CN1319327C - Server safety operation guarantec method - Google Patents
Server safety operation guarantec method Download PDFInfo
- Publication number
- CN1319327C CN1319327C CNB2004100372532A CN200410037253A CN1319327C CN 1319327 C CN1319327 C CN 1319327C CN B2004100372532 A CNB2004100372532 A CN B2004100372532A CN 200410037253 A CN200410037253 A CN 200410037253A CN 1319327 C CN1319327 C CN 1319327C
- Authority
- CN
- China
- Prior art keywords
- data
- client controller
- server
- communicator
- port
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
- 238000000034 method Methods 0.000 title claims abstract description 23
- 238000012544 monitoring process Methods 0.000 claims abstract description 16
- 238000004891 communication Methods 0.000 claims description 9
- 238000012545 processing Methods 0.000 claims description 3
- 238000011161 development Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The present invention relates to a safe operation guarantee method for a server. The server receives and accepts a request from a customer end so as to get an IP address and a port number; the server judges if the customer end is legal, otherwise, the server closes connection and continues monitoring; if the customer end is legal, the server checks if the customer end establishes connection; if the IP is connected, the connection is closed and the server continues monitoring; if the IP is not connected, a communicator is set up to communicate with the customer end and the server continues monitoring; in the communicator, if the data of the customer end is not received in a certain time, the communicator is closed; if the data is received in a stated time, the server judge if the data is the agreed information, otherwise the communicator is destroyed; if the data is legal, the server continues waiting for receiving the data; if the legal data from the customer end is not received in 10 seconds, the communicator is destroyed. The method has the advantages of real time, accuracy and safety and guarantees server safety in a public network.
Description
Technical field
The present invention relates to a kind of safe operation support method, be meant a kind of server security operational support method especially.In local area network (LAN) that is made of server, controller, database, Surveillance center, property center or the control system that constitutes by public network, server is the transport hub at contact controller, Surveillance center, property center.Therefore ensure the server security operation, in The whole control system, occupy consequence.
Background technology
At present, in existing local area network (LAN) that is made of server, controller, Surveillance center, property center or the control system that constitutes by public network, the support method that does not still have the support method of the safe operation of setting up or safe operation is unsound.Its weak point is that safe operation does not have guarantee, can not satisfy in good time, monitor accurately needs.
Summary of the invention
The objective of the invention is to avoid above-mentioned weak point of the prior art and a kind of server security operational support method is provided.In local area network that utilization is made of server, controller, Surveillance center, property center or the control system that constitutes by public network, in order to realize the safe operation of server, we have developed server security operational support method.
Purpose of the present invention can reach by following measure: a kind of support method of server security operation is characterized in that:
(1) communication server inquires the IP address of all legitimate client side controllers from database when starting, and is kept in the internal memory;
(2) after the normal startup of server, monitoring the port of appointment always;
(3) server is received the connection request that certain client controller sends to Service-Port;
(4) accept connection request, from communication, obtain the IP address and the port numbers of client controller, compare and see with the list of legal controller in the internal memory whether the port of client is the port of appointment; If the address of client controller is not that the address or the port of the client controller of appointment is not the port of appointment, then close connection this time, directly return, continue monitoring service device port;
(5) if whether then check the address of this client controller to set up with server is connected, if connection has been set up in the address of this client controller, then close connection this time, directly return, continue monitoring service device port;
(6), then create the communicator of and this client controller communication if this controller did not connect;
(7) after communicator is created, wait for immediately receiving the data that the client controller sends up,, then destroy communicator if in official hour, do not receive the data that the client controller sends up.
(8) if in official hour, receive the data that the client controller sends up, judge then whether these data are to receive the data that the client controller sends up for the first time, if receive the data that the client controller sends up for the first time: then judge whether it is the log-on message that passes through the appointment of encrypting, if the log-on message of the appointment that process is encrypted, then put this client controller of a flag bit sign and connect, safeguard this communicator and continue to wait for the reception data; If not the log-on message that passes through the appointment of encrypting, then destroy communicator;
(9) if not for the first time receiving the data that the client controller sends up, judge whether it is the data of appointing, if the data of appointing deal with data then, and continue to wait for and receive data; If not the data of appointing, then directly should wrap data and lose, continue to wait for the reception data;
(10), think that then the client controller breaks, and destroys communicator if do not receive the data of waiting for reception in 10 seconds; If receive in 10 seconds and wait for the data that receive, then return above-mentioned (8) and go on foot to judge whether it is to receive the data that the client controller sends up for the first time, and do corresponding processing according to above-mentioned steps.
The present invention has following advantage compared to existing technology:
But the needs of monitoring are satisfied in the safeguards system safe operation in good time, accurately;
Improved the overall performance of system, the estate management center of having realized living is supervised regional supervision purpose to sub-district, Surveillance center to society;
On public network, developed server security operational support method, realize that on the public network of broadband monitoring has obtained breakthrough, make the application of broadband public network also can utilize present technique to realize that multinomial product utilization broadband public network realizes monitoring purposes to measuring controlling party to development.
Description of drawings
Fig. 1 server security operational support method logical flow chart.
Embodiment
In local area network that is made of server, controller, database, Surveillance center, property center or the control system that constitutes by public network, in order to realize the safe operation of server, we have developed server security operational support method.
Below in conjunction with Fig. 1 server security operational support method logical flow chart, its server security operational support method is described step by step:
(1) communication server inquires the IP address of all legitimate client side controllers from database when starting, and is kept in the internal memory;
(2) after the normal startup of server, monitoring the port of appointment always;
(3) server is received the connection request that certain client controller sends to Service-Port;
(4) accept connection request, from communication, obtain the IP address and the port numbers of client controller, compare and see with the list of legal controller in the internal memory whether the port of client is the port of appointment; If the address of client controller is not that the address or the port of the client controller of appointment is not the port of appointment, then close connection this time, directly return, continue monitoring service device port;
(5) if whether then check the address of this client controller to set up with server is connected, if connection has been set up in the address of this client controller, then close connection this time, directly return, continue monitoring service device port;
(6), then create the communicator of and this client controller communication if this controller did not connect;
(7) after communicator is created, wait for immediately receiving the data that the client controller sends up,, then destroy communicator if in official hour, do not receive the data that the client controller sends up.
(8) if in official hour, receive the data that the transmission of client controller comes up, judge then whether these data are to receive the data that the client controller sends up for the first time, if receive the data that the client controller sends up for the first time: then judge whether it is the log-on message that passes through the appointment of encrypting, if the log-on message of the appointment that process is encrypted, then put this client controller of a flag bit sign and connect, safeguard this communicator and continue to wait for the reception data; If not the log-on message that passes through the appointment of encrypting, then destroy communicator;
(9) if not for the first time receiving the data that the client controller sends up, judge whether it is the data of appointing, if the data of appointing deal with data then, and continue to wait for and receive data; If not the data of appointing, then directly should wrap data and lose, continue to wait for the reception data;
(10), think that then the client controller breaks, and destroys communicator if do not receive the data of waiting for reception in 10 seconds; If receive in 10 seconds and wait for the data that receive, then return above-mentioned (8) and go on foot to judge whether it is to receive the data that the client controller sends up for the first time, and do corresponding processing according to above-mentioned steps.
This server security operational support method can satisfy the needs of monitoring in good time, accurately; On public network, developed server security operational support method, made the application of broadband public network can be to measuring controlling party to development.
Claims (1)
1, a kind of support method of server security operation is characterized in that:
(1) communication server inquires the IP address of all legitimate client side controllers from database when starting, and is kept in the internal memory;
(2) after the normal startup of server, monitoring the port of appointment always;
(3) server is received the connection request that certain client controller sends to Service-Port;
(4) accept connection request, from communication, obtain the IP address and the port numbers of client controller, compare and see with the list of legal controller in the internal memory whether the port of client is the port of appointment; If the address of client controller is not that the address or the port of the client controller of appointment is not the port of appointment, then close connection this time, directly return, continue monitoring service device port;
(5) if whether then check the address of this client controller to set up with server is connected, if connection has been set up in the address of this client controller, then close connection this time, directly return, continue monitoring service device port;
(6), then create the communicator of and this client controller communication if this client controller did not connect;
(7) after communicator is created, wait for immediately receiving the data that the client controller sends up,, then destroy communicator if in official hour, do not receive the data that the client controller sends up;
(8) if in official hour, receive the data that the client controller sends up, judge whether these data are to receive the data that the client controller sends up for the first time, if receive the data that the client controller sends up for the first time: then judge whether it is the log-on message that passes through the appointment of encrypting, if the log-on message of the appointment that process is encrypted, then put this client controller of a flag bit sign and connect, safeguard this communicator and continue to wait for the reception data; If not the log-on message that passes through the appointment of encrypting, then destroy communicator;
(9) if not for the first time receiving the data that the client controller sends up, judge whether it is the data of appointing, if the data of appointing deal with data then, and continue to wait for and receive data; If not the data of appointing, then directly should wrap data and lose, continue to wait for the reception data;
(10), think that then the client controller breaks, and destroys communicator if do not receive the data of waiting for reception in 10 seconds; If receive in 10 seconds and wait for the data that receive, then return above-mentioned (8) and go on foot to judge whether it is the data of receiving the client controller for the first time, and do corresponding processing according to above-mentioned steps.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100372532A CN1319327C (en) | 2004-04-30 | 2004-04-30 | Server safety operation guarantec method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100372532A CN1319327C (en) | 2004-04-30 | 2004-04-30 | Server safety operation guarantec method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1649310A CN1649310A (en) | 2005-08-03 |
| CN1319327C true CN1319327C (en) | 2007-05-30 |
Family
ID=34868530
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2004100372532A Expired - Lifetime CN1319327C (en) | 2004-04-30 | 2004-04-30 | Server safety operation guarantec method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1319327C (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP5153219B2 (en) * | 2007-06-14 | 2013-02-27 | グローリー株式会社 | Money handling machine and money handling machine system |
| CN101079903B (en) * | 2007-06-21 | 2011-01-19 | 中国工商银行股份有限公司 | Method and system based on remote login of user terminal |
| CN101202965B (en) * | 2007-12-10 | 2011-04-06 | 中兴通讯股份有限公司 | Method for transmitting safe point-to-point short message facing to connectionless |
| CN102882836A (en) * | 2011-07-15 | 2013-01-16 | 深圳市汇川控制技术有限公司 | Method and system for server to safely access Internet of things |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020108058A1 (en) * | 2001-02-08 | 2002-08-08 | Sony Corporation And Sony Electronics Inc. | Anti-theft system for computers and other electronic devices |
| WO2003032603A2 (en) * | 2001-10-09 | 2003-04-17 | Koninklijke Philips Electronics N.V. | Ip hopping for secure data transfer |
| CN1421771A (en) * | 2001-11-27 | 2003-06-04 | 四川安盟科技有限责任公司 | Guard system to defend network invansion of unkown attack trick effectively |
| CN1434661A (en) * | 2003-01-30 | 2003-08-06 | 武汉奥发科技工程有限公司 | Method for multi-stage monitor and mobile monitor of GPS/mobile telephone location |
| US20030149796A1 (en) * | 2002-01-04 | 2003-08-07 | Emerson Theodore F. | Method and apparatus for creating a secure embedded I/O processor for a remote server management controller |
-
2004
- 2004-04-30 CN CNB2004100372532A patent/CN1319327C/en not_active Expired - Lifetime
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020108058A1 (en) * | 2001-02-08 | 2002-08-08 | Sony Corporation And Sony Electronics Inc. | Anti-theft system for computers and other electronic devices |
| WO2003032603A2 (en) * | 2001-10-09 | 2003-04-17 | Koninklijke Philips Electronics N.V. | Ip hopping for secure data transfer |
| CN1421771A (en) * | 2001-11-27 | 2003-06-04 | 四川安盟科技有限责任公司 | Guard system to defend network invansion of unkown attack trick effectively |
| US20030149796A1 (en) * | 2002-01-04 | 2003-08-07 | Emerson Theodore F. | Method and apparatus for creating a secure embedded I/O processor for a remote server management controller |
| CN1434661A (en) * | 2003-01-30 | 2003-08-06 | 武汉奥发科技工程有限公司 | Method for multi-stage monitor and mobile monitor of GPS/mobile telephone location |
Non-Patent Citations (1)
| Title |
|---|
| Intranet/Internet中的Web服务器安全机制 樊成勇 杨峰,计算机安全,第6期 2003 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1649310A (en) | 2005-08-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109922160B (en) | Terminal secure access method, device and system based on power Internet of things | |
| US6970917B1 (en) | System and method for remote control and management of wireless devices | |
| CN103391216B (en) | A kind of illegal external connection is reported to the police and blocking-up method | |
| EP1130875B1 (en) | A home gateway with a data backup service | |
| TWI428787B (en) | Theft management system and method | |
| US20050188096A1 (en) | Media streaming home network system and method for operating the same | |
| CN111490981B (en) | Access management method and device, bastion machine and readable storage medium | |
| US20020073211A1 (en) | System and method for securely communicating between application servers and webservers | |
| CN100590595C (en) | Information processing device and process control method | |
| US20160295410A1 (en) | Security gateway for a regional/home network | |
| CN101675640A (en) | self-initiated end-to-end monitoring for authentication gateway | |
| US20060123120A1 (en) | Methods for establishing and validating sessions | |
| WO2010121542A1 (en) | Home gateway-based anti-virus method and device thereof | |
| CN1319327C (en) | Server safety operation guarantec method | |
| CN111726328B (en) | Method, system and related device for remotely accessing a first device | |
| CN107566396A (en) | A kind of method based on dynamic password enhancing server VPN protocol securitys | |
| US20030079141A1 (en) | Method for securing the authenticity of hardware and software in a networked system | |
| JP2003258795A (en) | Computer aggregate operating method, implementation system therefor, and processing program therefor | |
| CN102404114A (en) | Monitoring method and system both for Web service | |
| CN101227277B (en) | Method and system for implementing safety of end to end based on WAP1.2 gateway | |
| CN107800715A (en) | A kind of portal authentication method and access device | |
| KR20200098181A (en) | Network security system by integrated security network card | |
| WO2011153731A1 (en) | Method and system for managing and controlling wired terminal, and access server | |
| CN101827090B (en) | External user login and backup system | |
| US20240348687A1 (en) | Cloud-based roadway equipment management platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 100028 Beijing City, Chaoyang District No. 77 East Building No. 5 Patentee after: BEIJING LANHAI HUAYE ENGINEERING TECHNOLOGY CO.,LTD. Address before: 100028 Beijing City, Chaoyang District No. 77 East Building No. 5 Patentee before: YIXING SHIJI DIGITAL APPLIC DE |
|
| CX01 | Expiry of patent term | ||
| CX01 | Expiry of patent term |
Granted publication date: 20070530 |