwords is added to the scan lists corresponding to the second devices in each device group, that is, the second group of weak passwords is added to the scan lists corresponding to the 2 nd, 12 th, 22 th and 32 th target devices … …, and so on, which is not described herein again. In this embodiment, the weak passwords are grouped and periodically distributed to each group of weak passwords, so that all the weak passwords are used in the scanning process, the utilization rate of the weak passwords is improved, all the usable weak passwords exist in the scanning lists corresponding to all the target devices, and the number of times that each weak password can be used is basically the same, thereby improving the efficiency and accuracy of scanning.
Step 104: and respectively scanning corresponding target equipment according to the weak passwords contained in each scanning list, and determining login weak passwords used by the target equipment which successfully logs in and the target equipment which does not successfully log in.
In an embodiment, after each group of weak passwords is added to a scan list corresponding to at least one target device, the scan device scans the corresponding target device according to the weak passwords contained in each scan list, if any weak password in the scan list can be used to log in the target device, the correct weak password is determined as a login weak password, and if all weak passwords in the scan list can not be used to scan the target device, the target device is a target device which has not successfully logged in.
Step 106: and adding the login weak password into a scanning list corresponding to target equipment which is not successfully logged in, and determining the target equipment which is successfully logged in as weak password equipment.
In an embodiment, the login password is added to a scan list corresponding to a target device which has not successfully logged in; for example, the first target device is scanned to determine that the password "123456" is a login password; the second target equipment determines the password abcdef as a login password after scanning; the third to seventh target devices do not find the correct login password after scanning; at this time, the login passwords "123456" and "abcdef" may be added to the scan lists corresponding to the third to seventh target devices, so that the third to seventh devices continue scanning using the two login passwords, and assuming that the login of the fourth device using the login password is successful among the third to seventh devices, the fourth target device, the first and second target devices may be referred to as a weak password device. In practical application, a large amount of devices of the same type are usually scanned, and if a user does not modify the passwords of the devices, some devices of the same type use the same weak passwords as initial passwords, so that the probability that the login success in any device is successful and the login success in the rest devices is higher, the login passwords are added to a scanning list corresponding to the target device which is not successfully logged in, the scanning is continued, the scanning accuracy is improved, and the scanning efficiency is further improved.
In one embodiment, whether a weak password identical to the login weak password exists in a scanning list corresponding to the target device which is not successfully logged in is determined; and if the password does not exist, adding the login weak password to the scanning list corresponding to the target equipment which is not successfully logged in. After determining the target equipment which is not successfully logged in, scanning whether a weak password which is the same as the login weak password exists in a scanning list corresponding to the equipment or not, if so, adding the login weak password to the scanning list without repeating the addition of the login weak password, and if not, adding the login weak password to the scanning list corresponding to the target equipment which is not successfully logged in, so that the target equipment which is not successfully logged in continues to scan by using the login weak password. In the embodiment, whether a weak password identical to the login weak password exists in a scanning list corresponding to the target device which is not successfully logged in is detected, and the weak password is added when the same weak password does not exist, so that the duplicate removal operation of the weak password is realized, the repeated scanning of the same weak password is avoided, the scanning times are reduced, and the scanning efficiency is improved.
It should be noted that, even if the number of the weak passwords in each group is not greater than the maximum legal scanning times, the addition of the login weak passwords to the scan list corresponding to the target device that has not successfully logged in may cause the number of the weak passwords in the scan list to exceed the maximum legal scanning times, and at this time, the scan may be performed after waiting for a certain time interval, so as to avoid that the IP address used by the scanning device is blocked due to too many scans within a preset time period.
In one embodiment, the number of weak password devices and/or the proportion of all target devices may be counted, and an alarm may be given when the number and/or the proportion exceed a preset threshold. The weak password device is a device using a weak password as a login password; the number of the weak password devices in all the target devices and/or the proportion of the weak password devices in all the target devices can be determined through the steps; when the number and/or the proportion exceed the preset threshold, the number of the weak passwords in all the target devices scanned at this time is excessive, so that the safety problem exists, at the moment, an alarm can be given, a log file record scanning result is generated, and the operation and maintenance personnel are reminded, so that the operation and maintenance personnel can perform subsequent processing conveniently. It should be noted that the preset threshold may be adjusted according to the actual application, and the application does not limit this.
In an embodiment, the login password of the weak password device may be modified. The weak password device is a device using a weak password as a login password; the weak password equipment in all the target equipment can be determined through the steps, and the login password of the weak password equipment is modified in a targeted manner, so that the security problem caused by using the weak password is avoided.
According to the embodiment, the technical scheme of the application groups all weak passwords, and each group of weak passwords is added to the scanning list corresponding to at least one target device, so that a plurality of target devices respectively use different weak passwords to scan, all the weak passwords can be completely traversed, and the trial utilization rate of the weak passwords is improved; the weak passwords are grouped instead of all the weak passwords are used for scanning the same network equipment, so that the problem of IP (Internet protocol) forbidding caused by too many times of login attempts of the same network equipment is solved; meanwhile, because the login weak password used by the target equipment which successfully logs in is higher in the probability of being used in other target equipment scanned in the same batch, the login weak password used by the target equipment which successfully logs in is added into the scanning list corresponding to the target equipment which does not successfully log in, namely the scanning weak password is adjusted in real time, so that the probability of successfully logging in by the target equipment which does not successfully log in by using the weak password in the scanning list can be improved, and the scanning accuracy and efficiency are further improved; after the scanning is finished, the login password of the weak password equipment can be modified in a targeted manner through the statistics of the weak password equipment, and the alarm is given in time when the number of the weak password equipment is too large, so that operation and maintenance personnel can know the safety of the equipment which is scanned in the same batch in time and can adjust the equipment in the subsequent process.
FIG. 2 is a diagram illustrating a network architecture for a weak password device scanning method according to an exemplary embodiment of the present application; the scanning device 20 may be a device dedicated to scanning, or may be a device having a scanning function, which is not limited in this application; assuming that the target devices in the present application have 1000 stations, all the target devices cannot be shown one by one due to space limitation, and the target devices 21 to 32 shown in fig. 2 are only schematic; the scanning device 20 scans all target devices, wherein a scan list is maintained for each target device.
FIG. 3 is a detailed flowchart of a method for weak password device scanning according to an exemplary embodiment of the present application; the specific steps of the method illustrated in fig. 3 are described in detail below with reference to fig. 2:
step 302: determining the maximum legal scanning times of the target equipment; the maximum legal scanning times can be the maximum times of inputting a wrong login password within a preset time length; alternatively, the maximum number of times of incorrect login passwords is continuously input. The target device sets a preset rule to avoid the malicious access behavior in order to prevent the malicious access behavior, and if the access behavior does not conform to the rule, the target device determines the IP address used by the access behavior as a malicious IP, and even blocks the IP address. In this embodiment, it is assumed that the rule is the maximum number of times of inputting an incorrect password within a preset time duration, for example, the target device determines that an access behavior of inputting 10 incorrect login passwords within 60 seconds is a malicious access behavior, so that all weak passwords are grouped according to the present application, the number of weak passwords in each group is not greater than 10, and even if all weak passwords in each group are incorrect login passwords, the access behavior performed by the scanning device is not classified as the malicious access behavior.
Step 304: grouping all weak passwords; grouping all weak passwords according to the maximum legal scanning times of the target device in the step 302, so that the number of the weak passwords in each group is not more than ten, assuming that 100 weak passwords are in total, dividing all weak passwords into ten groups, and the number of the weak passwords in each group is 10.
Step 306: adding each group of weak passwords to a scanning list corresponding to the target equipment; when there are 100 weak passwords, the weak passwords may be divided into 10 groups; assuming that 1000 target devices exist, the target devices may be divided into 100 groups, each group includes 10 target devices, and the first group weak passwords are respectively added to the scan lists corresponding to the first devices in each device group, that is, the first group weak passwords are respectively added to the scan lists corresponding to the 1 st, 11 th, 21 st and 31 st target devices … …; similarly, the second group of weak passwords is added to the scan lists corresponding to the second devices in each device group, that is, the second group of weak passwords is added to the scan lists corresponding to the 2 nd, 12 th, 22 nd and 32 nd devices … …, respectively, as shown in fig. 4, the target device 21 is the same as the scan lists of the target devices 31, 41 and 51 … …; target device 22 is the same as the scan list of target devices 32, 42, 52 … …, and so on.
Step 308 to step 310: scanning corresponding target equipment according to the weak password in the scanning list, and determining a login weak password used by the target equipment which successfully logs in; the scanning device 20 scans the target devices by using the weak passwords in the scan list corresponding to each target device, and determines the login weak password used by the target device which has successfully logged in, as shown in fig. 4, if the target device 21 successfully logs in by using the weak password "root:000000" and the target device 22 successfully logs in by using the weak password "root: admin", the weak passwords "root:000000" and "root: admin" are the login weak passwords.
Step 312: whether a login weak password exists in a scan list corresponding to the target device which is not successfully logged in is judged, and the description can be divided into two cases: in the first case, since the target device 21 and the target devices 31, 41, 51 … … have the same scan list and the target devices may use the same weak password, a situation that the successfully logged-in weak passwords are duplicated may occur, as shown in fig. 4, for example, when both the target device 21 and the target device 31 use the password "root:12345678" for successful login and both the two login weak passwords are "root:12345678", after the first "root:12345678" weak password is added to the other unsuccessfully logged-in target devices, before the second "root: 45123678" weak password is added, it is determined whether the login weak password "root:12345678" exists in the scan list corresponding to the unsuccessfully logged-in target device, if so, step 312b is performed, the second "root:12345678" weak password is not added to the scan list, and if not, step 312a is performed, the scan list corresponding to the successfully logged-in target device is continued. In the second case: since the target device 21 and the scan list of the target devices 31, 41, 51 … … are the same, but the login passwords used by the target devices may not be the same, assuming that the target device 21 successfully logs in using the weak password "root:12345678", and the scan list corresponding to the target device 31 may not have the correct login password, since the target device 21 and the scan list of the target device 31 are the same, but the target device 31 does not successfully log in, before adding the login weak password "root:12345678" to the scan list of the target device 31, it is determined whether the login weak password "root:12345678" exists in the scan list corresponding to the target device 31, if so, step 312b is entered, the "root:12345678" weak password is not added to the scan list, and if not so, step 312a is entered, and the login password is added to the scan list corresponding to the target device which has not successfully logged in, and scanning continues.
Step 314: all target devices which are successfully logged in are determined as weak password devices; through the steps, the device which successfully logs in the 1000 target devices can be determined, namely the device uses a weak password as a login password, and the device is called as a weak password device. After the weak password device is determined, step 314b can be entered to modify the login password of such a device, so as to avoid the security problem caused by using the weak password; step 314a may also be entered to determine whether the number of the weak password devices and/or the ratio among all the target devices exceeds a preset threshold, and when the number and/or the ratio exceed the preset threshold, it indicates that the number of the weak passwords in all the target devices scanned this time is too large, which causes a security problem, at this time, step 314a2 may be entered to alarm, generate a log file record scanning situation, remind the operation and maintenance personnel, so that the operation and maintenance personnel perform subsequent processing, and if the number and/or the ratio do not exceed the threshold, step 314a1 may be entered to generate a log file record scanning situation. It should be noted that the preset threshold may be adjusted according to an actual application, which is not limited in the present application, and steps 314a and 314b may be performed simultaneously or alternatively, which is not limited in the present application.
Corresponding to the method embodiments, the present specification also provides an embodiment of an apparatus.
Fig. 5 is a schematic structural diagram of an electronic device applying a scanning method of a weak password device according to an exemplary embodiment of the present application. Referring to fig. 5, at the hardware level, the electronic device includes a processor 502, an internal bus 504, a network interface 506, a memory 508, and a non-volatile memory 510, although it may also include hardware required for other services. The processor 502 reads the corresponding computer program from the non-volatile memory 510 into the memory 508 and runs it, forming a scanning means of a weak password device on a logical level. Of course, besides the software implementation, the present application does not exclude other implementations, such as logic devices or a combination of software and hardware, and the like, that is, the execution subject of the following processing flow is not limited to each logic unit, and may also be hardware or logic devices.
Fig. 6 is a block diagram illustrating a scanning apparatus of a weak password device according to an exemplary embodiment of the present application. Referring to fig. 6, the apparatus includes a grouping unit 602, a scanning unit 604, and an adding unit 606, wherein:
a grouping unit 602, configured to group all weak passwords, and add each group of weak passwords to a scan list corresponding to at least one target device, so that a group of weak passwords exists in the scan list of each target device;
a scanning unit 604, configured to scan corresponding target devices according to the weak passwords included in each scanning list, and determine a login weak password used by a target device that has successfully logged in and a target device that has not successfully logged in;
an adding unit 606, configured to add the login weak password to a scan list corresponding to a target device that has not successfully logged in, and determine the target device that has successfully logged in as a weak password device.
Optionally, the grouping all weak passwords includes: determining the maximum legal scanning times of the target equipment; and grouping all weak passwords to ensure that the number of the weak passwords in each group is not more than the maximum legal scanning times.
Optionally, the maximum legal scan times includes: inputting the maximum times of the error login password within a preset time length; alternatively, the maximum number of times of incorrect login passwords is continuously input.
Optionally, the adding each group of weak passwords to the scan list corresponding to at least one target device respectively includes: when n groups of weak passwords exist, dividing the target equipment into m equipment groups, wherein each equipment group comprises n target equipment; and respectively adding the ith group of weak passwords to the ith target equipment in each equipment group, wherein i is more than or equal to 1 and less than or equal to n, and m and n are positive integers.
Optionally, the apparatus further comprises: a deduplication unit 608, configured to determine whether a weak password identical to the login weak password exists in a scan list corresponding to the target device that has not successfully logged in;
and if the password does not exist, adding the login weak password to the scanning list corresponding to the target equipment which is not successfully logged in.
Optionally, the apparatus further comprises: a counting unit 610, configured to count the number of the weak password devices and/or the proportion among all the target devices, and alarm when the number and/or the proportion exceed a preset threshold.
Optionally, the apparatus further comprises: a modifying unit 612, configured to modify the login password of the weak password device.
The specific details of the implementation process of the functions and actions of each unit in the above device are the implementation processes of the corresponding steps in the above method, and are not described herein again.
For the device embodiment, since it basically corresponds to the method embodiment, reference may be made to the partial description of the method embodiment for relevant points. The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the application. One of ordinary skill in the art can understand and implement it without inventive effort.
In an exemplary embodiment, there is also provided a non-transitory computer readable storage medium, such as a memory, comprising instructions executable by a processor of a weak password device scanning apparatus to implement a method as in any of the above embodiments.
The non-transitory computer readable storage medium may be a ROM, a Random Access Memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, etc., which is not limited in this application.
The above description is only exemplary of the present application and should not be taken as limiting the present application, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the scope of protection of the present application.

Claims (9)

1. A method for scanning a weak password device, comprising:
grouping all weak passwords, and respectively adding each group of weak passwords to a scanning list corresponding to at least one target device;
respectively scanning corresponding target equipment according to the weak passwords contained in each scanning list, and determining login weak passwords used by the target equipment which successfully logs in and the target equipment which does not successfully log in;
adding the login weak password into a scanning list corresponding to target equipment which is not successfully logged in, and determining the target equipment which is successfully logged in as weak password equipment;
wherein the grouping of all weak passwords comprises: determining the maximum legal scanning times of the target equipment; and grouping all weak passwords to ensure that the number of the weak passwords in each group is not more than the maximum legal scanning times.
2. The method of claim 1, wherein the maximum number of legal scans comprises: inputting the maximum times of the error login password within a preset time length; alternatively, the maximum number of times of incorrect login passwords is continuously input.
3. The method of claim 1, wherein adding each group of weak passwords to a scan list corresponding to at least one target device respectively comprises:
when n groups of weak passwords exist, dividing the target equipment into m equipment groups, wherein each equipment group comprises n target equipment;
and respectively adding the ith group of weak passwords to the ith target equipment in each equipment group, wherein i is more than or equal to 1 and less than or equal to n, and m and n are positive integers.
4. The method of claim 1, wherein adding the login weak password to a scan list corresponding to a target device that has not been successfully logged on comprises:
determining whether a weak password identical to the login weak password exists in a scanning list corresponding to the target device which is not successfully logged in;
and if the password does not exist, adding the login weak password to the scanning list corresponding to the target equipment which is not successfully logged in.
5. The method of claim 1, further comprising:
and counting the number of the weak password devices and/or the proportion of the weak password devices in all the target devices, and alarming when the number and/or the proportion exceed a preset threshold value.
6. The method of claim 1, further comprising:
and modifying the login password of the weak password equipment.
7. A scanning apparatus for a weak password device, comprising:
the grouping unit is used for grouping all the weak passwords and respectively adding each group of weak passwords to a scanning list corresponding to at least one target device, so that each group of weak passwords exists in the scanning list of each target device; wherein the grouping all weak passwords comprises: determining the maximum legal scanning times of the target equipment; grouping all weak passwords to ensure that the number of the weak passwords in each group is not more than the maximum legal scanning times;
the scanning unit is used for respectively scanning the corresponding target equipment according to the weak passwords contained in each scanning list and determining login weak passwords used by the target equipment which successfully logs in and target equipment which does not successfully log in;
and the adding unit is used for adding the login weak password into a scanning list corresponding to the target device which is not successfully logged in, and determining the target device which is successfully logged in as the weak password device.
8. An electronic device, comprising:
a processor;
a memory for storing processor-executable instructions;
wherein the processor implements the method of any one of claims 1-6 by executing the executable instructions.
9. A computer-readable storage medium having stored thereon computer instructions, which, when executed by a processor, carry out the steps of the method according to any one of claims 1-6.
CN202011599670.1A 2020-12-29 2020-12-29 Scanning method and device of weak password equipment Active CN112738104B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011599670.1A CN112738104B (en) 2020-12-29 2020-12-29 Scanning method and device of weak password equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011599670.1A CN112738104B (en) 2020-12-29 2020-12-29 Scanning method and device of weak password equipment

Publications (2)

Publication Number Publication Date
CN112738104A CN112738104A (en) 2021-04-30
CN112738104B true CN112738104B (en) 2023-03-24

Family

ID=75611545

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011599670.1A Active CN112738104B (en) 2020-12-29 2020-12-29 Scanning method and device of weak password equipment

Country Status (1)

Country Link
CN (1) CN112738104B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115001832B (en) * 2022-06-10 2024-02-20 阿里云计算有限公司 Method and device for preventing password attack and electronic equipment
CN117034251B (en) * 2023-09-28 2024-01-05 杭州海康威视数字技术股份有限公司 Weak password self-adaptive screening method, device and equipment

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105989278A (en) * 2015-01-29 2016-10-05 武汉安问科技发展有限责任公司 Password audit method based on motive model analyses

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2204416C (en) * 1994-11-10 2000-10-24 Ty J. Caswell Computer-based multifunction personal communication system with caller id
US7581245B2 (en) * 2004-03-05 2009-08-25 Sap Ag Technique for evaluating computer system passwords
US8590046B2 (en) * 2010-07-28 2013-11-19 Bank Of America Corporation Login initiated scanning of computing devices
CN104811449B (en) * 2015-04-21 2017-09-19 深信服网络科技(深圳)有限公司 Storehouse attack method and system are hit in detection
CN107196899B (en) * 2017-03-21 2020-05-22 北京神州泰岳软件股份有限公司 Equipment weak password management method and device
CN107577936B (en) * 2017-07-17 2019-10-01 全球能源互联网研究院有限公司 A kind of weak passwurd scan method and device
CN109948331A (en) * 2019-03-26 2019-06-28 国网黑龙江省电力有限公司信息通信公司 A kind of weak passwurd detection system and method
CN111339527B (en) * 2020-02-20 2022-10-21 北京天融信网络安全技术有限公司 Weak password detection method and system

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105989278A (en) * 2015-01-29 2016-10-05 武汉安问科技发展有限责任公司 Password audit method based on motive model analyses

Also Published As

Publication number Publication date
CN112738104A (en) 2021-04-30

Similar Documents

Publication Publication Date Title
CN112738104B (en) Scanning method and device of weak password equipment
EP3544250A1 (en) Method and device for detecting dos/ddos attack, server, and storage medium
EP3468102B1 (en) Negative feedback control method and system based on output arbitration
CN110519208B (en) Anomaly detection method, device and computer readable medium
EP2854064A1 (en) Intrusion deception by rejection of captcha responses
EP3966716B1 (en) Pattern matching for authentication with random noise symbols and pattern recognition
CN108243189B (en) Network threat management method and device, computer equipment and storage medium
US10362055B2 (en) System and methods for active brute force attack protection
US11736472B2 (en) Authentication with well-distributed random noise symbols
EP3967012B1 (en) Partial pattern recognition in a stream of symbols
CN109561090B (en) Web intelligent defense method, device, equipment and readable storage medium
CN108390870B (en) Method, device, storage medium and equipment for defending network attack
US20200389443A1 (en) Authentication with random noise symbols and pattern recognition
CN111740982B (en) Server anti-attack method and system based on computing power certification
US20170171188A1 (en) Non-transitory computer-readable recording medium, access monitoring method, and access monitoring apparatus
CN102833247A (en) Method for anti-sweeping ciphers in user login system and device thereof
CN111221580A (en) Method, equipment and storage medium for safely recovering factory settings of intelligent lock
CN110290122B (en) Intrusion response strategy generation method and device
US20180176250A1 (en) Detection system, detection apparatus, detection method, and detection program
KR101576993B1 (en) Method and System for preventing Login ID theft using captcha
US10255558B1 (en) Managing knowledge-based authentication systems
CN114003904B (en) Information sharing method, device, computer equipment and storage medium
CN109617925B (en) Method and system for protecting network attack and setting interval mark
CN110932733B (en) Key scanning method and input device
CN115604162A (en) Detection method of network security equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant