CN1713584A - Discovering and blocking system and method for intranet IP address - Google Patents
Discovering and blocking system and method for intranet IP address Download PDFInfo
- Publication number
- CN1713584A CN1713584A CN 200410025467 CN200410025467A CN1713584A CN 1713584 A CN1713584 A CN 1713584A CN 200410025467 CN200410025467 CN 200410025467 CN 200410025467 A CN200410025467 A CN 200410025467A CN 1713584 A CN1713584 A CN 1713584A
- Authority
- CN
- China
- Prior art keywords
- module
- address
- illegal
- blocking
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention consists of: network scanning module used to scan IP address of host computer, MAC address, name of host machine and working group, which are sent the information comparison module; information comparison module that compares the received information flow with preset legal configuration, and outputs the list of illegal web station to block-out module; the block-out module that make block-out and attack to the illegal host computer
Description
Technical field
The present invention relates to a kind of LAN safety management system and method, relate in particular to a kind of Intranet IP address discovery and blocking system and method.
Background technology
The application of internet has now become that each major company raises labour productivity and the revolutionary factor of profit margin, and they have obtained new business opportunity by ecommerce and wide area network.Meanwhile, increasing employee connects together by the standard agreement TCP/IP of internet, and this has just caused a serious problem, the long IP address of multiplication exceeded the scope that IT department of company can control.The expansion of current each major company's network is extremely swift and violent, simultaneously the order and the reliability of network ip address and name space is also had higher requirement.Therefore, how effectively to prevent the IP address illegally usurp and illegal network equipment access network is a problem of much organizing headache.
ARP(Address Resolution Protocol) is used to realize the mapping of IP address to the network interface hardware address.When certain main frame will be in Ethernet another main frame when sending the IP data, it is at first according to the IP address of the destination host mapping table to corresponding ethernet address.If find the node of coupling, then corresponding ethernet address is written into the ethernet frame stem, and data are put on record and joined output queue and wait transmission.If inquiry failure, ARP can keep IP datagram to be sent earlier, broadcasts the ARP message of an inquiry destination host hardware address then, waits IP datagram to be sent after receiving answer again.
Summary of the invention
Technical problem to be solved by this invention provides a kind of Intranet IP address discovery and blocking system and method, it can guarantee under the overall performance of network prerequisite, realization is to the timely discovery and the blocking-up of local host machine, and do not influence the international standard of any network traffics and transmission.
In order to solve the problems of the technologies described above, technical scheme of the present invention is: a kind of Intranet IP address discovery and blocking system are provided, comprise:
The network sweep module, the information such as IP address, mac address, host name, working group that it scans online main frame sends to information comparison module with information flow;
Information comparison module, it compares information flow that receives and the legal configuration of having set, and the tabulation of the illegal website compared out is sent to illegal blocking-up module;
Illegal blocking-up module, it blocks attack to illegal host.
Like this, advantage of the present invention is as follows:
System of the present invention is a framework with Java, Web technology, adopts object-oriented and MessageQueueing technology component information switching plane, and the every formation function that makes product makes whole system possess autgmentability flexibly on this platform.The present invention can be achieved as follows function: 1, physical port protection; 2, the real-time detection and the analysis of online IP address of equipment; 3, the validity decision of information such as IP address, MAC Address; 4, warning and the illegal IP address of blocking-up automatically; 5, the use history of inquiry illegal IP address; 6, support multiple detection modes such as active detecting, passive listening; 7, support dynamic assignment IP address and the static IP of setting address simultaneously.
Description of drawings
Fig. 1 is the structural representation of system of the present invention.
Embodiment
As shown in Figure 1: service system of the present invention uses Java Servlet (Servlet is the Server end program of writing with Java) container Tomcat (title of a Web container) as the webserver 1, at the top operation interface that the Web mode is provided to the user, the built-in Postgresql of system (a kind of title of database) database 2, this system mainly is divided into network sweep module 3, information comparison module 4, illegal blocking-up module 5,7 seven modules of authentication module 6 and entitlement management module, intercom mutually by the right method of message (Message Queueing) between each module, pass through ICMP (Internet Control Message Protocol) at the bottom, ARP (address resolution protocol), SNMP (Simple Network Management Protocol), TELNET (Telnet), FTP standard agreements such as (file transfer protocol (FTP)) obtains the information of managed device.
Wherein, the webserver 1 (WebService) provides external interface interchange;
Information such as the IP address of the online main frame of network sweep module 3 scannings, mac (Media Access Control, medium access control) address, host name, working group send to information comparison module with information flow;
Information comparison module 4 is compared information flow that receives and the legal configuration of having set, and the tabulation of the illegal website compared out is sent to illegal blocking-up module;
5 pairs of illegal host of illegal blocking-up module are blocked attack.
When user's login system, 6 pairs of identify labels of authentication module are handled, and call the page loading that entitlement management module 7 has this user authority.Each submodule is by ODBC (Open DatabaseConnectivity, Open Database Connection) or JDBC (Java Database Connectivity, the interconnection of Java database) accessing database.
Wherein, described entitlement management module 7 adopts ePass authorization verification management system.EPass authorization verification management system is the general Software System of the access authorization for resource of the one or more application systems of management, it can be to the resource in using, the right to use such as resources such as application system menu, picture, form and documents is managed concentratedly, simultaneously the account number of using the user of system is managed concentratedly, unified standard login interface is provided and uses screen template, provide specifying the interface of account number, allocated resource scope check.
The automatic scan of 1 pair of IP address of described network sweep module finds and can finish by agreements such as ICMP, ARP that consider the situation that scan efficiency and MAC Address are found, the present invention adopts the ARP agreement to carry out network sweep.The automatic discovery of host name then can be passed through multiple technologies such as SNMP, Samba, Ftp, Telnet in conjunction with realization.
Method for interchanging data of the present invention can adopt two kinds of methods, and a kind of is by Message Queue message synchronization mechanism, uses pass-along message between different system, makes certain processing by application program again, finishes data sync work; Another is to represent database data by the XML file, by network the XML file is sent to synchronous end again.Message Queue Data Interchange Technology is applicable to that real-time requires than higher the occasion that data volume is less relatively, XML (eXtensible MarkupLanguage, extend markup language)
It is lower that Data Interchange Technology is applicable to that then real-time requires, the occasion that data volume is relatively large.
The present invention adopts the basic technology of BSMQ (Baosight Message Queuing, precious letter message queue) communication middleware as data sync.BSMQ provides the connectedness on different vendor platforms, and the information interactive method of standard is provided to the developer.
Outward, Intranet IP address discovery of the present invention and blocking-up method comprise the steps:
The network sweep step, the information such as IP address, mac address, host name, working group that it scans online main frame sends to information comparison module with information flow;
Information comparison step, it compares information flow that receives and the legal configuration of having set, and the tabulation of the illegal website compared out is sent to illegal blocking-up module;
Illegal blocking-up step, it blocks attack to illegal host.
Claims (8)
1, a kind of Intranet IP address discovery and blocking system is characterized in that, comprising:
Network sweep module 3, the information such as IP address, mac address, host name, working group that it scans online main frame sends to information comparison module with information flow;
Information comparison module 4, it compares information flow that receives and the legal configuration of having set, and the tabulation of the illegal website compared out is sent to illegal blocking-up module;
Illegal blocking-up module 5, it blocks attack to illegal host.
2, IP address discovery according to claim 1 and blocking system is characterized in that, also comprise a webserver 1, and it provides external interface interchange.
3, IP address discovery according to claim 1 and blocking system is characterized in that, also comprise an identity authentication module 6, when it is used for the user and lands identify label are handled.
4, IP address discovery according to claim 1 and blocking system is characterized in that, also comprise an entitlement management module 7, and it loads the page that this user has authority.
5, IP address discovery according to claim 1 and blocking system, it is characterized in that, described network sweep module 3, information comparison module 4, illegally block between module 5, dialing monitoring module, device management module, authentication module 6 and the entitlement management module 7 and intercom mutually by the right method of message.
6, IP address discovery according to claim 1 and blocking system, it is characterized in that, described network sweep module 3, information comparison module 4, illegally block module 5, dialing monitoring module, device management module, authentication module 6 and entitlement management module 7 all by Open Database Connection or Java database interconnect access database.
7, IP address discovery according to claim 1 and blocking system is characterized in that, described entitlement management module 7 adopts ePass authorization verification management system.
8, a kind of Intranet IP address discovery and blocking-up method, it comprises the steps:
The network sweep step, the information such as IP address, mac address, host name, working group that it scans online main frame sends to information comparison module with information flow;
Information comparison step, it compares information flow that receives and the legal configuration of having set, and the tabulation of the illegal website compared out is sent to illegal blocking-up module;
Illegal blocking-up step, it blocks attack to illegal host.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200410025467 CN1713584A (en) | 2004-06-25 | 2004-06-25 | Discovering and blocking system and method for intranet IP address |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200410025467 CN1713584A (en) | 2004-06-25 | 2004-06-25 | Discovering and blocking system and method for intranet IP address |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1713584A true CN1713584A (en) | 2005-12-28 |
Family
ID=35719031
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200410025467 Pending CN1713584A (en) | 2004-06-25 | 2004-06-25 | Discovering and blocking system and method for intranet IP address |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1713584A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102118271A (en) * | 2011-03-29 | 2011-07-06 | 上海北塔软件股份有限公司 | Method for discovering illegally-accessed equipment |
| CN102904902A (en) * | 2012-10-31 | 2013-01-30 | 北京锐安科技有限公司 | Dynamic host configuration protocol (DHCP)-based bypass blocking method |
| CN104113453A (en) * | 2014-08-08 | 2014-10-22 | 福建富士通信息软件有限公司 | Method and system for monitoring and alarming abnormal parallel accessing of local area network |
| CN104734903A (en) * | 2013-12-23 | 2015-06-24 | 中国科学院沈阳自动化研究所 | Safety protection method of OPC protocol based on dynamic tracking technology |
| CN105338130A (en) * | 2015-11-17 | 2016-02-17 | 中国联合网络通信集团有限公司 | Method, system and device for configuring isolation area pointing address |
-
2004
- 2004-06-25 CN CN 200410025467 patent/CN1713584A/en active Pending
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102118271A (en) * | 2011-03-29 | 2011-07-06 | 上海北塔软件股份有限公司 | Method for discovering illegally-accessed equipment |
| CN102118271B (en) * | 2011-03-29 | 2013-03-27 | 上海北塔软件股份有限公司 | Method for discovering illegally-accessed equipment |
| CN102904902A (en) * | 2012-10-31 | 2013-01-30 | 北京锐安科技有限公司 | Dynamic host configuration protocol (DHCP)-based bypass blocking method |
| CN102904902B (en) * | 2012-10-31 | 2015-08-19 | 北京锐安科技有限公司 | A kind of based on DHCP method for blocking bypass by |
| CN104734903A (en) * | 2013-12-23 | 2015-06-24 | 中国科学院沈阳自动化研究所 | Safety protection method of OPC protocol based on dynamic tracking technology |
| CN104113453A (en) * | 2014-08-08 | 2014-10-22 | 福建富士通信息软件有限公司 | Method and system for monitoring and alarming abnormal parallel accessing of local area network |
| CN105338130A (en) * | 2015-11-17 | 2016-02-17 | 中国联合网络通信集团有限公司 | Method, system and device for configuring isolation area pointing address |
| CN105338130B (en) * | 2015-11-17 | 2018-06-01 | 中国联合网络通信集团有限公司 | It is directed toward the method and system and device of address in configuration isolation area |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111092869B (en) | Security management and control method for terminal access to office network and authentication server | |
| JP4554609B2 (en) | Network asset tracker that identifies users of networked computers | |
| JP2002521748A (en) | Information security analysis system | |
| WO2002097587A3 (en) | Method and system for implementing security devices in a network | |
| CN105245386B (en) | The automatic positioning method and system of server connection relation | |
| KR100513911B1 (en) | Information security analysis system | |
| CN114598749B (en) | Service access method and device | |
| CN2819663Y (en) | Intranet IP address discovering and blocking system | |
| CN107959602A (en) | A kind of method of network entry and device | |
| EP3096492B1 (en) | Page push method and system | |
| CN1713584A (en) | Discovering and blocking system and method for intranet IP address | |
| CN114268457A (en) | Multi-protocol multi-service public network security access method | |
| CN1519742A (en) | Network card testing method capable of balancing loads | |
| CN1921496A (en) | Method for DHCP client terminal to identifying DHCP server | |
| CN116719868A (en) | Network asset identification method, device and equipment | |
| CN1197296C (en) | An information switch | |
| CN201657204U (en) | System for realizing network video monitoring off internet platform | |
| CN104065766B (en) | One kind bypass caching domain name analytic method | |
| CN116016197A (en) | Network topology structure discovery method and device, storage medium and electronic equipment | |
| CN101478406A (en) | Method for real-time monitoring network operation behavior of remote user | |
| CN100349422C (en) | Interactive inbreak detection testing system for supporting large scale multi-user subsequent control | |
| CN113347036B (en) | Method and system for realizing cloud environment bypass monitoring by utilizing public cloud storage | |
| KR101047152B1 (en) | Data Driven Traffic Management System and Traffic Management Method | |
| CN1210910C (en) | Analysing and alarm displaying Method and system thereof | |
| CN111935070B (en) | Data security exchange system and method based on automatic arrangement |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |