CN112866430B - Domain name record detection system, method, device and storage medium - Google Patents
Domain name record detection system, method, device and storage medium Download PDFInfo
- Publication number
- CN112866430B CN112866430B CN202110069571.0A CN202110069571A CN112866430B CN 112866430 B CN112866430 B CN 112866430B CN 202110069571 A CN202110069571 A CN 202110069571A CN 112866430 B CN112866430 B CN 112866430B
- Authority
- CN
- China
- Prior art keywords
- target network
- domain name
- network request
- message data
- request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/45—Network directories; Name-to-address mapping
- H04L61/4505—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
- H04L61/4511—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
- H04L61/5046—Resolving address allocation conflicts; Testing of addresses
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1095—Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
Abstract
The present disclosure provides a domain name record detection system, method, device and storage medium, including: the domain name detection end is used for acquiring the copy data of the message data corresponding to the target network request of the Internet data center, determining the domain name information corresponding to the target network request based on the copy data, detecting whether the domain name information corresponding to the target network request is already recorded, and if not, sending a guiding instruction to the recording leading end; and the record leading end is used for responding to the guiding instruction, drawing the message data of which the corresponding destination IP address is the same as the target network request which is not recorded in the message data which is not distributed by the Internet data center to the record leading end from the Internet data center, and carrying out record guiding based on the message data drawn to the record leading end.
Description
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a system, a method, an apparatus, and a storage medium for detecting domain name records.
Background
A domain name, also called a network domain, is the name of a computer or group of computers on a network, which consists of a string of names separated by points, used to locate the computer during data transmission. In order to prevent illegal website operation activities from being carried out on the internet and attack the propagation of bad internet information, domain names need to be recorded in related departments.
When a user sends a request to a server, the message data corresponding to the request is generally sent to an internet data center, and then the message data is distributed to each server by the internet data center. Since the related law requires the website to do domain name registration, internet Data Center (IDC) as a service provider needs to guide the user to do domain name registration.
In the related art, one or more detection devices are generally deployed, and domain name detection is directly performed on all packet data of an internet data center to determine whether a domain name corresponding to the packet data is recorded, and the recorded packet data is distributed to a corresponding server.
Disclosure of Invention
The embodiment of the disclosure at least provides a domain name filing detection system, a domain name filing detection method, a domain name filing detection device and a storage medium.
In a first aspect, an embodiment of the present disclosure provides a domain name record detection system, including:
the domain name detection end is used for acquiring the copy data of the message data corresponding to the target network request of the Internet data center, determining the domain name information corresponding to the target network request based on the copy data, detecting whether the domain name information corresponding to the target network request is already recorded, and if not, sending a guiding instruction to the recording leading end;
and the record leading end is used for responding to the guiding instruction, drawing the message data with the corresponding destination IP address which is the same as the target network request which is not recorded in the message data which is not distributed by the Internet data center from the Internet data center to the record leading end, and carrying out record guiding based on the message data which is drawn to the record leading end.
In a possible implementation manner, when determining, based on the replicated data, domain name information corresponding to the target network request, the domain name detecting end is configured to:
determining a target request type of the target network request;
and acquiring the domain name information corresponding to the target network request from the message data corresponding to the target network request based on the domain name information acquisition method corresponding to the target request type.
In a possible implementation manner, the domain name detecting end, when detecting that domain name information corresponding to the target network request is not recorded, is further configured to:
determining a destination IP address corresponding to the target network request which is not recorded;
the domain name detection end is used for:
and sending a guiding instruction carrying the destination IP address to the record guiding end.
In a possible implementation manner, when the record leading end, in response to the leading instruction, pulls, from the internet data center to the record leading end, message data that has a corresponding destination IP address that is the same as the target network request that is not recorded, in message data that is not currently distributed by the internet data center, the record leading end is configured to:
generating a route traction instruction based on a destination IP address in the guide instruction;
sending the route pulling instruction to a router of the Internet data center;
and acquiring message data with the corresponding destination IP address same as the target network request which is not recorded in the current undistributed message data from a router of the Internet data center.
In a possible implementation manner, when the filing leading end performs filing guidance based on the message data that is sent to the filing leading end, the filing leading end is configured to:
for any target network request corresponding to the message data which is led to the record leading end, determining domain name information of the target network request based on the target message data corresponding to the target network request under the condition that the request type of the any target network request is a first preset request type;
and feeding back a record guiding page to a user side initiating the target network request under the condition that the domain name information of the target network request is detected to be the unregistered domain name information and the request type of the target network request is a second preset request type, wherein the first preset request type comprises the second preset request type.
In a possible implementation manner, in a case that it is detected that the domain name information requested by the target network is unregistered domain name information and the request type requested by the target network is not a second preset request type, the record leading end is further configured to:
and discarding the target message data corresponding to the target network request to block the target network request.
In a possible implementation manner, for any target network request, in a case that a request type of the any target network request is not a first preset request type, the docket leader is further configured to:
and the target message data requested by any target network is reinjected to the router of the Internet data center, and the router forwards the target message data.
In a second aspect, an embodiment of the present disclosure provides a domain name record detection method, applied to a domain name detection end, including:
obtaining copy data of message data corresponding to a target network request of an internet data center;
determining domain name information corresponding to the target network request based on the replication data;
and detecting whether the domain name information corresponding to the target network request is recorded or not, if not, sending a guiding instruction to a recording leading end, wherein the guiding instruction is used for indicating the recording leading end to pull message data from the internet data center and carry out recording guiding.
In a possible implementation manner, the determining, based on the replication data, domain name information corresponding to the target network request includes:
determining a target request type of the target network request;
and acquiring the domain name information corresponding to the target network request from the message data corresponding to the target network request based on the domain name information acquisition method corresponding to the target request type.
In a possible embodiment, in a case that it is detected that domain name information corresponding to the target network request is not put on record, the method further includes:
determining a destination IP address corresponding to the target network request which is not recorded;
the sending of the guiding instruction to the filing leading end includes:
and sending a guiding instruction carrying the destination IP address to the record guiding end.
In a third aspect, an embodiment of the present disclosure further provides another domain name filing detection method, applied to a filing leading end, including:
receiving a guiding instruction, wherein the guiding instruction carries a destination IP address of an unregistered target network request;
responding to the guiding instruction, and drawing message data with the corresponding destination IP address same as the unregistered target network request in the currently undistributed message data of the Internet data center to the registration guiding end;
and carrying out the filing guidance based on the message data dragged to the filing guidance end.
In a possible implementation manner, the step of, in response to the guiding instruction, pulling, to the record leading end, message data, in which a corresponding destination IP address in message data that is not currently distributed by an internet data center is the same as the unregistered target network request, includes:
generating a route traction instruction based on a destination IP address in the guide instruction;
sending the route pulling instruction to a router of the Internet data center;
and acquiring message data with the corresponding destination IP address being the same as the target network request which is not recorded in the message data which is not distributed currently from a router of the Internet data center.
In a possible implementation manner, the performing filing guidance based on the message data that is pulled to the filing guidance end includes:
for any target network request corresponding to the message data which is led to the record leading end, determining domain name information of the target network request based on the target message data corresponding to the target network request under the condition that the request type of the any target network request is a first preset request type;
and under the condition that the domain name information of the target network request is detected to be unregistered domain name information and the request type of the target network request is a second preset request type, feeding back a registration guiding page to a user side initiating the target network request, wherein the first preset request type comprises the second preset request type.
In one possible implementation manner, in a case that it is detected that the domain name information requested by the target network is the unregistered domain name information and the request type requested by the target network is not the second preset request type, the method further includes:
and discarding the target message data corresponding to the target network request to block the target network request.
In a possible embodiment, for any target network request, in the case that the request type of the any target network request is not the first preset request type, the method further includes:
and the target message data requested by any target network is reinjected to the router of the Internet data center, and the router forwards the target message data.
In a fourth aspect, an embodiment of the present disclosure further provides a domain name filing detection apparatus, including:
the acquisition module is used for acquiring copy data of message data corresponding to a target network request of the Internet data center;
a determining module, configured to determine, based on the replication data, domain name information corresponding to the target network request;
and the detection module is used for detecting whether the domain name information corresponding to the target network request is recorded or not, and if not, sending a guiding instruction to a recording leading end, wherein the guiding instruction is used for indicating the recording leading end to pull the message data from the internet data center and carry out recording guiding.
In a possible implementation manner, the determining module, when determining that the target network requests the corresponding domain name information based on the replication data, is configured to:
determining a target request type of the target network request;
and acquiring the domain name information corresponding to the target network request from the message data corresponding to the target network request based on the domain name information acquisition method corresponding to the target request type.
In a possible implementation manner, the detecting module, in case that it detects that domain name information corresponding to the target network request is not recorded, is further configured to:
determining a destination IP address corresponding to the target network request which is not recorded;
the detection module is used for, when sending a guiding instruction to the record leading end:
and sending a guiding instruction carrying the destination IP address to the record leading end.
In a fifth aspect, an embodiment of the present disclosure further provides another domain name detection apparatus, including:
a receiving module, configured to receive a guidance instruction, where the guidance instruction carries a destination IP address of an unregistered target network request;
the traction module is used for responding to the guiding instruction and drawing message data, of which the corresponding destination IP address is the same as the target network request which is not recorded, in the message data which is not distributed currently in the internet data center to the recording guiding end;
and the guiding module is used for carrying out record guiding based on the message data which is dragged to the record guiding end.
In a possible implementation manner, when, in response to the guiding instruction, the traction module is configured to, in message data that is not currently distributed by an internet data center, pull, to the docketing leading end, message data whose corresponding destination IP address is the same as the unregistered target network request, the traction module is configured to:
generating a route traction instruction based on a destination IP address in the guide instruction;
sending the routing traction instruction to a router of the Internet data center;
and acquiring message data with the corresponding destination IP address same as the target network request which is not recorded in the current undistributed message data from a router of the Internet data center.
In a possible embodiment, when performing record guidance based on the message data that is sent to the record guidance end, the guidance module is configured to:
for any target network request corresponding to the message data dragged to the record leading end, determining domain name information of the target network request based on the target message data corresponding to the target network request under the condition that the request type of the any target network request is a first preset request type;
and under the condition that the domain name information of the target network request is detected to be unregistered domain name information and the request type of the target network request is a second preset request type, feeding back a registration guiding page to a user side initiating the target network request, wherein the first preset request type comprises the second preset request type.
In a possible implementation manner, the guidance module, when detecting that the domain name information of the target network request is unregistered domain name information and the request type of the target network request is not a second preset request type, is further configured to:
and discarding the target message data corresponding to the target network request to block the target network request.
In a possible implementation manner, for any target network request, in a case that a request type of the any target network request is not a first preset request type, the guiding module 803 is further configured to:
and the target message data requested by any target network is reinjected to the router of the Internet data center, and the router forwards the target message data.
In a sixth aspect, an embodiment of the present disclosure further provides a computer device, including: a processor, a memory and a bus, the memory storing machine-readable instructions executable by the processor, the processor and the memory communicating over the bus when the computer device is running, the machine-readable instructions when executed by the processor performing the steps of the second aspect, or any one of the possible embodiments of the second aspect, or the third aspect, or any one of the possible embodiments of the third aspect.
In a seventh aspect, this disclosed embodiment further provides a computer-readable storage medium, where the computer program is stored, and when executed by a processor, the computer program performs the steps in the second aspect, or any one of the possible implementations of the second aspect, or performs the steps in the third aspect, or any one of the possible implementations of the third aspect.
According to the domain name filing detection system, the domain name filing detection method, the domain name filing detection device and the storage medium, message data of an internet data center can be copied to a domain name detection end, the domain name detection end can determine whether domain name information corresponding to a target network request is filed based on the copied data, and in the process, as the domain name detection end is obtained by copying the message data of the internet data center, distribution of the message data corresponding to the target network request with the filed domain name of the internet data center cannot be influenced; for a target network request with an unregistered domain name, message data, of which a corresponding destination IP address is the same as the unregistered target network request, in currently undistributed message data of an internet data center can be pulled from the internet data center to the docketing leading end, and the docketing guidance is performed based on the message data pulled to the docketing leading end.
In addition, the detection process of whether the domain name information corresponding to the target network is recorded or not and the recording and guiding process of the domain name information which is not recorded are executed by two devices, so that the performance loss of a single device can be reduced, and the efficiency of domain name detection and guiding is improved.
In order to make the aforementioned objects, features and advantages of the present disclosure more comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present disclosure, the drawings required for use in the embodiments will be briefly described below, and the drawings herein incorporated in and forming a part of the specification illustrate embodiments consistent with the present disclosure and, together with the description, serve to explain the technical solutions of the present disclosure. It is appreciated that the following drawings depict only certain embodiments of the disclosure and are therefore not to be considered limiting of its scope, for those skilled in the art will be able to derive additional related drawings therefrom without the benefit of the inventive faculty.
FIG. 1a is a diagram illustrating a device deployment location during domain name detection provided by an embodiment of the present disclosure;
fig. 1b illustrates a device deployment location diagram in another domain name detection provided by the embodiment of the present disclosure;
FIG. 2 shows an interaction flow diagram of a domain name record detection system provided by an embodiment of the present disclosure;
fig. 3 shows a flowchart of a method for performing record guidance based on message data in a domain name record detection method provided by the embodiment of the present disclosure;
fig. 4 is a schematic flow chart of a domain name record detection system provided in an embodiment of the present disclosure;
fig. 5 is a schematic flowchart illustrating a domain name record detection method according to an embodiment of the present disclosure;
fig. 6 is a schematic flowchart illustrating another domain name record detection method provided by an embodiment of the present disclosure;
fig. 7 is a schematic diagram illustrating an architecture of a domain name record detection apparatus according to an embodiment of the present disclosure;
fig. 8 is a schematic diagram illustrating an architecture of another domain name record detection apparatus provided in the embodiment of the present disclosure;
FIG. 9 shows a schematic structural diagram of a computer device 900 provided by an embodiment of the present disclosure;
fig. 10 shows a schematic structural diagram of a computer device 1000 provided by an embodiment of the present disclosure.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present disclosure more clear, the technical solutions of the embodiments of the present disclosure will be described clearly and completely with reference to the drawings in the embodiments of the present disclosure, and it is obvious that the described embodiments are only a part of the embodiments of the present disclosure, not all of the embodiments. The components of the embodiments of the present disclosure, generally described and illustrated in the figures herein, can be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present disclosure, presented in the figures, is not intended to limit the scope of the claimed disclosure, but is merely representative of selected embodiments of the disclosure. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the disclosure without making any creative effort, shall fall within the protection scope of the disclosure.
In the related art, when domain name detection is performed on message data of an internet data center, as shown in fig. 1a for example, all message data of the internet data center need to be detected by a detection device, and the detected message data (i.e., the message data with the recorded domain name) is distributed to a corresponding server by a router; and for the message data which passes the detection (namely, the message data with the domain name not recorded), the domain name recording guidance can be carried out.
However, in this way, because there are more message data in the internet data center, the performance of detecting and domain name filing and guiding by the detection device is more, and the processing efficiency of detection is slower, the efficiency of data exchange between the client and the server is affected.
In order to reduce the performance loss of the detection device, as shown in fig. 1b, the detection device may be deployed at an entrance of the server, that is, after the message data is distributed by a router of the internet data center, the message data is detected by the detection device before being transmitted to the server. However, this method requires an increased number of inspection devices due to the adjustment of the deployment position of the inspection devices.
However, in fig. 1a and fig. 1b, when the detection device fails, the message data cannot be normally forwarded to the server, which may affect data transmission.
Based on the research, the present disclosure provides a domain name filing detection system, method, apparatus, and storage medium, which can copy the message data of an internet data center to a domain name detection end, and the domain name detection end can determine whether the domain name information corresponding to the target network request is filed based on the copied data, and in this process, because the domain name detection end is obtained by copying the message data of the internet data center, the distribution of the message data corresponding to the target network request filed by the domain name of the internet data center is not affected; for a target network request with an unregistered domain name, message data with a corresponding destination IP address, which is the same as that of an unregistered target network request, in currently undistributed message data of an internet data center can be pulled from the internet data center to the registration leading end, and registration guidance is performed based on the message data pulled to the registration leading end.
In addition, the detection process of whether the domain name information corresponding to the target network is recorded or not and the recording guide process of the domain name information which is not recorded are executed by two devices, so that the performance loss of a single device can be reduced, and the efficiency of domain name detection and guide is improved.
The above drawbacks are the results of the inventor after practical and careful study, and therefore, the discovery process of the above problems and the solutions proposed by the present disclosure in the following description should be the contribution of the inventor to the present disclosure in the course of the present disclosure.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
In order to understand the embodiment, first, a domain name record detecting system disclosed in the embodiment of the present disclosure is described in detail, where both a domain name detecting end and a record leading end in the domain name record detecting system provided in the embodiment of the present disclosure are computer devices with certain processing capabilities, for example, the domain name detecting end and the record leading end are connected, and the domain name detecting end and the record leading end are connected to an internet data center respectively.
It should be noted that the domain name information described below is domain name information to be recorded, and generally refers to a second-level domain name.
Referring to fig. 2, an interaction flowchart of a domain name record detection system provided in an embodiment of the present disclosure includes the following steps:
step 201, a domain name detection end obtains copy data of message data corresponding to a target network request of an internet data center.
Step 202, the domain name detection terminal determines the domain name information corresponding to the target network request based on the replication data.
Step 203, the domain name detecting end determines whether the domain name information corresponding to the target network request is already recorded.
And step 204, under the condition that the domain name information corresponding to the target network request is not recorded, the domain name detection end sends a guiding instruction to the recording leading end.
Step 205, the record leader responds to the guiding instruction, and pulls the message data, which has the same destination IP address as the target network request that is not recorded, in the message data that is not distributed currently by the internet data center from the internet data center to the record leader.
And step 206, the record leading end conducts record leading based on the message data dragged to the record leading end.
The following is a detailed description of the above steps.
For step 201,
In a possible implementation manner, when the user side sends the target network request to the server, the user side may first send the target network request to the internet data center, and then the internet data center sends the target network request to the corresponding server.
Here, the target network request may include a Hypertext Transfer Protocol (Http) request, a secure socket Http request, a File Transfer Protocol (FTP) request, and the like.
In a possible implementation manner, the domain name detection end may obtain the copy data of the message data corresponding to the target network request of the internet data center in a port mirroring manner. Specifically, by setting a port mirror image on a core layer or aggregation layer switch of the network, the mirrored traffic (i.e., message data) of the uplink port of the switch is copied, and then the message data requested by all target networks can be acquired.
In another possible implementation manner, the domain name detection end may further obtain, in a light splitting manner, duplicated data of packet data corresponding to a target network request of the internet data center. Specifically, the optical splitter can be arranged in the interconnected data center, and the message data of the interconnected data center is copied to the domain name detection end.
In practical application, when the domain name detection end obtains the copy data of the message data corresponding to the target network request of the internet data center, after the internet data center receives the message data corresponding to the target network request, the internet data center can directly copy the message data in a light splitting or mirror image mode and send the copy data to the domain name detection end.
With respect to step 202,
In a possible implementation manner, when determining the domain name information corresponding to the target network request based on the duplicated data, the domain name detecting end may first determine a target request type of the target network request, and then obtain the domain name information corresponding to the target network request from the packet data corresponding to the target network request based on a domain name information obtaining method corresponding to the target request type.
Illustratively, the target request type may be any one of an http request and an https request. If the target network request is an http request, domain name information can be obtained from a host field of an http message corresponding to the target network request aiming at the target network request; if the target network request is an https request, because the message data of the https request is encrypted message data and the domain Name detection end is a bypass device, it is not possible to obtain a certificate to decrypt the message data of the https request, when domain Name information of the https request is obtained, the domain Name information of the https request may be obtained from a Server Name Indication (SNI) field of a Transport Layer Security (TLS) header in the message data corresponding to the https request.
In a possible implementation manner, the target network request may not include domain name information, for example, a network request for directly accessing an IP, and at this time, the target request type corresponding to the target network request does not have a corresponding domain name information obtaining method, so that when it is detected that the target request type of the target network request does not have a corresponding domain name information obtaining method, or when the packet data of the target network request does not carry domain name information, no processing may be performed on the target network request, that is, the domain name information corresponding to the next target network request may be detected.
For step 203,
In a possible implementation manner, the domain name detecting end may store all recorded domain name information, and when it is determined whether the domain name information corresponding to the target network request is recorded, it may search, from all recorded domain name information stored in the domain name detecting end, whether the domain name information corresponding to the target network request is included, if included, it may be determined that the domain name information corresponding to the target network request is recorded, and if not, it may be determined that the domain name information corresponding to the target network request is not recorded.
The recorded domain name information stored by the domain name detection end can be updated every preset time, for example, the updated domain name information can be updated every 1 hour, so that the domain name information currently stored by the domain name detection end is the latest recorded domain name information.
In a possible implementation manner, for any target network request, if the domain name information corresponding to the target network request is already recorded, the domain name information corresponding to the next target network request may be detected, and whether the domain name information corresponding to the next target network request is already recorded is detected.
For step 204,
In a possible implementation manner, in a case that it is detected that domain name information corresponding to a target network request is not recorded, the domain name detecting end may further determine a destination IP address corresponding to the target network request that is not recorded, and then may send a guiding instruction carrying the destination IP address to the recording leading end when sending the guiding instruction to the recording leading end.
Specifically, when it is detected that the domain name information corresponding to the target network request is not recorded, the domain name detecting end may analyze packet data of the target network request that is not recorded, so as to obtain a destination IP address corresponding to the target network request.
In a possible implementation manner, for any target network request, if the domain name detection end determines whether the domain name information of the target network request is already recorded, the assigned data of the packet data corresponding to the any target network request in the domain name detection end may be directly deleted.
With respect to step 205,
When responding to the guiding instruction, the record leading end can generate a route traction instruction based on a destination IP address in the guiding instruction, then send the route traction instruction to a router of an internet data center, and then obtain message data, in the message data which is not distributed currently, of which the corresponding destination IP address is the same as the target network request which is not recorded, from the router of the internet data center.
Here, after the message data of the internet data center is dragged to the record leading end, the message data of the internet data center may be moved to the record leading end, and at this time, the message data dragged is not included in the internet data center.
The reason that the record leading end can only pull all the message data with the same destination IP address as the unregistered target network request to the record leading end when performing data pulling is that the record leading end sends a route pulling instruction to a router of an internet data center, and the minimum identification granularity of the router is an IP address, that is, the router cannot recognize which message data is the target network request corresponding to the unregistered domain name information detected by the domain name detecting end, and can only pull all the message data with the same destination IP address as the unregistered target network request to the record leading end.
It should be noted that, because the message data acquired in step 201 is copy data of the message data of the internet data center, and the message data of the internet data center itself is not changed, a certain time is consumed by the domain name detecting end in the process of executing step 201 to step 204, and in this time, some message data of the target network request whose domain name information is not recorded may be distributed to the corresponding server, and therefore, the message data pulled from the internet data may not include the message data of the target network request detected by the domain name detecting end.
For example, if the internet data center includes message data corresponding to a target network request 1, a target network request 2, and a target network request 3, the domain name detection end may obtain copy data of the message data corresponding to the target network request 1, the target network request 2, and the target network request 3, then determine whether domain name information corresponding to the target network request 1, the target network request 2, and the target network request 3 is already filed based on the copy data, if it is detected that the domain name information corresponding to the target network request 2 is not filed, a guidance instruction may be sent to the filing guidance end, and the filing guidance end may pull, to the filing guidance end, the message data in which a corresponding destination IP address is the same as the target network request 2 in the undistributed message data center in the current internet data center. In the process, as it takes a certain time for the domain name detection end to detect whether the domain name information of the target network request 1, the target network request 2 and the target network request 3 is already filed, the message data corresponding to the target network request 2 may have been already distributed to a corresponding server, if after receiving a road pulling instruction at the internet data center, the message data of the target network request 4 and the target network request 5 are received, and the destination IP addresses of the target network request 4 and the target network request 5 are the same as the destination IP address of the target network request 2, the message data of the target network request 4 and the target network request 5 may be directly pulled to the filing leader at this time.
In one possible implementation, the same message data as the request of the target network which is not recorded can be stopped from being pulled by the internet data center by any one of the following methods:
method 1,
The record leading end draws the message data with the corresponding destination IP address same as the target network request which is not recorded to the record leading end within a preset time length after receiving the guiding instruction sent by the domain name detection end, and the record leading end can stop drawing the message data after the time length from receiving the guiding instruction sent by the domain name detection end exceeds the preset time length (the time length can also be understood as the preset time length after the domain name detection end sends the guiding instruction), at this time, the domain name detection end can obtain the copy data of the message data from the internet data center and detect the copy data again, namely, the step 201 to the step 205 are executed again.
It should be noted that, if the packet data is dragged to the record leading end, the domain name detection end cannot obtain the copy data of the packet data, that is, after the record leading end issues a route dragging instruction of any destination IP address, the packet data sent to the destination IP address does not need to be copied.
Method 2,
If the domain name information which is not recorded is recorded, the recorded domain name information stored by the domain name detection end can be updated, and the recorded leading end is controlled to carry out message data traction according to the IP address corresponding to the updated recorded domain name information.
For example, if the currently-dragged packet data of the record leading end is the packet data of which the corresponding destination IP address is IP address 1 or IP address 2, after the recorded domain name information stored in the domain name detecting end is updated, the domain name information corresponding to IP address 1 is already recorded, and the packet data of which the corresponding destination IP address is IP address 1 may not be dragged any more.
With respect to step 206,
In a possible implementation manner, when the record-keeping boot is performed based on the message data pulled to the record-keeping boot, the method shown in fig. 3 may be referred to, and includes the following steps:
Because the record leading end draws the message data with the same destination IP address and the same target network request which is not recorded to the record leading end when drawing the message data, because one destination IP address can have a plurality of domain names, some domain names may be recorded and some domain names are not recorded in the plurality of domain names, at this time, the message data drawn to the record leading end may include the message data of the target network request which is not recorded by the domain name information and the message data of the target network request which is recorded by the domain name information, therefore, the record leading end needs to redetermine the domain name information of the target network request in the drawn message data and detect whether the domain name information is recorded one by one.
Here, the first preset request type is a request carrying domain name information in packet data corresponding to the network request, and may be, for example, an http request, an https request, or the like.
When determining the domain name information of the target network request, the message data corresponding to the target network request needs to be analyzed, before determining the domain name information of the target network request, whether the target network request is of a first preset request type is determined, so that the target network request can be ensured to carry the domain name information, and for the target network request of which the request type is not of the first preset request type, the target message data of the target network request can be directly injected back to a router of an internet data center, and the router forwards the target message data.
Here, the router that reinjects the target message data to the internet data center may be understood as a router that moves the target message data from the filing leading end to the internet data center, and the router may send the target message data to a corresponding server.
In a possible implementation manner, the second preset request type may be a network request for plaintext transmission, for example, an http request, and for the http request, when a docketing guidance page is fed back to a user initiating the http request, a corresponding http status code 200OK may be sent to the user by using a DNS hijacking method, indicating that the user has successfully established a connection with a server, and then the docketing guidance page is fed back to the user.
For a first preset request type except a second preset request type, such as an https request, since the message data of the https request needs to be encrypted by a certificate in the transmission process, that is, the data transmitted to the user side needs to be encrypted (here, the docket guidance page data needs to be encrypted), and since the https request is asymmetric in the transmission process, the docket guidance end cannot obtain the encryption public key and the certificate of the https request, the docket guidance page data cannot be encrypted, and thus the docket guidance page cannot be rebounded to the user side initiating the https request.
In a possible implementation manner, when it is detected that the domain name information requested by the target network is domain name information that is not filed and the request type requested by the target network is not a second preset request type (for example, the target network request is an https request), the filed leading end may directly discard the target packet data corresponding to the target network request to block the target network request.
Specifically, when discarding the target packet data corresponding to the target network request, the record-adding leader may directly delete all the target packet data corresponding to the target network request, or delete only the packet data in the TLS handshake stage corresponding to the target network request.
Therefore, as the target message data corresponding to the target network request is discarded, the user terminal initiating the target network request cannot naturally establish connection with the server, that is, the user terminal cannot realize normal access to the server.
With reference to fig. 4, a schematic flow chart of a domain name record detecting system provided in an embodiment of the present disclosure is shown, and includes:
the domain name detection end executes:
detecting message data, judging whether the message data is message data corresponding to an http request, if so, acquiring a secondary domain name of the http request from a host field of the message data, if not, judging whether the message data is message data corresponding to the http request, if so, acquiring the secondary domain name of the http request from an SNI field of the message data, and if not, returning to detect the next message data.
After the second-level domain name is obtained, a recorded domain name database can be inquired, all recorded domain names are stored in the database, whether the obtained second-level domain name is recorded or not is detected, if yes, next message data is returned to be detected, and if not, a guiding instruction is issued to a recording leading end.
The record leading end executes:
receiving a guiding instruction sent by a domain name detection end, generating a route traction instruction based on the guiding instruction, drawing message data with the same destination IP address and an unregistered network request from the Internet data center to the registration guiding end, after flow traction (namely message data traction) is completed, aiming at any message data, detecting a secondary domain name corresponding to the message data, wherein the specific detection method is the same as the method for obtaining the secondary domain name by the domain name detection end, and if the request is neither an http request nor an https request, the message data is reinjected to a router of the Internet data center and the next message data is returned to be detected.
After a second-level domain name is obtained, whether the second-level domain name is in a domain name white list or not can be detected, the domain name white list is a list corresponding to a filed domain name, if yes, the second-level domain name is described to be filed, message data corresponding to the second-level domain name are directly injected back to a router of an internet data center, the router forwards the message data and returns to detect next message data, if not, whether the message data corresponding to the second-level domain name are http messages or not is detected, if yes, a filing guide page is fed back to a user side, the next message data are returned and detected, and if not, the message data are discarded to block connection between the user side and a server, and the next message data are returned and detected.
Here, the detecting the next message data by the record leading end is to return and detect other message data dragged to the record leading end, and the detection sequence of each message data may be determined according to the sequence dragged to the record leading end.
Based on the same concept, the present disclosure further provides a domain name record detection method, which is applied to a domain name detection end, and as shown in fig. 5, the method provides a flow diagram of the domain name record detection method according to the embodiment of the present disclosure, and includes the following steps:
In a possible implementation manner, when determining the domain name information corresponding to the target network request based on the duplicated data, the target request type of the target network request may be determined first, and then the domain name information corresponding to the target network request is obtained from the packet data corresponding to the target network request based on the domain name information obtaining method corresponding to the target request type.
In a possible implementation manner, when it is detected that domain name information corresponding to a target network request is not recorded, a destination IP address corresponding to the target network request that is not recorded may also be determined, and then when a guidance instruction is sent to a recorded leading end, a guidance instruction carrying the destination IP address may be sent to the recorded leading end.
Based on the same concept, the present disclosure further provides another domain name record detection method, which is applied to a record leading end, and referring to fig. 6, a schematic flow diagram of the another domain name record detection method provided by the embodiment of the present disclosure is shown, and the method includes the following steps:
Specifically, when the guiding instruction is responded, a route pulling instruction may be generated based on a destination IP address in the guiding instruction, then the route pulling instruction is sent to a router of the internet data center, and then message data with a corresponding destination IP address identical to the target network request that is not recorded in the current undistributed message data is obtained from the router of the internet data center.
603, carrying out the record guiding based on the message data dragged to the record guiding end.
In a possible implementation manner, when the record-up guidance is performed based on the message data towed to the record-up guidance end, for any target network request corresponding to the message data towed to the record-up guidance end, under the condition that the request type of the any target network request is a first preset request type, determining domain name information of the target network request based on the target message data corresponding to the target network request; and then, under the condition that the domain name information of the target network request is detected to be unregistered domain name information and the request type of the target network request is a second preset request type, feeding back a registration guiding page to a user side initiating the target network request, wherein the first preset request type comprises the second preset request type.
In a possible implementation manner, when it is detected that the domain name information of the target network request is domain name information that is not filed and the request type of the target network request is not the second preset request type, the target packet data corresponding to the target network request may be discarded, so as to block the target network request.
In a possible implementation manner, for any target network request, in the case that the request type of the any target network request is not the first preset request type, the target packet data requested by the any target network may be reinjected to the router of the internet data center, and the router forwards the target packet data.
The detailed description of the steps performed specifically for the method described above refers to the detailed description of the system shown in fig. 2, and will not be described herein again.
It will be understood by those of skill in the art that in the above method of the present embodiment, the order of writing the steps does not imply a strict order of execution and does not impose any limitations on the implementation, as the order of execution of the steps should be determined by their function and possibly inherent logic.
Based on the same inventive concept, the embodiment of the present disclosure further provides a domain name record detection apparatus corresponding to the domain name record detection method, and as the principle of the apparatus in the embodiment of the present disclosure for solving the problem is similar to the domain name record detection method described in the embodiment of the present disclosure, the implementation of the apparatus may refer to the implementation of the method, and repeated details are not repeated.
Referring to fig. 7, a schematic diagram of an architecture of a domain name record detection apparatus provided in the embodiment of the present disclosure is shown, where the apparatus includes: an acquisition module 701, a determination module 702, and a detection module 703; wherein the content of the first and second substances,
an obtaining module 701, configured to obtain duplicated data of message data corresponding to a target network request of an internet data center;
a determining module 702, configured to determine, based on the replication data, domain name information corresponding to the target network request;
a detecting module 703, configured to detect whether domain name information corresponding to the target network request is already filed, and if not, send a guiding instruction to a filing leading end, where the guiding instruction is used to instruct the filing leading end to pull packet data from the internet data center and perform filing guidance.
In a possible implementation manner, the determining module 702, when determining that the target network requests the corresponding domain name information based on the replication data, is configured to:
determining a target request type of the target network request;
and acquiring the domain name information corresponding to the target network request from the message data corresponding to the target network request based on the domain name information acquisition method corresponding to the target request type.
In a possible implementation manner, the detecting module 703, in a case that it is detected that domain name information corresponding to the target network request is not recorded, is further configured to:
determining a destination IP address corresponding to the target network request which is not recorded;
the detecting module 703, when sending a guiding instruction to the record-keeping leading end, is configured to:
and sending a guiding instruction carrying the destination IP address to the record leading end.
Referring to fig. 8, a schematic diagram of an architecture of another domain name record detection apparatus provided in the embodiment of the present disclosure is shown, where the apparatus includes: a receiving module 801, a traction module 802 and a guiding module 803; wherein, the first and the second end of the pipe are connected with each other,
a receiving module 801, configured to receive a bootstrap instruction, where the bootstrap instruction carries a destination IP address of an unregistered target network request;
a traction module 802, configured to respond to the guiding instruction, and traction, to the record leading end, packet data that has a corresponding destination IP address that is the same as the target network request that is not recorded, in packet data that is not currently distributed by the internet data center;
and a guiding module 803, configured to perform filing guiding based on the message data that is dragged to the filing guiding end.
In a possible implementation manner, when responding to the guiding instruction, the pulling module 802 is configured to, in message data currently not distributed by an internet data center, pull, to the filing leading end, message data whose corresponding destination IP address is the same as the unregistered target network request:
generating a route traction instruction based on a destination IP address in the guide instruction;
sending the route pulling instruction to a router of the Internet data center;
and acquiring message data with the corresponding destination IP address same as the target network request which is not recorded in the current undistributed message data from a router of the Internet data center.
In a possible implementation manner, when performing record guidance based on the message data that is sent to the record guidance end, the guidance module 803 is configured to:
for any target network request corresponding to the message data which is led to the record leading end, determining domain name information of the target network request based on the target message data corresponding to the target network request under the condition that the request type of the any target network request is a first preset request type;
and under the condition that the domain name information of the target network request is detected to be unregistered domain name information and the request type of the target network request is a second preset request type, feeding back a registration guiding page to a user side initiating the target network request, wherein the first preset request type comprises the second preset request type.
In a possible implementation manner, the guiding module 803, when detecting that the domain name information requested by the target network is unregistered domain name information and the request type requested by the target network is not a second preset request type, is further configured to:
and discarding the target message data corresponding to the target network request to block the target network request.
In a possible implementation manner, for any target network request, in a case that a request type of the any target network request is not a first preset request type, the directing module 803 is further configured to:
and the target message data requested by any target network is injected back to the router of the Internet data center, and the router forwards the target message data.
The description of the processing flow of each module in the apparatus and the interaction flow between the modules may refer to the relevant description in the above method embodiments, and will not be described in detail here.
Corresponding to the domain name record detection method in fig. 5, an embodiment of the present disclosure further provides a computer device. Referring to fig. 9, a schematic structural diagram of a computer device 900 provided in the embodiment of the present disclosure includes a processor 901, a memory 902, and a bus 903. The memory 902 is used for storing execution instructions, and includes a memory 9021 and an external memory 9022; the memory 9021 is also referred to as an internal memory, and is configured to temporarily store operation data in the processor 901 and data exchanged with an external memory 9022 such as a hard disk, the processor 901 exchanges data with the external memory 9022 through the memory 9021, and when the computer device 900 is operated, the processor 901 communicates with the memory 902 through the bus 903, so that the processor 901 executes the following instructions:
obtaining copy data of message data corresponding to a target network request of an internet data center;
determining domain name information corresponding to the target network request based on the copied data;
and detecting whether the domain name information corresponding to the target network request is already recorded, if not, sending a guiding instruction to a recording leading end, wherein the guiding instruction is used for indicating the recording leading end to pull message data from the internet data center and carry out recording guiding.
Corresponding to the domain name record detection method in fig. 6, the embodiment of the present disclosure further provides a computer device. Referring to fig. 10, a schematic structural diagram of a computer device 1000 provided in the embodiment of the present disclosure includes a processor 1001, a memory 1002, and a bus 1003. The memory 1002 is used for storing execution instructions, and includes a memory 10021 and an external memory 10022; the memory 10021 is also referred to as an internal memory, and is used for temporarily storing the operation data in the processor 1001 and the data exchanged with the external memory 10022 such as a hard disk, the processor 1001 exchanges data with the external memory 10022 through the memory 10021, and when the computer device 1000 operates, the processor 1001 and the memory 1002 communicate through the bus 1003, so that the processor 1001 executes the following instructions:
receiving a guiding instruction, wherein the guiding instruction carries a destination IP address of an unreported target network request;
responding to the guiding instruction, and drawing message data with the corresponding destination IP address being the same as the target network request which is not recorded in the message data which is not distributed currently in the internet data center to the recording guiding end;
and carrying out the record guiding based on the message data dragged to the record guiding end.
The embodiments of the present disclosure further provide a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the computer program performs the steps of the domain name record detection method described in the foregoing method embodiments. The storage medium may be a volatile or non-volatile computer-readable storage medium.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the system and the apparatus described above may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again. In the several embodiments provided in the present disclosure, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is only one logical division, and there may be other divisions when actually implemented, and for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection of devices or units through some communication interfaces, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present disclosure may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a non-volatile computer-readable storage medium executable by a processor. Based on such understanding, the technical solution of the present disclosure may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present disclosure. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
Finally, it should be noted that: the above-mentioned embodiments are merely specific embodiments of the present disclosure, which are used to illustrate the technical solutions of the present disclosure, but not to limit the technical solutions, and the scope of the present disclosure is not limited thereto, and although the present disclosure is described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand that: any person skilled in the art can modify or easily conceive of the technical solutions described in the foregoing embodiments or equivalent technical features thereof within the technical scope of the present disclosure; such modifications, changes and substitutions do not depart from the spirit and scope of the embodiments disclosed herein, and they should be construed as being included therein. Therefore, the protection scope of the present disclosure shall be subject to the protection scope of the claims.
Claims (19)
1. A system for detecting domain name filing, comprising:
the domain name detection terminal is used for acquiring the copy data of the message data corresponding to the target network request of the Internet data center, determining the domain name information corresponding to the target network request based on the copy data, detecting whether the domain name information corresponding to the target network request is recorded or not, and if not, sending a guiding instruction to the recording leading terminal;
and the record leading end is used for responding to the guiding instruction, drawing the message data of which the corresponding destination IP address is the same as the target network request which is not recorded in the message data which is not distributed by the Internet data center to the record leading end from the Internet data center, and carrying out record guiding based on the message data drawn to the record leading end.
2. The system according to claim 1, wherein the domain name detecting end, when determining the domain name information corresponding to the target network request based on the duplicated data, is configured to:
determining a target request type of the target network request;
and acquiring the domain name information corresponding to the target network request from the message data corresponding to the target network request based on the domain name information acquisition method corresponding to the target request type.
3. The system according to claim 1, wherein the domain name detecting end, when detecting that the domain name information corresponding to the target network request is not recorded, is further configured to:
determining a destination IP address corresponding to the target network request which is not recorded;
the domain name detection end is used for:
and sending a guiding instruction carrying the destination IP address to the record guiding end.
4. The system according to claim 3, wherein the record initiating terminal, when responding to the initiating instruction and towing message data, which is not currently distributed by the internet data center and has a corresponding destination IP address that is the same as the target network request that is not recorded, from the internet data center to the record initiating terminal, is configured to:
generating a route traction instruction based on a destination IP address in the guide instruction;
sending the routing traction instruction to a router of the Internet data center;
and acquiring message data with the corresponding destination IP address same as the target network request which is not recorded in the current undistributed message data from a router of the Internet data center.
5. The system of claim 4, wherein the docket leader, when performing docket leader based on the message data towed thereto, is configured to:
for any target network request corresponding to the message data which is led to the record leading end, determining domain name information of the target network request based on the target message data corresponding to the target network request under the condition that the request type of the any target network request is a first preset request type;
and under the condition that the domain name information of the target network request is detected to be unregistered domain name information and the request type of the target network request is a second preset request type, feeding back a registration guiding page to a user side initiating the target network request, wherein the first preset request type comprises the second preset request type.
6. The system according to claim 5, wherein in case that it is detected that the domain name information of the target network request is unregistered domain name information and the request type of the target network request is not a second predetermined request type, the registration leading end is further configured to:
and discarding the target message data corresponding to the target network request to block the target network request.
7. The system of claim 5, wherein for any target network request, in case the request type of the any target network request is not the first preset request type, the docket leader is further configured to:
and the target message data requested by any target network is reinjected to the router of the Internet data center, and the router forwards the target message data.
8. A domain name record detection method is characterized in that the method is applied to a domain name detection end and comprises the following steps:
obtaining copy data of message data corresponding to a target network request of an internet data center;
determining domain name information corresponding to the target network request based on the copied data;
detecting whether domain name information corresponding to the target network request is recorded, if not, sending a guiding instruction to a recording leading end, wherein the guiding instruction carries a target IP address of the target network request, and the guiding instruction is used for indicating the recording leading end to pull message data, of which the corresponding target IP address is the same as the target IP address of the target network request, from message data which are not distributed currently by the internet data center, and to perform recording guiding on the pulled message data.
9. The method of claim 8, wherein the determining, based on the replication data, domain name information corresponding to the target network request comprises:
determining a target request type of the target network request;
and acquiring the domain name information corresponding to the target network request from the message data corresponding to the target network request based on the domain name information acquisition method corresponding to the target request type.
10. The method of claim 8, wherein in case that it is detected that the domain name information corresponding to the target network request is not filed, the method further comprises:
determining a destination IP address corresponding to the target network request which is not recorded;
the sending of the guiding instruction to the filing leading end includes:
and sending a guiding instruction carrying the destination IP address to the record leading end.
11. A domain name filing detection method is applied to a filing leading end and comprises the following steps:
receiving a guiding instruction sent by a domain name detection end, wherein the guiding instruction carries a destination IP address of a target network request which is not recorded; the guiding instruction is sent by the domain name detection end under the condition that domain name information of a target network request is determined to be not recorded based on copy data after the copy data of message data corresponding to the target network request of an internet data center is obtained;
responding to the guiding instruction, and drawing message data with the corresponding destination IP address being the same as the target network request which is not recorded in the message data which is not distributed currently in the internet data center to the recording guiding end;
and carrying out the record guiding based on the message data dragged to the record guiding end.
12. The method according to claim 11, wherein the step of, in response to the guiding instruction, pulling, to the docketing leading end, message data, which is in the currently undistributed message data of the internet data center and has a corresponding destination IP address identical to the unregistered target network request, includes:
generating a route traction instruction based on a destination IP address in the guide instruction;
sending the route pulling instruction to a router of the Internet data center;
and acquiring message data with the corresponding destination IP address same as the target network request which is not recorded in the current undistributed message data from a router of the Internet data center.
13. The method of claim 11, wherein the performing the docketing guidance based on the message data towed to the docketing guidance end comprises:
for any target network request corresponding to the message data dragged to the record leading end, determining domain name information of the target network request based on the target message data corresponding to the target network request under the condition that the request type of the any target network request is a first preset request type;
and under the condition that the domain name information of the target network request is detected to be unregistered domain name information and the request type of the target network request is a second preset request type, feeding back a registration guiding page to a user side initiating the target network request, wherein the first preset request type comprises the second preset request type.
14. The method according to claim 13, wherein in case that it is detected that the domain name information of the target network request is unregistered domain name information and the request type of the target network request is not a second predetermined request type, the method further comprises:
and discarding the target message data corresponding to the target network request to block the target network request.
15. The method of claim 13, wherein for any target network request, in case the request type of the any target network request is not the first preset request type, the method further comprises:
and the target message data requested by any target network is reinjected to the router of the Internet data center, and the router forwards the target message data.
16. A domain name filing detection apparatus, comprising:
the acquisition module is used for acquiring copy data of message data corresponding to a target network request of the Internet data center;
the determining module is used for determining domain name information corresponding to the target network request based on the replication data;
and the detection module is used for detecting whether the domain name information corresponding to the target network request is recorded, if not, sending a guiding instruction to a recording leading end, wherein the guiding instruction carries a destination IP address of the target network request, and the guiding instruction is used for indicating the recording leading end to pull message data of which the corresponding destination IP address is the same as the destination IP address of the target network request from message data which is not distributed currently by the internet data center, and to record and guide the pulled message data.
17. A domain name filing detection apparatus, comprising:
the receiving module is used for receiving a guiding instruction sent by a domain name detection end, wherein the guiding instruction carries a destination IP address of an unregistered target network request; the guiding instruction is sent by the domain name detection end under the condition that domain name information of a target network request is determined to be not recorded based on copy data after the copy data of message data corresponding to the target network request of an internet data center is obtained;
the traction module is used for responding to the guiding instruction and drawing the message data of which the corresponding destination IP address is the same as the request of the unmarked target network in the message data which is not distributed currently in the internet data center to the filing guiding end;
and the guiding module is used for carrying out the filing guiding based on the message data dragged to the filing guiding end.
18. A computer device, comprising: a processor, a memory and a bus, the memory storing machine readable instructions executable by the processor, the processor and the memory communicating over the bus when a computer device is run, the machine readable instructions, when executed by the processor, performing the steps of the domain name record detection method according to any one of claims 8 to 10, or performing the steps of the domain name record detection method according to any one of claims 11 to 15.
19. A computer-readable storage medium, characterized in that the computer-readable storage medium has stored thereon a computer program which, when being executed by a processor, performs the steps of the domain name record detection method according to any one of claims 8 to 10, or performs the steps of the domain name record detection method according to any one of claims 11 to 15.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110069571.0A CN112866430B (en) | 2021-01-19 | 2021-01-19 | Domain name record detection system, method, device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110069571.0A CN112866430B (en) | 2021-01-19 | 2021-01-19 | Domain name record detection system, method, device and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112866430A CN112866430A (en) | 2021-05-28 |
| CN112866430B true CN112866430B (en) | 2023-02-24 |
Family
ID=76007290
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110069571.0A Active CN112866430B (en) | 2021-01-19 | 2021-01-19 | Domain name record detection system, method, device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112866430B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117640261A (en) * | 2024-01-26 | 2024-03-01 | 宁德时代新能源科技股份有限公司 | Data transmission method, data transfer device, data management equipment and system |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109040333A (en) * | 2018-07-10 | 2018-12-18 | 厦门秦淮科技有限公司 | A kind of domain name is put on record management system |
| CN109474587A (en) * | 2018-11-01 | 2019-03-15 | 北京亚鸿世纪科技发展有限公司 | The method that HTTP based on letter peace system kidnaps monitoring analysis and positioning |
| CN109951579A (en) * | 2019-03-20 | 2019-06-28 | 腾讯科技(深圳)有限公司 | Domain name processing method, device, computer readable storage medium and computer equipment |
| CN110049022A (en) * | 2019-03-27 | 2019-07-23 | 深圳市腾讯计算机系统有限公司 | A kind of domain name access control method, device and computer readable storage medium |
| CN110933156A (en) * | 2019-11-26 | 2020-03-27 | 杭州迪普科技股份有限公司 | Domain name resolution method and device |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9258270B2 (en) * | 2013-05-23 | 2016-02-09 | International Business Machines Corporation | Selecting between domain name system servers of a plurality of networks |
-
2021
- 2021-01-19 CN CN202110069571.0A patent/CN112866430B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109040333A (en) * | 2018-07-10 | 2018-12-18 | 厦门秦淮科技有限公司 | A kind of domain name is put on record management system |
| CN109474587A (en) * | 2018-11-01 | 2019-03-15 | 北京亚鸿世纪科技发展有限公司 | The method that HTTP based on letter peace system kidnaps monitoring analysis and positioning |
| CN109951579A (en) * | 2019-03-20 | 2019-06-28 | 腾讯科技(深圳)有限公司 | Domain name processing method, device, computer readable storage medium and computer equipment |
| CN110049022A (en) * | 2019-03-27 | 2019-07-23 | 深圳市腾讯计算机系统有限公司 | A kind of domain name access control method, device and computer readable storage medium |
| CN110933156A (en) * | 2019-11-26 | 2020-03-27 | 杭州迪普科技股份有限公司 | Domain name resolution method and device |
Non-Patent Citations (1)
| Title |
|---|
| 上海电信未备案域名网站发现及处置系统技术实现;张宏丙;《电子技术与软件工程》;20190430(第7期);13-15 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112866430A (en) | 2021-05-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10951495B2 (en) | Application signature generation and distribution | |
| CN109802924B (en) | Method and device for identifying encrypted data stream | |
| CN106953795B (en) | Method and device for configuring multiple network cards | |
| US20090241188A1 (en) | Communication monitoring apparatus and communication monitoring method | |
| AU2008262281B2 (en) | System and method for advertising on a peer-to-peer network | |
| AU2008239682B2 (en) | A system and method for creating a list of shared information on a peer-to-peer network | |
| US9331932B2 (en) | Network system | |
| US7990870B2 (en) | Peer-to-peer traffic management based on key presence in peer-to-peer control transfers | |
| Auffret | SinFP, unification of active and passive operating system fingerprinting | |
| EP2482497B1 (en) | Data forwarding method, data processing method, system and device thereof | |
| WO2009046642A1 (en) | Data distributing method, data distributing system and correlative devices in edge network | |
| CN111818073B (en) | Method, device, equipment and medium for detecting defect host | |
| JP2008146517A (en) | System for distributing data and apparatus for maintaining index | |
| CN102932391A (en) | Method and device for processing data in peer to server/peer (P2SP) system, and P2SP system | |
| CN114172854B (en) | Report Wen Jingxiang, mirror image configuration method, virtual switch and mirror image configuration device | |
| CN112866430B (en) | Domain name record detection system, method, device and storage medium | |
| CN101741745B (en) | Method and system for identifying application traffic of peer-to-peer network | |
| Park et al. | Improving tor hidden service crawler performance | |
| CN113849820A (en) | Vulnerability detection method and device | |
| US9385992B2 (en) | Inline key-based peer-to-peer processing | |
| JP2005323322A (en) | System for storing and analyzing log information | |
| US8051167B2 (en) | Optimized mirror for content identification | |
| CN111131484A (en) | Node mounting method, device, network node and storage medium | |
| CN109617787A (en) | For the message method of sending and receiving of block chain network, storage medium, calculate equipment | |
| CN103095529A (en) | Method and device for detecting engine device, firewall and network transmission file |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |