CN113645054B - Wireless network equipment configuration method and system - Google Patents
Wireless network equipment configuration method and system Download PDFInfo
- Publication number
- CN113645054B CN113645054B CN202110520516.9A CN202110520516A CN113645054B CN 113645054 B CN113645054 B CN 113645054B CN 202110520516 A CN202110520516 A CN 202110520516A CN 113645054 B CN113645054 B CN 113645054B
- Authority
- CN
- China
- Prior art keywords
- mobile terminal
- wireless network
- password
- interception
- wifi
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0889—Techniques to speed-up the configuration process
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W24/00—Supervisory, monitoring or testing arrangements
- H04W24/02—Arrangements for optimising operational condition
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The application provides a wireless network equipment configuration method and a system, wherein the method comprises the following steps: the first mobile terminal obtains a first WiFi name, a first WiFi password, a first management address and a first management account password which are prestored in the wireless network device by scanning a first identification code on the wireless network device, and accesses a wireless local area network provided by the wireless network device according to the first WiFi name and the first WiFi password; the method comprises the steps that a first mobile terminal obtains network configuration information set by a user, and sends a configuration request carrying a first management account password and the network configuration information to a first management address; and the wireless network equipment verifies the configuration request according to the first management account password and then applies the network configuration information. Therefore, the mobile terminal scans the identification code arranged on the wireless network equipment, so that the mobile terminal automatically completes actions such as WiFi access and network configuration of the wireless network equipment, a great deal of complicated manual operation is not needed by a user, the efficiency of the configuration of the wireless network equipment can be improved, and the possibility of configuration errors is reduced.
Description
Technical Field
The present application relates to the field of network devices, and in particular, to a method and a system for configuring a wireless network device.
Background
With the popularization and development of network information technology, broadband network coverage is wider and wider, and accessing broadband by using wireless network equipment is a very popular terminal equipment internet surfing mode at present. Prior to accessing a broadband network using a wireless network device, a series of configurations of the wireless network device are typically required, such as configuring a WiFi name, a WiFi password, a device management account number, a device management password, a dial-up internet account number, a dial-up internet password, and the like.
In the conventional wireless network device configuration method, it is generally required to access the wireless network device by a wired or wireless manner using a terminal device, then open a wireless network device management page according to a management address, and then perform some column configuration on the management page. The operation action for completing one-time configuration operation is complex, the operation chain is long, the operation process is not friendly to non-professional common users, and even professional network maintenance personnel have low configuration efficiency.
Disclosure of Invention
To overcome the above-mentioned shortcomings in the prior art, an object of the present application is to provide a wireless network device configuration method, which includes:
The method comprises the steps that a first mobile terminal obtains a first WiFi name, a first WiFi password, a first management address and a first management account password which are prestored in wireless network equipment by scanning a first identification code on the wireless network equipment;
the first mobile terminal accesses a wireless local area network provided by the wireless network device according to the first WiFi name and the first WiFi password;
the first mobile terminal responds to user operation and acquires network configuration information set by a user, wherein the network configuration information comprises updated second WiFi names, second WiFi passwords, second management addresses or second management account passwords;
the first mobile terminal sends a configuration request carrying the first management account password and the network configuration information to the first management address;
and the wireless network equipment verifies the configuration request according to the pre-stored first management account number password, and applies the network configuration information after the verification is passed.
In one possible implementation manner, the step of obtaining, by the first mobile terminal, the initial first WiFi name, the first WiFi password, the first management address, and the first management account password of the wireless network device by scanning a first identification code on the wireless network device includes:
The method comprises the steps that a first mobile terminal obtains an identity of wireless network equipment by scanning a first identification code on the wireless network equipment;
the first mobile terminal sends a login information acquisition request to a server, wherein the login information acquisition request carries an identity of the wireless network equipment;
and the server searches the first WiFi name, the first WiFi password, the first management address and the first management account password corresponding to the wireless network equipment according to the identity of the wireless network equipment in the received login information acquisition request and sends the first WiFi name, the first WiFi password, the first management address and the first management account password to the first mobile terminal.
In one possible implementation, the method further includes:
the server pre-records the corresponding relation between the identity of the user purchasing the wireless network equipment and the identity of the wireless network equipment;
the step of sending a login information acquisition request to a server by the first mobile terminal comprises the following steps:
the first mobile terminal sends a login information acquisition request carrying an identity of a user logged in on the first mobile terminal and an identity of the wireless network device to a server;
The step of searching the initial first WiFi name, the first WiFi password, the first management address and the first management account password of the wireless network equipment according to the identity of the wireless network equipment in the received login information acquisition request by the server and sending the initial first WiFi name, the first WiFi password, the first management address and the first management account password to the first mobile terminal comprises the following steps:
the server verifies whether the identity of the user in the login information acquisition request accords with the identity of the wireless network equipment according to the pre-stored corresponding relation;
if yes, searching a first WiFi name, a first WiFi password, a first management address and a first management account password corresponding to the identity of the wireless network equipment, and sending the first WiFi name, the first WiFi password, the first management address and the first management account password to the first mobile terminal.
In one possible implementation, the method further includes:
the first mobile terminal acquires a communication identifier, network service time and a speed limiting strategy of the second mobile terminal;
the first mobile terminal encrypts the communication identifier of the second mobile terminal, the network service time and the speed limiting strategy according to the second management account number password to obtain encryption information;
the first mobile terminal generates a second identification code according to the encryption information and a second management address of the wireless network equipment;
The second mobile terminal obtains the second management address and the encryption information by scanning the second identification code, and sends networking configuration information carrying the encryption information to the second management address;
the wireless network equipment decrypts the encryption information in the received networking configuration information according to the second management account number password to obtain a communication identifier of the second mobile terminal, the network service time and the speed limiting strategy;
and the wireless network equipment adds the second mobile terminal into a permitted internet surfing white list according to the communication identifier of the second mobile terminal, and limits the internet surfing time and speed of the second mobile terminal according to the network using time and the speed limiting strategy.
In one possible implementation manner, the step of encrypting, by the first mobile terminal, the communication identifier of the second mobile terminal, the network usage time and the speed limiting policy according to the second management account password to obtain encrypted information includes:
the first mobile terminal acquires the current time as the authorized time;
the first mobile terminal encrypts the authorization time, the communication identifier of the second mobile terminal, the network service time and the speed limiting strategy by using the second management account number password to obtain the encryption information;
The wireless network device decrypts the received encrypted information according to the second management account number and password to obtain the communication identifier of the second mobile terminal, the network service time and the speed limiting policy, and the method comprises the following steps:
the wireless network equipment decrypts the encryption information in the networking configuration information received at this time according to the second management account number password to obtain a communication identifier of the second mobile terminal, the network service time, the speed limiting strategy and the authorization time;
the wireless network equipment detects whether historical networking configuration information which is the same as the authorization time of the networking configuration information received at the time is received or not;
if yes, the networking configuration information of the time is not processed;
if not, recording the received networking configuration information as historical networking configuration information, and then executing the steps of adding the second mobile terminal into a permitted surfing white list, and limiting the surfing time and speed of the second mobile terminal according to the network use time and the speed limiting strategy.
In one possible implementation manner, before the step of the first mobile terminal obtaining the communication identifier, the network usage time and the speed limiting policy of the second mobile terminal, the method further includes:
The second mobile terminal obtains the identity of the wireless network equipment and the address of the server by scanning a first identification code arranged on the wireless network equipment;
and the second mobile terminal sends networking application information to the wireless network equipment according to the address of the server, wherein the networking application information comprises the communication identification of the second mobile terminal and the identification of the wireless network equipment.
And the server searches a first mobile terminal with management authority for the wireless network equipment according to the identity of the wireless network equipment, and sends the networking application information to the first mobile terminal.
In one possible implementation manner, the step of the second mobile terminal obtaining the second management address and the encrypted information by scanning the second identification code, and sending networking configuration information carrying the encrypted information to the second management address includes:
the first mobile terminal generates the second identification code according to the encryption information, a second WiFi name of the wireless network equipment, a second WiFi password and a second management address;
the step of obtaining the second management address and the encryption information by the second mobile terminal through scanning the second identification code comprises the following steps:
The second mobile terminal obtains the second WiFi name, the second WiFi password, the second management address and the encryption information by scanning the second identification code;
and the second mobile terminal accesses the wireless local area network provided by the wireless network device according to the second WiFi name and the second WiFi password, and sends networking configuration information carrying the encryption information to the second management address through the wireless local area network.
In one possible implementation, the wireless network device is further communicatively connected to a network security server, the method further comprising:
when receiving an unknown information access request for updating the current network configuration information, the wireless network equipment intercepts the unknown information access request when the unknown information access request is not matched with a white list member in a trust white list, and simultaneously sends the access configuration information in the unknown information access request to the network security server;
the network security server acquires a historical network event set corresponding to each access configuration attribute in the access configuration information, and after a target network attack event related to a routing operation environment of the wireless network device is found in the historical network event set, updates a routing security protection policy of the wireless network device on the network security server based on a preset update policy of the target network attack event, and simulates network security attack event information in a virtual security protection environment of the wireless network device based on the updated routing security protection policy;
Acquiring response interception behavior objects of a plurality of response interception behaviors responding to the network security attack event information in a virtual security protection environment of the wireless network equipment, and acquiring a plurality of history interception expansion tracking behaviors related to the plurality of response interception behaviors, wherein any history interception expansion tracking behavior comprises an expansion tracking object and an expansion tracking path set;
determining the response interception behavior of each history interception expansion tracking behavior according to the expansion tracking object of each history interception expansion tracking behavior and the response interception behavior objects of a plurality of response interception behaviors;
clustering the plurality of history interception extended tracking behaviors according to the extended tracking path set of each history interception extended tracking behavior and the response interception behavior to which each history interception extended tracking behavior belongs to obtain response interception behaviors to which a plurality of history interception extended tracking behavior clusters respectively belong;
according to response interception behaviors to which a plurality of history interception extension tracking behavior clusters respectively belong, determining response interception behaviors to which each extension tracking behavior belongs in the plurality of history interception extension tracking behaviors, establishing association relations between each extension tracking behavior and the response interception behavior to which each extension tracking behavior belongs, and performing extension updating on the routing security protection policy based on the established association relation information so as to send the routing security protection policy after extension updating to the wireless network equipment for automatic response configuration.
The application also provides a wireless network equipment configuration system, which comprises a first mobile terminal and wireless network equipment;
the first mobile terminal is used for obtaining a first WiFi name, a first WiFi password, a first management address and a first management account password which are prestored in the wireless network device by scanning a first identification code on the wireless network device;
the first mobile terminal is further used for accessing a wireless local area network provided by the wireless network device according to the first WiFi name and the first WiFi password;
the first mobile terminal is further used for responding to user operation and obtaining network configuration information set by a user, wherein the network configuration information comprises an updated second WiFi name, a second WiFi password, a second management address and a second management account password;
the first mobile terminal is further configured to send a configuration request carrying the first management account password and the network configuration information to the first management address;
the wireless network device is used for verifying the configuration request according to the pre-stored first management account number password, and replacing the first WiFi name, the first WiFi password, the first management address and the first management account number password with the second WiFi name, the second WiFi password, the second management address and the second management account number password after the verification is passed.
In one possible implementation, the system further includes a second mobile terminal;
the first mobile terminal is also used for acquiring a communication identifier, network use time and a speed limiting strategy of the second mobile terminal;
the first mobile terminal is further used for encrypting the communication identifier of the second mobile terminal, the network service time and the speed limiting strategy according to the second management account password to obtain encryption information;
the first mobile terminal is further used for generating a second identification code according to the encryption information and a second management address of the wireless network equipment;
the second mobile terminal is used for obtaining the second management address and the encryption information by scanning the second identification code, and sending networking configuration information carrying the encryption information to the second management address;
the wireless network device is further configured to decrypt the encrypted information in the received networking configuration information according to the second management account password, so as to obtain a communication identifier of the second mobile terminal, the network usage time and the speed limiting policy;
the wireless network device is further configured to add the second mobile terminal to a whitelist allowing internet surfing according to the communication identifier of the second mobile terminal, and limit internet surfing time and speed of the second mobile terminal according to the network use time and the speed limiting policy.
Compared with the prior art, the application has the following beneficial effects:
according to the wireless network equipment configuration method and system, the mobile terminal scans the identification codes arranged on the wireless network equipment, so that the mobile terminal automatically completes actions such as WiFi access and network configuration of the wireless network equipment, a great deal of complicated manual operation is not needed by a user, the efficiency of wireless network equipment configuration can be improved, and the possibility of configuration errors is reduced.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments will be briefly described below, it being understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered limiting the scope, and that other related drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is one of schematic diagrams of a wireless network device configuration system provided in an embodiment of the present application;
fig. 2 is one of schematic diagrams of a wireless network device configuration method according to an embodiment of the present application;
fig. 3 is a second schematic diagram of a wireless network device configuration system according to an embodiment of the present application;
Fig. 4 is a second schematic diagram of a wireless network device configuration method according to an embodiment of the present application.
Detailed Description
For the purposes of making the objects, technical solutions and advantages of the embodiments of the present application more clear, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments. The components of the embodiments of the present application, which are generally described and illustrated in the figures herein, may be arranged and designed in a wide variety of different configurations.
Thus, the following detailed description of the embodiments of the present application, as provided in the accompanying drawings, is not intended to limit the scope of the application, as claimed, but is merely representative of selected embodiments of the application. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.
It should be noted that: like reference numerals and letters denote like items in the following figures, and thus once an item is defined in one figure, no further definition or explanation thereof is necessary in the following figures.
In the description of the present application, the terms "first," "second," "third," and the like are used merely to distinguish between descriptions and are not to be construed as indicating or implying relative importance.
In the description of the present application, it should also be noted that, unless explicitly specified and limited otherwise, the terms "disposed," "mounted," "connected," and "connected" are to be construed broadly, and may be, for example, fixedly connected, detachably connected, or integrally connected; can be mechanically or electrically connected; can be directly connected or indirectly connected through an intermediate medium, and can be communication between two elements. The specific meaning of the terms in this application will be understood by those of ordinary skill in the art in a specific context.
Referring to fig. 1, fig. 1 is a schematic diagram of a wireless network device configuration system provided in this embodiment, where the system may include a first mobile terminal 200 and a wireless network device 100 used by a user.
The first mobile terminal 200 may be a mobile terminal having a wireless local area network (Wireless Local Area Network, WLAN) communication function. The first mobile terminal 200 may also have an image acquisition module that may be used to scan an identification code (e.g., a two-dimensional code, a bar code, etc.). For example, the first mobile terminal 200 may be a smart phone, a tablet computer, a notebook computer with a code scanning function, a personal computer, etc. The wireless network device 100 may be a WLAN enabled wireless network device 100.
In the above scenario, the present embodiment further provides a method for configuring a wireless network device, please refer to fig. 2, and each step of the method is explained in detail below.
Step S110, a first mobile terminal obtains a first WiFi name, a first WiFi password, a first management address and a first management account password which are prestored in wireless network equipment by scanning a first identification code on the wireless network equipment.
In this embodiment, before selling the wireless network device, a merchant selling the wireless network device may paste a first identification code (e.g., a two-dimensional code, a bar code, etc.) associated with the wireless network device on the wireless network device.
In one possible implementation, the first identifier code may carry a pre-stored (i.e., initial) first WiFi name, a first WiFi password, a first management address, and a first management account password of the wireless network device. A user who purchases wireless network equipment can scan a first identification code on the wireless network equipment through a first mobile terminal of the user, so that the first WiFi name, the first WiFi password, the first management address and the first management account password are obtained in a resolving mode.
For example, the identification information obtained from the first identification code may be as follows:
ssid1=test1&wifipwd=abcd1234&username=user&userpwd=ccabcd&ip=192.168.10.1&productname=xxx&mac=aabbccdd1122&vendor=ysz&model=wifi&date=2021.2.20
the "& gt" is used for field segmentation, the ssid field is the first WiFi name, the wifipwd field is the first WiFi password, the username field and the userpwd field are the first management account password, and the ip field is the first management address. Other fields may be used to record information including vendor name, wireless network device MAC address, wireless network device mode, time, etc.
In another possible implementation manner, a merchant selling the wireless network devices may record, before selling the wireless network devices, an initial first WiFi name, a first WiFi password, a first management address, and a correspondence between a first management account password of each wireless network device and an identity of the wireless network device. The identity may be the wireless network device serial number, unique device identification, MAC address, etc.
The first identification code may carry an identification of the wireless network device and a server address of a merchant selling the wireless network device. A user who purchases a wireless network device may scan a first identification code on the wireless network device through a first mobile terminal thereof, thereby sending a login information acquisition request carrying an identity of the wireless network device to the server. And the server searches the first WiFi name, the first WiFi password, the first management address and the first management account password corresponding to the wireless network equipment according to the identity of the wireless network equipment in the received login information acquisition request and sends the first WiFi name, the first WiFi password, the first management address and the first management account password to the first mobile terminal.
Further, in order to avoid that an illegal user maliciously acquires information of the wireless network device pre-stored in the server, in this embodiment, the server may pre-record a correspondence between an identity of the user who purchases the wireless network device and an identity of the wireless network device.
When the first mobile terminal sends a login information obtaining request to the server, the login information obtaining request carrying the identity of the user logged in on the first mobile terminal and the identity of the wireless network device can be sent to the server.
Then, the server verifies whether the identity of the user in the login information acquisition request accords with the identity of the wireless network equipment according to the pre-stored corresponding relation; if yes, searching a first WiFi name, a first WiFi password, a first management address and a first management account password corresponding to the identity of the wireless network equipment, and sending the first WiFi name, the first WiFi password, the first management address and the first management account password to the first mobile terminal.
After the first mobile terminal obtains the first WiFi name, the first WiFi password, the first management address, and the first management account password, the first mobile terminal may start executing step S120.
Step S120, the first mobile terminal accesses the wireless local area network provided by the wireless network device according to the first WiFi name and the first WiFi password.
In this embodiment, when the wireless network device is powered on for the first time, the wireless network device provides the wireless local area network according to the pre-stored first WiFi name and the first WiFi password. The first mobile terminal may access to the wireless local area network provided by the wireless network device after obtaining the first WiFi name and the first WiFi password in step S110.
It can be understood that after the first mobile terminal accesses the wireless local area network provided by the wireless network device, the first mobile terminal is located in the same local area network as the wireless network device, so that information interaction with the wireless network device can be performed in a local area network communication mode.
Step S130, the first mobile terminal responds to the user operation and acquires network configuration information set by the user, wherein the network configuration information comprises updated second WiFi names, second WiFi passwords, second management addresses or second management account passwords.
In one implementation manner of this embodiment, after the first mobile terminal accesses the wireless WiFi provided by the wireless network device, the first mobile terminal may initiate a management connection to the first management address through the first management account password, so as to obtain current configuration information of the wireless network device.
Then, the first mobile terminal can provide an operation interface, and can display the current configuration information of the wireless network device on the operation interface. The user can set a new second WiFi name, a second WiFi password, a second management address, a second management account password and the like on the operation interface according to the needs of the user.
The first mobile terminal can respond to the configuration operation of the user on the operation interface to obtain the second WiFi name, the second WiFi password, the second management address and the second management account password set by the user as network configuration information.
Optionally, in a scenario where a dial-up internet surfing (for example, PPPoE dial-up internet surfing) needs to be initiated by the wireless network device, the user may also set a dial-up PPPoE account number password of the wireless network device on the operation interface. The network configuration information can include a PPPoE account number password.
Step S140, the first mobile terminal sends a configuration request carrying the first management account password and the network configuration information to the first management address.
In one possible implementation manner, the first mobile terminal may splice an http Post request for accessing the first management address according to the first management address, the first management account password and the network configuration information.
For example, taking the case that the network configuration information includes the PPPoE account number password, the second WiFi name, and the second WiFi password, the configuration request may be in the following form:
http://192.168.10.1/itms/username=xxxx&userpwd=xxxx&PPPOEuser=xxx&PPPOEpassword=xxx&SSID=test-2&WiFiPassword=12345678
the user name field and the user pwd are the first management account passwords, the PPPoE user field and the PPPoE password field are the PPPoE account passwords, the SSID field is the second WiFi name, and the WiFiPassword field is the second WiFi password.
Step S150, the wireless network equipment verifies the configuration request according to the pre-stored first management account password, and applies the network configuration information after verification is passed.
In this embodiment, after receiving the configuration request, the wireless network device may verify whether the first management account password stored in the wireless network device according to the wireless network device is consistent with the first management account password carried in the configuration request. And if so, applying the network configuration information, namely, replacing the initial network configuration pre-stored by the wireless network equipment by using the network configuration newly set by the user.
And if the network configuration information comprises a PPPoE account password, the wireless network equipment uses the PPPoE account password to dial and surf the internet after verification is passed, and sends a dialing state to the first mobile terminal.
Based on the above design, the wireless network device configuration method provided by the embodiment enables the mobile terminal to automatically complete actions such as WiFi access and network configuration of the wireless network device by scanning the identification code arranged on the wireless network device through the mobile terminal, and does not need a great deal of complicated manual operation by a user, thereby improving the efficiency of wireless network device configuration and reducing the possibility of configuration errors.
In general, a wireless network device also has functions of limiting whether a certain mobile terminal can access a network, limiting internet surfing time, limiting internet speed, and the like. These configuration operations also require the user to establish a management connection with the wireless network device through the terminal device and then configure the wireless network device.
In some scenarios, a user with administrative rights to a wireless network device may be temporarily unable to establish an administrative connection with the wireless network device, but other users may need to apply for rights to access the wireless network device.
For example, referring to fig. 3, the wireless network device configuration system may further include a second mobile terminal 300. The first mobile terminal 200 is a mobile terminal of a user having management authority to the wireless network device 100, the first mobile terminal 200 may not be capable of establishing management communication with the wireless network device 100 currently (for example, the wireless network device 100 is an intranet wireless network device, and the first mobile terminal 200 is located on an extranet at this time), and the second mobile terminal 300 may be a terminal that needs to access the wireless network device 100.
In one possible implementation manner of this embodiment, the second mobile terminal may obtain the permission to access the wireless network device to access the internet without performing excessive configuration by the user through steps S210 to S250. Referring to fig. 4, the following explains step S210 to step S260 in detail.
Step S210, the first mobile terminal obtains the communication identification, the network using time and the speed limiting strategy of the second mobile terminal.
In this embodiment, the communication identifier of the second mobile terminal may include a MAC address of the second mobile terminal, the network usage time may include a usage time length, and the speed limiting policy may include a highest download speed and a highest upload speed.
In one possible implementation manner, the second mobile terminal may obtain the identity of the wireless network device and the address of the server by scanning a first identification code provided on the wireless network device.
And then the second mobile terminal sends networking application information to the wireless network equipment according to the address of the server, wherein the networking application information comprises the communication identification of the second mobile terminal and the identification of the wireless network equipment.
The server can search a first mobile terminal with management authority for the wireless network equipment according to the identity of the wireless network equipment, and send the networking application information to the first mobile terminal.
In this way, the first mobile terminal can obtain the communication identifier of the second mobile terminal.
Further, after receiving the networking application information, the first mobile terminal may display an operation interface, and the user may configure and select the network usage time and the speed limiting policy on the operation interface.
Step S220, the first mobile terminal encrypts the communication identifier of the second mobile terminal, the network service time and the speed limiting strategy according to the second management account password to obtain encryption information.
In this embodiment, in order to avoid that a malicious terminal device configures the wireless network device, the first terminal may encrypt the communication identifier of the second mobile terminal, the network usage time, and the speed limiting policy by using the second management account password.
In step S230, the first mobile terminal generates a second identification code according to the encryption information and a second management address of the wireless network device.
In this embodiment, the second identification code may be sent by the first mobile terminal to the second mobile terminal, or may be sent by the other means to the user using the second mobile terminal.
Step S240, the second mobile terminal obtains the second management address and the encrypted information by scanning the second identification code, and sends networking configuration information carrying the encrypted information to the second management address.
In this embodiment, after establishing a network connection with the wireless network device, the second mobile terminal may send the encrypted information to the wireless network device according to the second management address.
In a possible implementation manner, in step S230, the first mobile terminal may generate the second identification code according to the encryption information, the second WiFi name of the wireless network device, the second WiFi password, and the second management address.
Then in step S240, the second mobile terminal may obtain the second WiFi name, the second WiFi password, the second management address, and the encrypted information by scanning the second identification code. And then the second mobile terminal can access to the wireless local area network provided by the wireless network equipment according to the second WiFi name and the second WiFi password, and send networking configuration information carrying the encryption information to the second management address through the wireless local area network.
Therefore, the user using the second mobile terminal can automatically access the WiFi provided by the wireless network device and send the networking configuration information without acquiring the second WiFi name and the second WiFi password of the wireless network device in advance and without performing manual selection operation.
It can be understood that, at this time, although the second mobile terminal may access the wlan provided by the wireless network device, it may not be able to access the internet through the wireless network device, but may also be able to access the internet through the wireless network device after the subsequent processing steps of the wireless network device.
Step S250, the wireless network device decrypts the encrypted information in the received networking configuration information according to the second management account password, and obtains the communication identifier of the second mobile terminal, the network service time and the speed limiting policy.
In this embodiment, the wireless network device may decrypt the encrypted information according to a pre-stored second management account number password, and if the decryption is successful, the network configuration information is indicated to be actually from the first mobile terminal having the management authority to the wireless network device, and the wireless network device obtains the communication identifier of the second mobile terminal, the network usage time and the speed limiting policy obtained after the decryption.
Step S260, the wireless network device adds the second mobile terminal to a white list allowing internet surfing according to the communication identifier of the second mobile terminal, and limits the internet surfing time and speed of the second mobile terminal according to the network use time and the speed limiting policy.
For example, the wireless network device may add the MAC address of the second mobile terminal to the allowed internet whitelist and then set the network usage time setting and the speed limit setting associated with the MAC address. After such setting, the wireless network device may release the internet traffic of the second mobile terminal.
Based on the above design, the configuration method of the wireless network device provided in this embodiment may enable the second mobile terminal to initiate information interaction with the first mobile terminal by a scanning action of the second mobile terminal that needs to access the wireless network device when the first mobile terminal having management authority for the wireless network device cannot directly communicate with the wireless network device, so as to automatically configure the wireless network device and enable the second mobile terminal to obtain the authority for surfing the internet through the wireless network device. The information transmission and data configuration in the whole process do not need complex manual operation of a user, so that the configuration efficiency of the wireless network equipment is greatly improved, and the possibility of configuration errors is reduced.
Further, in order to avoid that the second mobile terminal repeatedly uses the same networking configuration information to obtain an extended internet surfing time, in some possible implementations, the first mobile terminal may set some unique identification in the encrypted information.
For example, in step S230, the first mobile terminal may acquire the current time as the authorization time, and then encrypt the authorization time, the communication identifier of the second mobile terminal, the network usage time and the speed limiting policy according to the second management account password to obtain the encrypted information.
In step S260, the wireless network device may decrypt the encryption information in the received networking configuration information according to the second management account password, to obtain the communication identifier of the second mobile terminal, the network usage time, the speed limit policy, and the authorization time.
Then, the wireless network device detects whether historical networking configuration information which is the same as the authorization time of the networking configuration information received at the time is received.
If the historical networking configuration information which is the same as the authorization time of the networking configuration information received at this time is received, the fact that the networking configuration information received at this time is sent by the second mobile terminal is indicated, that is, the second mobile terminal may use the same networking configuration information repeatedly to obtain the prolonged internet surfing time, so that the wireless network device does not process the networking configuration information at this time.
If the historical networking configuration information which is the same as the authorization time of the networking configuration information received at this time is not received, the wireless network equipment indicates that the networking configuration information received at this time is new, the wireless network equipment can record the networking configuration information received at this time as the historical networking configuration information, and then execute the steps of adding the second mobile terminal into an allowed internet surfing white list, and limiting the internet surfing time and speed of the second mobile terminal according to the network use time and the speed limiting strategy.
In one possible implementation, the wireless network device is further communicatively connected to a network security server, the method further comprising:
when receiving an unknown information access request for updating the current network configuration information, the wireless network equipment intercepts the unknown information access request when the unknown information access request is not matched with a white list member in a trust white list, and simultaneously sends the access configuration information in the unknown information access request to the network security server;
the network security server acquires a historical network event set corresponding to each access configuration attribute in the access configuration information, and after a target network attack event related to a routing operation environment of the wireless network device is found in the historical network event set, updates a routing security protection policy of the wireless network device on the network security server based on a preset update policy of the target network attack event, and simulates network security attack event information in a virtual security protection environment of the wireless network device based on the updated routing security protection policy;
Acquiring response interception behavior objects of a plurality of response interception behaviors responding to the network security attack event information in a virtual security protection environment of the wireless network equipment, and acquiring a plurality of history interception expansion tracking behaviors related to the plurality of response interception behaviors, wherein any history interception expansion tracking behavior comprises an expansion tracking object and an expansion tracking path set;
determining the response interception behavior of each history interception expansion tracking behavior according to the expansion tracking object of each history interception expansion tracking behavior and the response interception behavior objects of a plurality of response interception behaviors;
clustering the plurality of history interception extended tracking behaviors according to the extended tracking path set of each history interception extended tracking behavior and the response interception behavior to which each history interception extended tracking behavior belongs to obtain response interception behaviors to which a plurality of history interception extended tracking behavior clusters respectively belong;
according to response interception behaviors to which a plurality of history interception extension tracking behavior clusters respectively belong, determining response interception behaviors to which each extension tracking behavior belongs in the plurality of history interception extension tracking behaviors, establishing association relations between each extension tracking behavior and the response interception behavior to which each extension tracking behavior belongs, and performing extension updating on the routing security protection policy based on the established association relation information so as to send the routing security protection policy after extension updating to the wireless network equipment for automatic response configuration.
Based on the above design, the method for configuring the wireless network device provided by the embodiment can execute the update of the network security policy of the wireless network device at the cloud end, and perform expansion update by combining the simulation behavior and the history behavior in the update process, so as to improve the network security of the subsequent wireless network device, and the traditional scheme is generally only simple interception.
Optionally, when the acquiring of the plurality of historical interception extended tracking behaviors related to the plurality of response interception behaviors is performed, an original interception extended tracking behavior set may be acquired, where any original interception extended tracking behavior in the original interception extended tracking behavior set includes an extended tracking object and an extended tracking path set; and then determining an original interception expansion tracking behavior matched with at least one response interception behavior object in a plurality of response interception behavior objects from the original interception expansion tracking behavior set, and taking the matched plurality of original interception expansion tracking behaviors as a plurality of historical interception expansion tracking behaviors related to the plurality of response interception behaviors.
Optionally, the response interception behavior object includes a response interception behavior category and a response interception behavior coverage area. When the original interception extended tracking behavior matched with at least one response interception behavior object in a plurality of response interception behavior objects is determined from the original interception extended tracking behavior set, if the extended tracking object in the original interception extended tracking behavior is matched with a target response interception behavior class, determining that the original interception extended tracking behavior is the original interception extended tracking behavior matched with the response interception behavior object corresponding to the target response interception behavior class, wherein the target response interception behavior class belongs to a plurality of response interception behavior classes.
Optionally, when executing the extension tracking behavior aiming at any history interception extension tracking behavior, determining a response interception behavior to which the any history interception extension tracking behavior belongs according to the extension tracking object of any history interception extension tracking behavior and the response interception behavior objects of a plurality of response interception behaviors, determining a target response interception behavior object matched with the extension tracking object in any history interception extension tracking behavior from the plurality of response interception behavior objects; and then taking the response interception behavior corresponding to the target response interception behavior object as the response interception behavior to which any history interception expansion tracking behavior belongs.
Optionally, when the extending tracking path set according to each history intercepting extending tracking action and the response intercepting action to which each history intercepting extending tracking action belongs are executed, clustering is performed on the plurality of history intercepting extending tracking actions to obtain response intercepting actions to which a plurality of history intercepting extending tracking action clusters respectively belong, a first preset clustering number may be obtained, and the plurality of history intercepting extending tracking actions are divided into a plurality of original intercepting extending tracking action libraries according to the extending tracking path set of each history intercepting extending tracking action and the first preset clustering number. And then determining a plurality of history interception expansion tracking behavior clusters and response interception behaviors of each history interception expansion tracking behavior cluster according to response interception behaviors of the history interception expansion tracking behaviors in each original interception expansion tracking behavior library.
When a plurality of history interception expansion tracking behavior clusters and response interception behaviors of each history interception expansion tracking behavior cluster are determined according to response interception behaviors of the history interception expansion tracking behaviors in each original interception expansion tracking behavior library, the first behavior quantity of the history interception expansion tracking behaviors contained in the original interception expansion tracking behavior library can be counted, then the original interception expansion tracking behavior library is divided into a plurality of unit original interception expansion tracking behavior libraries, and the history interception expansion tracking behaviors in any unit original request cluster belong to the same response interception behavior. And then acquiring a target unit original interception expansion tracking behavior library with the most historical interception expansion tracking behaviors from the plurality of unit original interception expansion tracking behavior libraries, and counting the second behavior quantity of the historical interception expansion tracking behaviors contained in the target unit original interception expansion tracking behavior library.
If the ratio between the first behavior quantity and the second behavior quantity is not smaller than the preset response interception behavior ratio, determining the original interception expansion tracking behavior library as a history interception expansion tracking behavior cluster, and taking the response interception behavior corresponding to the target unit original interception expansion tracking behavior library as the response interception behavior to which the history interception expansion tracking behavior cluster belongs.
And if the ratio between the first behavior quantity and the second behavior quantity is smaller than the preset response interception behavior ratio, adjusting the first preset clustering quantity to obtain a second preset clustering quantity.
And then, according to the second preset clustering quantity, re-clustering the history interception expansion tracking behavior in the original interception expansion tracking behavior library to obtain a history interception expansion tracking behavior cluster and a response interception behavior to which the history interception expansion tracking behavior cluster belongs.
In one possible implementation, the plurality of history interception expansion tracking actions includes a first history interception expansion tracking action and a second history interception expansion tracking action. Counting the linkage quantity of the first history interception expansion tracking behavior and the second history interception expansion tracking behavior when the first preset clustering quantity and the second preset clustering quantity are executed and the plurality of history interception expansion tracking behaviors are divided into a plurality of original interception expansion tracking behavior libraries; acquiring the maximum number of extended tracking behaviors from the first historical interception extended tracking behaviors and the second historical interception extended tracking behaviors; if the ratio between the linkage quantity of the extended tracking behaviors and the maximum extended tracking behavior quantity is larger than the first preset clustering quantity, combining the first historical interception extended tracking behaviors and the second historical interception extended tracking behaviors into an original interception extended tracking behavior library; or alternatively
In another possible implementation, the plurality of history interception expansion tracking actions includes a first history interception expansion tracking action and a second history interception expansion tracking action. Counting the linkage quantity of the first history interception expansion tracking behavior and the second history interception expansion tracking behavior when the first preset clustering quantity and the second preset clustering quantity are executed and the plurality of history interception expansion tracking behaviors are divided into a plurality of original interception expansion tracking behavior libraries; counting the total quantity of the extended tracking behaviors of the first historical interception extended tracking behavior and the second historical interception extended tracking behavior; if the ratio between the linkage quantity of the extended tracking behaviors and the total quantity of the extended tracking behaviors is larger than the first preset clustering quantity, combining the first historical interception extended tracking behaviors and the second historical interception extended tracking behaviors into an original interception extended tracking behavior library; or alternatively
In another possible implementation, the plurality of history interception extended tracking behaviors includes a first history interception extended tracking behavior and a second history interception extended tracking behavior, each of which further includes a behavior engagement of the extended tracking behavior. When an extended tracking path set according to each history interception extended tracking behavior and the first preset clustering number are executed, dividing a plurality of history interception extended tracking behaviors into a plurality of original interception extended tracking behavior libraries, and acquiring a shared extended tracking behavior of the first history interception extended tracking behavior and the second history interception extended tracking behavior; determining a behavior participation degree weight according to the difference value of the behavior participation degree of the common extension tracking behavior in the first historical interception extension tracking behavior and the behavior participation degree of the common extension tracking behavior in the second historical interception extension tracking behavior; and if the behavior participation degree weight is smaller than the first preset clustering number, combining the first history interception expansion tracking behavior and the second history interception expansion tracking behavior into an original interception expansion tracking behavior library.
Optionally, when executing any one of the plurality of history interception extended tracking behaviors, determining a response interception behavior to which each of the plurality of history interception extended tracking behaviors belongs according to a response interception behavior to which each of the plurality of history interception extended tracking behaviors belongs, counting an extended tracking number of times of the any one of the plurality of extended tracking behaviors in each response interception behavior and a total extended tracking number of times of the any one of the plurality of extended tracking behaviors in all response interception behaviors according to a response interception behavior to which each of the plurality of history interception extended tracking behaviors belongs; if the ratio of the maximum extension tracking times to the total extension tracking times in the plurality of extension tracking times is larger than a preset ratio, taking the response interception behavior corresponding to the maximum extension tracking times as the response interception behavior to which any extension tracking behavior belongs.
Optionally, when the routing security protection policy is updated in an expanding manner based on the established association relationship information, so as to send the routing security protection policy after being updated to the wireless network device for automatic response configuration, a policy rule set corresponding to each expansion tracking behavior can be searched according to each expansion tracking behavior and a response interception behavior to which each expansion tracking behavior belongs in the established association relationship information, and after a corresponding rule to be updated is obtained from the policy rule set according to the response interception behavior to which each expansion tracking behavior belongs, the routing security protection policy is updated based on the rule to be updated, so that the routing security protection policy after being updated in a rule is sent to the wireless network device for automatic response configuration.
The embodiment also provides a wireless network device configuration system, which comprises a first mobile terminal and wireless network devices.
The first mobile terminal is used for obtaining a first WiFi name, a first WiFi password, a first management address and a first management account password which are prestored in the wireless network device by scanning a first identification code on the wireless network device; accessing a wireless local area network provided by the wireless network device according to the first WiFi name and the first WiFi password; responding to user operation, and acquiring network configuration information set by a user, wherein the network configuration information comprises updated second WiFi names, second WiFi passwords, second management addresses or second management account passwords; and sending a configuration request carrying the first management account password and the network configuration information to the first management address.
The wireless network device is used for verifying the configuration request according to the pre-stored first management account number password, and applying the network configuration information after verification is passed.
In some possible implementations, the system further includes a second mobile terminal.
The first mobile terminal is also used for acquiring a communication identifier, network service time and a speed limiting strategy of the second mobile terminal; encrypting the communication identifier of the second mobile terminal, the network service time and the speed limiting strategy according to the second management account password to obtain encryption information; generating a second identification code according to the encryption information and a second management address of the wireless network equipment;
The second mobile terminal is used for obtaining the second management address and the encryption information by scanning the second identification code, and sending networking configuration information carrying the encryption information to the second management address;
the wireless network device is further configured to decrypt the encrypted information in the received networking configuration information according to the second management account password, so as to obtain a communication identifier of the second mobile terminal, the network usage time and the speed limiting policy; and adding the second mobile terminal into a white list allowing surfing according to the communication identifier of the second mobile terminal, and limiting surfing time and speed of the second mobile terminal according to the network using time and the speed limiting strategy.
In some possible implementations, the first mobile terminal is further configured to acquire a current time as the authorized time.
The first mobile terminal is specifically configured to obtain a current time as an authorized time; encrypting the authorization time, the communication identifier of the second mobile terminal, the network service time and the speed limiting strategy by using the second management account password to obtain the encryption information;
The wireless network device is specifically configured to decrypt the encryption information in the networking configuration information received this time according to the second management account password, so as to obtain the communication identifier of the second mobile terminal, the network usage time, the speed limiting policy and the authorization time; detecting whether historical networking configuration information which is the same as the authorization time of the networking configuration information received at the time is received or not; if yes, the networking configuration information of the time is not processed; if not, recording the received networking configuration information as historical networking configuration information, and then executing the steps of adding the second mobile terminal into a permitted surfing white list, and limiting the surfing time and speed of the second mobile terminal according to the network use time and the speed limiting strategy.
In summary, according to the method and the system for configuring the wireless network device, the mobile terminal scans the identification code arranged on the wireless network device, so that the mobile terminal automatically completes actions such as WiFi access and network configuration of the wireless network device, and a great deal of complex manual operation is not required by a user, thereby improving the efficiency of configuring the wireless network device and reducing the possibility of configuration errors.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners as well. The apparatus embodiments described above are merely illustrative, for example, flow diagrams and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, the functional modules in the embodiments of the present application may be integrated together to form a single part, or each module may exist alone, or two or more modules may be integrated to form a single part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The foregoing is merely various embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily think about changes or substitutions within the technical scope of the present application, and the changes and substitutions are intended to be covered in the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (7)
1. A method of configuring a wireless network device, the method comprising:
the method comprises the steps that a first mobile terminal obtains a first WiFi name, a first WiFi password, a first management address and a first management account password which are prestored in wireless network equipment by scanning a first identification code on the wireless network equipment;
the first mobile terminal accesses a wireless local area network provided by the wireless network device according to the first WiFi name and the first WiFi password;
the first mobile terminal responds to user operation and acquires network configuration information set by a user, wherein the network configuration information comprises updated second WiFi names, second WiFi passwords, second management addresses or second management account passwords;
the first mobile terminal sends a configuration request carrying the first management account password and the network configuration information to the first management address;
The wireless network equipment verifies the configuration request according to the pre-stored first management account number password, and applies the network configuration information after verification is passed;
the method further comprises the steps of:
the first mobile terminal acquires a communication identifier, network service time and a speed limiting strategy of the second mobile terminal;
the first mobile terminal encrypts the communication identifier of the second mobile terminal, the network service time and the speed limiting strategy according to the second management account number password to obtain encryption information;
the first mobile terminal generates a second identification code according to the encryption information and a second management address of the wireless network equipment;
the second mobile terminal obtains the second management address and the encryption information by scanning the second identification code, and sends networking configuration information carrying the encryption information to the second management address;
the wireless network equipment decrypts the encryption information in the received networking configuration information according to the second management account number password to obtain a communication identifier of the second mobile terminal, the network service time and the speed limiting strategy;
The wireless network equipment adds the second mobile terminal into a permitted internet surfing white list according to the communication identifier of the second mobile terminal, and limits the internet surfing time and speed of the second mobile terminal according to the network using time and the speed limiting strategy;
the step of encrypting the communication identifier of the second mobile terminal, the network service time and the speed limiting strategy by the first mobile terminal according to the second management account number password to obtain encryption information comprises the following steps:
the first mobile terminal acquires the current time as the authorized time;
the first mobile terminal encrypts the authorization time, the communication identifier of the second mobile terminal, the network service time and the speed limiting strategy by using the second management account number password to obtain the encryption information;
the wireless network device decrypts the received encrypted information according to the second management account number and password to obtain the communication identifier of the second mobile terminal, the network service time and the speed limiting policy, and the method comprises the following steps:
the wireless network equipment decrypts the encryption information in the networking configuration information received at this time according to the second management account number password to obtain a communication identifier of the second mobile terminal, the network service time, the speed limiting strategy and the authorization time;
The wireless network equipment detects whether historical networking configuration information which is the same as the authorization time of the networking configuration information received at the time is received or not;
if yes, the networking configuration information of the time is not processed;
if not, recording the received networking configuration information as historical networking configuration information, and then executing the steps of adding the second mobile terminal into a permitted surfing white list, and limiting the surfing time and speed of the second mobile terminal according to the network use time and the speed limiting strategy.
2. The method according to claim 1, wherein the step of the first mobile terminal obtaining the first WiFi name, the first WiFi password, the first management address, and the first management account password pre-stored by the wireless network device by scanning a first identification code on the wireless network device includes:
the method comprises the steps that a first mobile terminal obtains an identity of wireless network equipment by scanning a first identification code on the wireless network equipment;
the first mobile terminal sends a login information acquisition request to a server, wherein the login information acquisition request carries an identity of the wireless network equipment;
And the server searches the first WiFi name, the first WiFi password, the first management address and the first management account password corresponding to the wireless network equipment according to the identity of the wireless network equipment in the received login information acquisition request and sends the first WiFi name, the first WiFi password, the first management address and the first management account password to the first mobile terminal.
3. The method according to claim 2, wherein the method further comprises:
the server pre-records the corresponding relation between the identity of the user purchasing the wireless network equipment and the identity of the wireless network equipment;
the step of sending a login information acquisition request to a server by the first mobile terminal comprises the following steps:
the first mobile terminal sends a login information acquisition request carrying an identity of a user logged in on the first mobile terminal and an identity of the wireless network device to a server;
the step of searching the initial first WiFi name, the first WiFi password, the first management address and the first management account password of the wireless network equipment according to the identity of the wireless network equipment in the received login information acquisition request by the server and sending the initial first WiFi name, the first WiFi password, the first management address and the first management account password to the first mobile terminal comprises the following steps:
The server verifies whether the identity of the user in the login information acquisition request accords with the identity of the wireless network equipment according to the pre-stored corresponding relation;
if yes, searching a first WiFi name, a first WiFi password, a first management address and a first management account password corresponding to the identity of the wireless network equipment, and sending the first WiFi name, the first WiFi password, the first management address and the first management account password to the first mobile terminal.
4. The method of claim 1, wherein prior to the step of the first mobile terminal obtaining the communication identity, network usage time, and speed limit policy of the second mobile terminal, the method further comprises:
the second mobile terminal obtains the identity of the wireless network equipment and the address of the server by scanning a first identification code arranged on the wireless network equipment;
the second mobile terminal sends networking application information to the wireless network equipment according to the address of the server, wherein the networking application information comprises a communication identifier of the second mobile terminal and an identity identifier of the wireless network equipment;
and the server searches a first mobile terminal with management authority for the wireless network equipment according to the identity of the wireless network equipment, and sends the networking application information to the first mobile terminal.
5. The method of claim 1, wherein the step of the first mobile terminal generating a second identification code based on the encrypted information and a second management address of the wireless network device comprises:
the first mobile terminal generates the second identification code according to the encryption information, a second WiFi name of the wireless network equipment, a second WiFi password and a second management address;
the step of the second mobile terminal obtaining the second management address and the encryption information by scanning the second identification code and sending networking configuration information carrying the encryption information to the second management address comprises the following steps:
the second mobile terminal obtains the second WiFi name, the second WiFi password, the second management address and the encryption information by scanning the second identification code;
and the second mobile terminal accesses the wireless local area network provided by the wireless network device according to the second WiFi name and the second WiFi password, and sends networking configuration information carrying the encryption information to the second management address through the wireless local area network.
6. The method of any of claims 1-5, wherein the wireless network device is further communicatively coupled to a network security server, the method further comprising:
When receiving an unknown information access request for updating the current network configuration information, the wireless network equipment intercepts the unknown information access request when the unknown information access request is not matched with a white list member in a trust white list, and simultaneously sends the access configuration information in the unknown information access request to the network security server;
the network security server acquires a historical network event set corresponding to each access configuration attribute in the access configuration information, and after a target network attack event related to a routing operation environment of the wireless network device is found in the historical network event set, updates a routing security protection policy of the wireless network device on the network security server based on a preset update policy of the target network attack event, and simulates network security attack event information in a virtual security protection environment of the wireless network device based on the updated routing security protection policy;
acquiring response interception behavior objects of a plurality of response interception behaviors responding to the network security attack event information in a virtual security protection environment of the wireless network equipment, and acquiring a plurality of history interception expansion tracking behaviors related to the plurality of response interception behaviors, wherein any history interception expansion tracking behavior comprises an expansion tracking object and an expansion tracking path set;
Determining the response interception behavior of each history interception expansion tracking behavior according to the expansion tracking object of each history interception expansion tracking behavior and the response interception behavior objects of a plurality of response interception behaviors;
clustering the plurality of history interception extended tracking behaviors according to the extended tracking path set of each history interception extended tracking behavior and the response interception behavior to which each history interception extended tracking behavior belongs to obtain response interception behaviors to which a plurality of history interception extended tracking behavior clusters respectively belong;
according to response interception behaviors to which a plurality of history interception extension tracking behavior clusters respectively belong, determining response interception behaviors to which each extension tracking behavior belongs in the plurality of history interception extension tracking behaviors, establishing association relations between each extension tracking behavior and the response interception behavior to which each extension tracking behavior belongs, and performing extension updating on the routing security protection policy based on the established association relation information so as to send the routing security protection policy after extension updating to the wireless network equipment for automatic response configuration.
7. A wireless network device configuration system, wherein the system comprises a first mobile terminal and a wireless network device;
The first mobile terminal is used for obtaining a first WiFi name, a first WiFi password, a first management address and a first management account password which are prestored in the wireless network device by scanning a first identification code on the wireless network device; accessing a wireless local area network provided by the wireless network device according to the first WiFi name and the first WiFi password; responding to user operation, and acquiring network configuration information set by a user, wherein the network configuration information comprises updated second WiFi names, second WiFi passwords, second management addresses or second management account passwords; sending a configuration request carrying the first management account password and the network configuration information to the first management address;
the wireless network device is used for verifying the configuration request according to the pre-stored first management account number password, and applying the network configuration information after the verification is passed;
the system further comprises a second mobile terminal;
the first mobile terminal is also used for acquiring a communication identifier, network service time and a speed limiting strategy of the second mobile terminal; encrypting the communication identifier of the second mobile terminal, the network service time and the speed limiting strategy according to the second management account password to obtain encryption information; generating a second identification code according to the encryption information and a second management address of the wireless network equipment;
The second mobile terminal is used for obtaining the second management address and the encryption information by scanning the second identification code, and sending networking configuration information carrying the encryption information to the second management address;
the wireless network device is further configured to decrypt the encrypted information in the received networking configuration information according to the second management account password, so as to obtain a communication identifier of the second mobile terminal, the network usage time and the speed limiting policy; adding the second mobile terminal into a white list allowing surfing according to the communication identifier of the second mobile terminal, and limiting surfing time and speed of the second mobile terminal according to the network use time and the speed limiting strategy;
the first mobile terminal encrypts the communication identifier of the second mobile terminal, the network service time and the speed limiting policy according to the second management account number and password to obtain encryption information, and the method comprises the following steps:
the first mobile terminal acquires the current time as the authorized time;
the first mobile terminal encrypts the authorization time, the communication identifier of the second mobile terminal, the network service time and the speed limiting strategy by using the second management account number password to obtain the encryption information;
The wireless network device decrypts the received encrypted information according to the second management account number and password to obtain the communication identifier of the second mobile terminal, the network service time and the speed limiting policy, and the wireless network device comprises:
the wireless network equipment decrypts the encryption information in the networking configuration information received at this time according to the second management account number password to obtain a communication identifier of the second mobile terminal, the network service time, the speed limiting strategy and the authorization time;
the wireless network equipment detects whether historical networking configuration information which is the same as the authorization time of the networking configuration information received at the time is received or not;
if yes, the networking configuration information of the time is not processed;
if not, recording the received networking configuration information as historical networking configuration information, and then executing the operations of adding the second mobile terminal into a permitted surfing white list, and limiting the surfing time and speed of the second mobile terminal according to the network use time and the speed limiting strategy.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110520516.9A CN113645054B (en) | 2021-05-13 | 2021-05-13 | Wireless network equipment configuration method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110520516.9A CN113645054B (en) | 2021-05-13 | 2021-05-13 | Wireless network equipment configuration method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113645054A CN113645054A (en) | 2021-11-12 |
| CN113645054B true CN113645054B (en) | 2023-07-25 |
Family
ID=78415853
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110520516.9A Active CN113645054B (en) | 2021-05-13 | 2021-05-13 | Wireless network equipment configuration method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113645054B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114489740B (en) * | 2022-04-14 | 2022-06-24 | 北京金朗维科技有限公司 | Online updating method and device for wireless code scanning equipment |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104955041A (en) * | 2014-03-24 | 2015-09-30 | 济宁职业技术学院 | WiFi real-name authentication method |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR100907507B1 (en) * | 2007-03-05 | 2009-07-14 | 삼성전자주식회사 | User Authentication Method and System for the WLAN Network Interworking of Wireless LAN Terminal |
| CN106332056B (en) * | 2015-06-30 | 2020-01-14 | 芋头科技(杭州)有限公司 | Structure and method for pre-configuring user information of intelligent equipment |
| CN105227346B (en) * | 2015-08-24 | 2018-09-28 | 上海斐讯数据通信技术有限公司 | It is a kind of based on the method for configuring routers scanned the two-dimensional code |
| CN105975559A (en) * | 2016-05-03 | 2016-09-28 | 浪潮电子信息产业股份有限公司 | Method and system for login to background page of router |
| CN106507351B (en) * | 2016-10-28 | 2019-12-31 | 维沃移动通信有限公司 | Method for acquiring connection password of wireless network and mobile terminal |
| CN109548018B (en) * | 2019-01-11 | 2021-11-23 | 腾讯科技(深圳)有限公司 | Wireless network access method, device, equipment and system |
| CN110121170B (en) * | 2019-04-17 | 2022-08-19 | 广东电网有限责任公司信息中心 | Mobile network identity authentication method based on encryption technology |
-
2021
- 2021-05-13 CN CN202110520516.9A patent/CN113645054B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104955041A (en) * | 2014-03-24 | 2015-09-30 | 济宁职业技术学院 | WiFi real-name authentication method |
Non-Patent Citations (1)
| Title |
|---|
| 无线局域网安全技术分析;郭守发;刘晓;;福建电脑(第11期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113645054A (en) | 2021-11-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11089044B2 (en) | Method and system for assessing data security | |
| US11387978B2 (en) | Systems and methods for securing access rights to resources using cryptography and the blockchain | |
| US8194589B2 (en) | Systems and methods for wireless network selection based on attributes stored in a network database | |
| US9628282B2 (en) | Universal anonymous cross-site authentication | |
| US8196188B2 (en) | Systems and methods for providing network credentials | |
| EP2206278B1 (en) | Systems and methods for wireless network selection based on attributes stored in a network database | |
| US20120054841A1 (en) | Application registration, authorization, and verification | |
| CN104104654A (en) | Method and device for setting Wifi access authority and Wifi authentication | |
| CN103596173A (en) | Wireless network authentication method, client wireless network authentication device, and server wireless network authentication device | |
| US11765164B2 (en) | Server-based setup for connecting a device to a local area network | |
| CA2516718A1 (en) | Secure object for convenient identification | |
| US9787678B2 (en) | Multifactor authentication for mail server access | |
| CN106664291A (en) | Systems and methods for providing secure access to local network devices | |
| US20150180849A1 (en) | Mobile token | |
| US10103948B1 (en) | Computing devices for sending and receiving configuration information | |
| CN110198539A (en) | A kind of authentication method and its device, equipment and storage medium | |
| US11727101B2 (en) | Methods and systems for verifying applications | |
| WO2016188335A1 (en) | Access control method, apparatus and system for user data | |
| CN104519490A (en) | WIFI (wireless fidelity) connection method, WIFI connection device, mobile terminal and system | |
| CN104247485A (en) | Network application function authorisation in a generic bootstrapping architecture | |
| WO2017084456A1 (en) | Wifi hotspot processing method, device and system | |
| CN114760112B (en) | Wireless local area network-oriented intelligent home equipment networking method, system, equipment and storage medium | |
| CN113645054B (en) | Wireless network equipment configuration method and system | |
| US10542569B2 (en) | Community-based communication network services | |
| CN114363067B (en) | Network access control method, device, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |