CN114679285A - System login control method and device, electronic equipment and storage medium - Google Patents
System login control method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN114679285A CN114679285A CN202011548216.3A CN202011548216A CN114679285A CN 114679285 A CN114679285 A CN 114679285A CN 202011548216 A CN202011548216 A CN 202011548216A CN 114679285 A CN114679285 A CN 114679285A
- Authority
- CN
- China
- Prior art keywords
- login
- ssh
- source address
- ssh login
- control method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 45
- 238000004590 computer program Methods 0.000 claims description 27
- 238000012550 audit Methods 0.000 claims description 5
- 238000005336 cracking Methods 0.000 abstract description 3
- 230000008569 process Effects 0.000 description 7
- 230000006870 function Effects 0.000 description 6
- 238000004891 communication Methods 0.000 description 5
- 230000009471 action Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000012544 monitoring process Methods 0.000 description 3
- 239000000463 material Substances 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 239000011521 glass Substances 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
Abstract
The embodiment of the invention provides a system login control method and device, electronic equipment and a storage medium. The login control method of the system comprises the following steps: acquiring an SSH login log of a system; obtaining the number of SSH login failures of the same source address in a preset time based on the SSH login log; and intercepting the SSH login request subsequently initiated by the source address when the number of SSH login failures of the same source address in the preset time is larger than the preset number. According to the embodiment of the invention, when the SSH login log is monitored and analyzed to determine that the threatened source address is subjected to SSH login attempt, the SSH login request initiated by the system is immediately intercepted, so that the violent cracking of SSH login of an illegal user to the system is avoided, and the safety and reliability of remote access of the system are improved.
Description
Technical Field
The present invention relates to the field of network security technologies, and in particular, to a method and an apparatus for controlling login of a system, an electronic device, and a storage medium.
Background
Currently, for some systems, such as Linux systems, a user may perform SSH telnet based on their IP address, username, and password. If the system is scanned by a malicious scanning tool, the tool will try to brute force the SSH login password, affecting the security and reliability of the system.
Disclosure of Invention
To solve the problems in the prior art, embodiments of the present invention provide a system login control method and apparatus, an electronic device, and a storage medium.
Specifically, the embodiment of the invention provides the following technical scheme:
in a first aspect, an embodiment of the present invention provides a method for controlling login of a system, including:
acquiring an SSH log of a system;
obtaining the number of SSH login failures of the same source address in a preset time based on the SSH login log;
and intercepting the SSH login request subsequently initiated by the source address when the number of SSH login failures of the same source address in the preset time is larger than the preset number.
Further, the obtaining, based on the SSH login log, the number of SSH login failures for the same source address in a predetermined time includes:
obtaining SSH login failure records from the SSH login logs;
and acquiring the number of SSH login failures of the same source address in the preset time based on the source address recorded in the SSH login failure record and the SSH login failure occurrence time.
Further, intercepting an SSH login request subsequently initiated by the source address when the number of SSH login failures of the same source address within the predetermined time is greater than a predetermined number of times, includes:
and when the number of SSH login failures of the same source address in the preset time is larger than the preset number, configuring the source address to a firewall so as to intercept the SSH login request subsequently initiated by the source address through the firewall when the SSH login request subsequently initiated by the source address is initiated.
Further, the configuring the source address to the firewall includes:
and writing the source address into a configuration file, and configuring the firewall according to the configuration file.
Further, the intercepting of the SSH login request subsequently initiated by the source address further includes:
judging the time of SSH login request subsequently initiated by the source address;
and if the time is within the preset interception effective time, intercepting an SSH login request subsequently initiated by the source address.
Further, still include: and performing log audit on the SSH login log to obtain comprehensive information of the SSH login condition.
In a second aspect, an embodiment of the present invention further provides a login control device for a system, including:
the acquisition module is used for acquiring an SSH login log of the system;
the statistical module is used for obtaining the number of SSH login failures of the same source address in a preset time based on the SSH login log;
and the control module is used for intercepting an SSH login request subsequently initiated by the source address when the number of SSH login failures of the same source address in the preset time is greater than the preset number.
In a third aspect, an embodiment of the present invention further provides an electronic device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the steps of the login control method of the system according to the first aspect when executing the program.
In a fourth aspect, the present invention further provides a non-transitory computer readable storage medium, on which a computer program is stored, where the computer program is executed by a processor to implement the steps of the login control method of the system according to the first aspect.
In a fifth aspect, an embodiment of the present invention further provides a computer program product, where the computer program product includes a computer program, and when the computer program is executed by a processor, the computer program implements the steps of the login control method of the system according to the first aspect.
According to the technical scheme, the login control method, the login control device, the electronic equipment and the storage medium of the system provided by the embodiment of the invention can determine that a threatened source address (such as an IP address) is subjected to SSH login attempt through monitoring and analyzing an SSH login log, and immediately intercept an SSH login request initiated by the system, so that an illegal user is prevented from carrying out brute force cracking on SSH login to the system, and the safety and reliability of remote access of the system are improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
Fig. 1 is a flowchart of a login control method of a system according to an embodiment of the present invention;
fig. 2 is a detailed flowchart of a login control method of the system according to an embodiment of the present invention;
fig. 3 is a block diagram of a login control device of the system according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 shows a flowchart of a login control method of a system according to an embodiment of the present invention. As shown in fig. 1, a login control method of a system provided in an embodiment of the present invention includes the following steps:
step 101: and acquiring an SSH login log of the system.
Wherein ssh (secure shell) is a secure shell protocol, namely: SSH is a security protocol built on an application layer basis. SSH is a protocol that provides security for telnet sessions and other web services. The SSH protocol can effectively prevent the problem of information leakage in the remote management process. SSH clients are applicable to a variety of platforms. SSH can be run on almost all UNIX platforms, e.g., HP-UX, Linux, AIX, Solaris, Digital UNIX, Irix, etc. In the following embodiments of the present invention, the system is exemplified by a Linux system.
For the Linux system, when performing remote SSH login, the Linux system records an SSH login log. Specifically, by real-time monitoring of the SSH connection, i.e.: the method comprises the steps of monitoring a system security log comprising SSH connection records, and then acquiring an SSH login log from the system security log, wherein the SSH login log records information such as a source address and the time of an SSH login request, in other words, an SSH login request initiated from any source address to the system is recorded in the SSH login log no matter whether the login is successful or not.
In this example, the source address is, for example, an IP (Internet Protocol) address of a device that issues a remote SSH login request to the Linux system.
In this example, the storage path of the system security log is typically/var/log/secure, that is: from this path, a system security log may be obtained.
Step 102: and obtaining the number of SSH login failures of the same source address in a preset time based on the SSH login log.
In one embodiment of the present invention, the predetermined time may be determined empirically, for example: the average frequency of SSH logins initiated to the system is counted, for example: an average frequency of once 1 minute, a relatively reasonable predetermined time, such as 30 minutes, may be set based on the frequency.
In an embodiment of the present invention, the number of SSH login failures for obtaining the same source address within a predetermined time based on the SSH login log may be determined as follows: acquiring SSH login failure records from the SSH login logs; and acquiring the number of SSH login failures of the same source address in a preset time based on the source address recorded in the SSH login failure record and the SSH login failure occurrence time.
Taking the average frequency of once every 1 minute and the predetermined time of 30 minutes as an example, the maximum number of times that SSH login can be initiated to the system within 30 minutes is about 30, and therefore, assuming that 10 SSH login requests have been initiated to the system within 30 minutes from a certain source address, and based on the SSH login logs of the 10 times, it is known that the average login has failed, the number of times that SSH login failed within the predetermined time from the source address is 10.
Step 103: and intercepting an SSH login request subsequently initiated by the source address when the number of SSH login failures of the same source address in preset time is larger than the preset number.
In one embodiment of the present invention, the predetermined number of times is set to, for example, 5 times, taking the above-described average frequency of once every 1 minute, as an example, a predetermined time of 30 minutes. Then when it is found that the same IP address has undergone a large number (e.g. 10) of SSH connection attempts in a short time (e.g. 30 minutes) and all connections have failed, and 10 times are greater than 5 times, and at this time, the IP address is recorded, and it is considered that there is a possibility of SSH brute force cracking, that is: the SSH remote login is broken probably by an illegal user, when the IP address initiates the SSH login request again, the SSH login request is intercepted, the glass breaking is prevented from being tried again, and further the security and the reliability of the SSH login of the system are improved.
In a specific example of the present invention, when the number of SSH login failures of the same source address within the predetermined time is greater than a predetermined number, intercepting an SSH login request subsequently initiated by the source address, includes: and when the number of SSH login failures of the same source address in the preset time is larger than the preset number, configuring the source address to a firewall so as to intercept the SSH login request subsequently initiated by the source address through the firewall when the SSH login request subsequently initiated by the source address is initiated.
In this example, configuring the source address to a firewall includes: and writing the source address into a configuration file, and configuring the firewall according to the configuration file.
Further, since it cannot be completely determined whether the IP address is definitely an illegal user, an interception effective time may be set, for example: when the possibility that the IP address is an illegal user is known, the effective interception time of 3 days can be set, namely: SSH login attempts by the IP address are not received within 3 days. Specifically, the time of SSH login request subsequently initiated by the source address is judged; and if the time is within the preset interception effective time, intercepting an SSH login request subsequently initiated by the source address.
As a specific example, the intercepted IP address is uniformly recorded in a configuration file, the IP is sealed in a network firewall, the newly recorded IP address is configured immediately, and the intercepted IP is limited to perform remote SSH login.
According to the login control method of the system, when the SSH login log is monitored and analyzed to determine that a threatened source address (such as an IP address) is subjected to SSH login attempt, an SSH login request initiated by the system is immediately intercepted, so that brute force of an illegal user in SSH login to the system is avoided, and the safety and reliability of remote access of the system are improved.
In an embodiment of the present invention, the login control method of the system further includes: and performing log audit on the SSH login log to obtain comprehensive information of the SSH login condition. Namely: log audit is carried out on the SSH login records, and login success and login failure and suspicious SSH login records are audited, so that the reliability of the source address initiating login can be evaluated.
As shown in fig. 2, the login control method of the system according to the embodiment of the present invention may be executed by a background service of the system, for example: the background service monitors the system security log in real time, analyzes login failure records from the system security log, triggers a violent intrusion detection blocking rule based on the login failure records, namely, determines whether a source address has a threat, records the IP address if the source address has the threat, writes a configuration file, subsequently intercepts an SSH login request initiated by the IP based on the configuration file, and simultaneously can audit the log to realize the evaluation of the credibility of the source address initiated to login.
According to the login control method of the system, the security and the reliability of SSH login of the system can be effectively ensured.
Fig. 3 is a schematic structural diagram illustrating a login control device of a system according to an embodiment of the present invention. As shown in fig. 3, the login control device of the system provided in this embodiment includes: an acquisition module 310, a statistics module 320, and a control module 330, wherein:
an obtaining module 310, configured to obtain an SSH log of a system;
a counting module 320, configured to obtain, based on the SSH login log, the number of SSH login failures for the same source address in a predetermined time;
the control module 330 is configured to intercept an SSH login request subsequently initiated by the source address when the number of SSH login failures of the same source address in the predetermined time is greater than a predetermined number.
Based on the content of the foregoing embodiments, in this embodiment, the statistical module 320 is specifically configured to:
obtaining SSH login failure records from the SSH login logs;
and acquiring the number of SSH login failures of the same source address in the preset time based on the source address recorded in the SSH login failure record and the SSH login failure occurrence time.
Based on the content of the foregoing embodiments, in this embodiment, the control module 330 is specifically configured to:
and when the number of SSH login failures of the same source address in the preset time is larger than the preset number, configuring the source address to a firewall so as to intercept the SSH login request subsequently initiated by the source address through the firewall when the SSH login request subsequently initiated by the source address is initiated.
Based on the content of the foregoing embodiments, in this embodiment, the control module 330 is configured to:
and writing the source address into a configuration file, and configuring the firewall according to the configuration file.
Based on the content of the foregoing embodiments, in this embodiment, the control module 330 is further configured to:
judging the time of SSH login request subsequently initiated by the source address;
and if the time is within the preset interception effective time, intercepting an SSH login request subsequently initiated by the source address.
Based on the content of the foregoing embodiments, in this embodiment, the apparatus further includes: and the auditing module (not shown in fig. 3) is used for performing log auditing on the SSH login log to obtain comprehensive information of the SSH login situation.
According to the login control device of the system, when an SSH login log is monitored and analyzed to determine that a threatened source address (such as an IP address) is subjected to SSH login attempt, an SSH login request initiated by the system is immediately intercepted, so that brute force of an illegal user in SSH login to the system is avoided, and the safety and reliability of remote access of the system are improved.
Since the login control device of the system provided by the embodiment of the present invention can be used for executing the login control method of the system described in the above embodiment, the working principle and the beneficial effect are similar, so detailed descriptions are omitted here, and specific contents can be referred to the description of the above embodiment.
In this embodiment, it should be noted that each module in the apparatus according to the embodiment of the present invention may be integrated into a whole or may be separately disposed. The modules can be combined into one module, and can also be further split into a plurality of sub-modules.
Based on the same inventive concept, another embodiment of the present invention provides an electronic device, which specifically includes the following components, with reference to fig. 4: a processor 401, a memory 402, a communication interface 403, and a communication bus 404;
the processor 401, the memory 402 and the communication interface 403 complete mutual communication through the communication bus 404;
the processor 401 is configured to call a computer program in the memory 402, and the processor implements all the steps of the login control method of the system when executing the computer program, for example, the processor implements the following processes when executing the computer program: acquiring an SSH log of a system; obtaining the number of SSH login failures of the same source address in a preset time based on the SSH login log; and intercepting the SSH login request subsequently initiated by the source address when the number of SSH login failures of the same source address in the preset time is larger than the preset number.
It will be appreciated that the detailed functions and extended functions that the computer program may perform may be as described with reference to the above embodiments.
Based on the same inventive concept, yet another embodiment of the present invention provides a non-transitory computer-readable storage medium, on which a computer program is stored, which when executed by a processor implements all the steps of the login control method of the above system, for example, the processor implements the following processes when executing the computer program: acquiring an SSH log of a system; obtaining the number of SSH login failures of the same source address in a preset time based on the SSH login log; and intercepting the SSH login request subsequently initiated by the source address when the number of SSH login failures of the same source address in the preset time is larger than the preset number.
It will be appreciated that the detailed functions and extended functions that the computer program may perform may be as described with reference to the above embodiments.
Based on the same inventive concept, another embodiment of the present invention provides a computer program product, which includes a computer program, and when the computer program is executed by a processor, the computer program implements all the steps of the login control method of the above system, for example, when the processor executes the computer program, the processor implements the following processes: acquiring an SSH log of a system; obtaining the number of SSH login failures of the same source address in a preset time based on the SSH login log; and intercepting an SSH login request subsequently initiated by the source address when the number of SSH login failures of the same source address in the preset time is larger than the preset number.
It will be appreciated that the detailed functions and extended functions that the computer program may perform may be as described with reference to the above embodiments.
In addition, the logic instructions in the memory may be implemented in the form of software functional units and may be stored in a computer readable storage medium when sold or used as a stand-alone product. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk, and various media capable of storing program codes.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the embodiment of the present invention. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. Based on such understanding, the above technical solutions may be essentially or partially implemented in the form of software products, which may be stored in a computer-readable storage medium, such as ROM/RAM, magnetic disk, optical disk, etc., and include instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the traffic auditing method according to various embodiments or some parts of embodiments.
Moreover, in the present invention, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
Furthermore, in the present disclosure, reference to the description of the terms "one embodiment," "some embodiments," "an example," "a specific example," or "some examples" or the like means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present disclosure. In this specification, the schematic representations of the terms used above are not necessarily intended to refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, various embodiments or examples and features of different embodiments or examples described in this specification can be combined and combined by one skilled in the art without contradiction.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (10)
1. A login control method of a system is characterized by comprising the following steps:
acquiring an SSH log of a system;
obtaining the number of SSH login failures of the same source address in a preset time based on the SSH login log;
and intercepting an SSH login request subsequently initiated by the source address when the number of SSH login failures of the same source address in the preset time is larger than the preset number.
2. The login control method of system according to claim 1, wherein the obtaining the number of SSH login failures for the same source address within a predetermined time based on the SSH login log comprises:
obtaining SSH login failure records from the SSH login logs;
and acquiring the number of SSH login failures of the same source address in the preset time based on the source address recorded in the SSH login failure record and the SSH login failure occurrence time.
3. The system login control method of claim 1, wherein intercepting subsequently initiated SSH login requests from the source address when the number of SSH login failures for the same source address within the predetermined time is greater than a predetermined number of times comprises:
and when the number of SSH login failures of the same source address in the preset time is larger than the preset number, configuring the source address to a firewall so as to intercept the SSH login request subsequently initiated by the source address through the firewall when the SSH login request subsequently initiated by the source address is initiated.
4. The login control method of system according to claim 3, wherein the configuring the source address to the firewall comprises:
and writing the source address into a configuration file, and configuring the firewall according to the configuration file.
5. The login control method of system according to any one of claims 1 to 4, wherein the intercepting of the SSH login request subsequently initiated by the source address further comprises:
judging the time of SSH login request subsequently initiated by the source address;
and if the time is within the preset interception effective time, intercepting an SSH login request subsequently initiated by the source address.
6. The login control method of the system according to claim 1, further comprising: and performing log audit on the SSH login log to obtain comprehensive information of the SSH login condition.
7. A login control device for a system, comprising:
the acquisition module is used for acquiring an SSH login log of the system;
the statistical module is used for obtaining the number of SSH login failures of the same source address in a preset time based on the SSH login log;
and the control module is used for intercepting an SSH login request subsequently initiated by the source address when the number of SSH login failures of the same source address in the preset time is greater than the preset number.
8. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the steps of the login control method of the system according to any one of claims 1 to 6 are implemented when the processor executes the program.
9. A non-transitory computer readable storage medium having stored thereon a computer program, characterized in that the computer program, when being executed by a processor, implements the steps of a login control method of a system according to any one of claims 1 to 6.
10. A computer program product comprising a computer program, characterized in that the computer program realizes the steps of the login control method of the system according to any one of claims 1 to 6 when being executed by a processor.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011548216.3A CN114679285A (en) | 2020-12-24 | 2020-12-24 | System login control method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011548216.3A CN114679285A (en) | 2020-12-24 | 2020-12-24 | System login control method and device, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114679285A true CN114679285A (en) | 2022-06-28 |
Family
ID=82069802
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011548216.3A Pending CN114679285A (en) | 2020-12-24 | 2020-12-24 | System login control method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114679285A (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106686014A (en) * | 2017-03-14 | 2017-05-17 | 北京深思数盾科技股份有限公司 | Prevention method and prevention device of cyber attacks |
| US20190182214A1 (en) * | 2017-12-08 | 2019-06-13 | Beijing Baidu Netcom Science And Technology Co., Ltd. | Anti-cracking method and system for a cloud host, as well as terminal device |
-
2020
- 2020-12-24 CN CN202011548216.3A patent/CN114679285A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106686014A (en) * | 2017-03-14 | 2017-05-17 | 北京深思数盾科技股份有限公司 | Prevention method and prevention device of cyber attacks |
| US20190182214A1 (en) * | 2017-12-08 | 2019-06-13 | Beijing Baidu Netcom Science And Technology Co., Ltd. | Anti-cracking method and system for a cloud host, as well as terminal device |
Non-Patent Citations (1)
| Title |
|---|
| 刘振昌;: "让SSH远程管理更安全", 中国教育网络, no. 06, 5 June 2011 (2011-06-05) * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11775622B2 (en) | Account monitoring | |
| Amara et al. | Cloud computing security threats and attacks with their mitigation techniques | |
| US7594267B2 (en) | Stateful distributed event processing and adaptive security | |
| US9401924B2 (en) | Monitoring operational activities in networks and detecting potential network intrusions and misuses | |
| US20060282893A1 (en) | Network information security zone joint defense system | |
| US7483993B2 (en) | Temporal access control for computer virus prevention | |
| US7137145B2 (en) | System and method for detecting an infective element in a network environment | |
| CN109995794B (en) | Safety protection system, method, equipment and storage medium | |
| US20070177615A1 (en) | Voip security | |
| US20160234230A1 (en) | System and method for preventing dos attacks utilizing invalid transaction statistics | |
| Eidle et al. | Autonomic security for zero trust networks | |
| CN112073969B (en) | 5G network security protection method and system | |
| EP1720315B1 (en) | Network management and administration by monitoring network traffic and vulnerability scanning | |
| US11178177B1 (en) | System and method for preventing session level attacks | |
| CN113972992A (en) | Access method and device for SDP controller and computer-readable storage medium | |
| Singh | Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) For Network Security: A Critical Analysis | |
| CN111756707A (en) | Back door safety protection device and method applied to global wide area network | |
| Kato et al. | A real-time intrusion detection system (IDS) for large scale networks and its evaluations | |
| CN114679285A (en) | System login control method and device, electronic equipment and storage medium | |
| CN114124585B (en) | Security defense method, device, electronic equipment and medium | |
| Fink | Lessons learned from cyber security assessments of SCADA and energy management systems | |
| CN116996238A (en) | Processing method and related device for network abnormal access | |
| Allan | Intrusion Detection Systems (IDSs): Perspective | |
| US20240154981A1 (en) | Logging configuration system and method | |
| Karamagi | Comptia Security+ Practice Exams |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Country or region after: China Address after: 100044 2nd floor, building 1, yard 26, Xizhimenwai South Road, Xicheng District, Beijing Applicant after: Qianxin Wangshen information technology (Beijing) Co.,Ltd. Applicant after: QAX Technology Group Inc. Applicant after: NATIONAL COMPUTER VIRUS EMERGENCY RESPONSE CENTER Address before: 100044 2nd floor, building 1, yard 26, Xizhimenwai South Road, Xicheng District, Beijing Applicant before: LEGENDSEC INFORMATION TECHNOLOGY (BEIJING) Inc. Country or region before: China Applicant before: QAX Technology Group Inc. Applicant before: NATIONAL COMPUTER VIRUS EMERGENCY RESPONSE CENTER |
|
| CB02 | Change of applicant information |