WO2023178990A1 - Vulnerability poc detection-based security scanning tool - Google Patents

Vulnerability poc detection-based security scanning tool Download PDF

Info

Publication number
WO2023178990A1
WO2023178990A1 PCT/CN2022/124303 CN2022124303W WO2023178990A1 WO 2023178990 A1 WO2023178990 A1 WO 2023178990A1 CN 2022124303 W CN2022124303 W CN 2022124303W WO 2023178990 A1 WO2023178990 A1 WO 2023178990A1
Authority
WO
WIPO (PCT)
Prior art keywords
scanning tool
wall
box body
security scanning
vulnerability
Prior art date
Application number
PCT/CN2022/124303
Other languages
French (fr)
Chinese (zh)
Inventor
张媛琳
谭宽
蒋莹
王冰
保佑智
徐吉用
何爽
杨韵融
朱艳琼
冷大伟
Original Assignee
云南电网有限责任公司红河供电局
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 云南电网有限责任公司红河供电局 filed Critical 云南电网有限责任公司红河供电局
Publication of WO2023178990A1 publication Critical patent/WO2023178990A1/en

Links

Images

Classifications

    • BPERFORMING OPERATIONS; TRANSPORTING
    • B65CONVEYING; PACKING; STORING; HANDLING THIN OR FILAMENTARY MATERIAL
    • B65DCONTAINERS FOR STORAGE OR TRANSPORT OF ARTICLES OR MATERIALS, e.g. BAGS, BARRELS, BOTTLES, BOXES, CANS, CARTONS, CRATES, DRUMS, JARS, TANKS, HOPPERS, FORWARDING CONTAINERS; ACCESSORIES, CLOSURES, OR FITTINGS THEREFOR; PACKAGING ELEMENTS; PACKAGES
    • B65D81/00Containers, packaging elements, or packages, for contents presenting particular transport or storage problems, or adapted to be used for non-packaging purposes after removal of contents
    • B65D81/02Containers, packaging elements, or packages, for contents presenting particular transport or storage problems, or adapted to be used for non-packaging purposes after removal of contents specially adapted to protect contents from mechanical damage
    • B65D81/03Wrappers or envelopes with shock-absorbing properties, e.g. bubble films
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01MPROCESSES OR MEANS, e.g. BATTERIES, FOR THE DIRECT CONVERSION OF CHEMICAL ENERGY INTO ELECTRICAL ENERGY
    • H01M10/00Secondary cells; Manufacture thereof
    • H01M10/60Heating or cooling; Temperature control
    • H01M10/62Heating or cooling; Temperature control specially adapted for specific applications
    • H01M10/627Stationary installations, e.g. power plant buffering or backup power supplies
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01MPROCESSES OR MEANS, e.g. BATTERIES, FOR THE DIRECT CONVERSION OF CHEMICAL ENERGY INTO ELECTRICAL ENERGY
    • H01M50/00Constructional details or processes of manufacture of the non-active parts of electrochemical cells other than fuel cells, e.g. hybrid cells
    • H01M50/20Mountings; Secondary casings or frames; Racks, modules or packs; Suspension devices; Shock absorbers; Transport or carrying devices; Holders
    • H01M50/262Mountings; Secondary casings or frames; Racks, modules or packs; Suspension devices; Shock absorbers; Transport or carrying devices; Holders with fastening means, e.g. locks
    • H01M50/264Mountings; Secondary casings or frames; Racks, modules or packs; Suspension devices; Shock absorbers; Transport or carrying devices; Holders with fastening means, e.g. locks for cells or batteries, e.g. straps, tie rods or peripheral frames
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02EREDUCTION OF GREENHOUSE GAS [GHG] EMISSIONS, RELATED TO ENERGY GENERATION, TRANSMISSION OR DISTRIBUTION
    • Y02E60/00Enabling technologies; Technologies with a potential or indirect contribution to GHG emissions mitigation
    • Y02E60/10Energy storage using batteries

Definitions

  • the utility model relates to the technical field of vulnerability detection equipment, specifically to a security scanning tool based on vulnerability POC detection.
  • POC testing or Proof of Concept
  • NMAP Confirm port status through port scanning. Scanning technologies include: TCP SYN scan; TCP connect scan; TCP ACK scan; TCP FIN/Xmas/NULL scan; UDP scan; SCTP INIT/COOKIE-ECHO; idle scan; FTP bounce scan.
  • Service version detection and identification if it is a TCP port, try to establish a TCP connection, usually within the waiting time, you will receive the "Welcome Banner" message sent by the target machine.
  • This utility model is to provide a security scanning tool based on vulnerability POC detection to solve the problems raised in the above background technology.
  • the present utility model provides a security scanning tool based on vulnerability POC detection, which includes a box body, the top of the box body is hinged with a cover plate, and a number of battery slots and equipment slots are provided inside the box body.
  • a battery is arranged inside the battery slot
  • a scanning tool is arranged inside the equipment slot
  • a first inflatable gasket is arranged on the inner wall of the battery slot
  • a second inflatable gasket is arranged on the inner wall of the equipment slot
  • the first inflatable gasket and the second inflatable gasket are rectangular annular structures
  • a sealing strip is installed on the inner wall of the opening of the box.
  • a buckle plate is installed on one side of the cover plate, a button hole is installed on one side of the outer wall of the box body, and the buckle plate snaps into the button hole.
  • a handle is installed on the outer wall of the box.
  • the outer walls of the first inflatable gasket and the second inflatable gasket are provided with inflatable openings.
  • an inflation tube is installed on the outer wall of the box, and the inside of the inflation tube is connected to the inflation port through a pipeline.
  • compression blocks are installed on the inner walls of both sides of the second inflatable gasket.
  • the pressing block has an L-shaped structure, and a pressure plate is installed on the inside.
  • a spring is provided between the pressing block and the pressure plate.
  • the battery slot and the device slot provided in it can facilitate the placement and fixation of the battery and the device.
  • the battery and the device are protected by the first inflatable gasket and the second inflatable gasket to avoid carrying them. It is easily damaged by vibration or extrusion, and can be easily carried through the box, improving the portability of the device.
  • Figure 1 is a schematic diagram of the overall structure of the utility model
  • Figure 2 is a schematic structural diagram of the first inflatable gasket in the present utility model
  • Figure 3 is a schematic structural diagram of the compression block in the present utility model.
  • first and second are used for descriptive purposes only and cannot be understood as indicating or implying relative importance or implicitly indicating the quantity of indicated technical features. Thus, defining “first” and “second” features may explicitly or implicitly include one or more of these features. In the description of the present invention, “several” means two or more, unless otherwise clearly and specifically limited.
  • the utility model provides a security scanning tool based on vulnerability POC detection, as shown in Figures 1 to 3, including a box body 1.
  • the top of the box body 1 is hinged with a cover plate 2 to facilitate the opening and closing of the box body 1.
  • a number of battery slots 13 and equipment slots 15 are provided inside the body 1.
  • Batteries 3 are provided inside the battery slot 13 to facilitate storage and placement of the batteries.
  • a scanning tool 4 is provided inside the equipment slot 15 for scanning the security scanning tool.
  • the inner wall of the battery slot 13 is provided with a first inflatable gasket 14 for protecting the outside of the battery 3
  • the inner wall of the equipment slot 15 is provided with a second inflatable gasket 16 for protecting the outside of the scanning tool 4.
  • the first inflatable gasket 14 and the second inflatable gasket 16 are rectangular annular structures, and a sealing strip 18 is installed on the inner wall of the opening of the box body 1 to ensure the sealing performance after the cover plate 2 is closed.
  • a buckle plate 21 is installed on one side of the cover 2, and a button hole 11 is installed on one side of the outer wall of the box body 1.
  • the buckle plate 21 snaps into the button hole 11 to facilitate the cover 2 to remain fixed after being closed. , will not cause looseness.
  • Scan Tool 4 will scan sequentially based on IP addresses when performing network scans.
  • Security devices such as firewalls usually have anti-scanning mechanisms and will judge based on the order of scanning. If there are too many requests for a single IP and With certain rules, it can easily be judged as an attack, and subsequent connection requests will be blocked.
  • technologies such as IP packet fragmentation, IP deception, and scan delay can usually be used during remote scanning.
  • IP packet fragmentation technology can fragment detection packets, for example, splitting TCP packets into multiple IP packets and sending them over.
  • IP decoys mix real IP addresses with the IP addresses of other online hosts during scanning, allowing the target host's firewall or IDS to track and inspect a large number of data packets with different IP addresses, reducing the number of traceable own probability.
  • IP decoys IP decoys
  • Some firewalls will conduct strict detection of data packets sent too frequently, and some systems limit the frequency of error packets. For example, Solaris systems typically limit generating one ICMP message per second in response to a UDP scan. Therefore, customizing the frequency and delay of sending messages in this case can reduce the censorship intensity of the target host and save network bandwidth.
  • a handle 12 is installed on the outer wall of the box 1 to facilitate the carrying of the box 1 .
  • first inflatable gasket 14 and the second inflatable gasket 16 are provided with inflation openings 141 to facilitate inflating the first inflatable gasket 14 and the second inflatable gasket 16 to ensure the protective effect.
  • an inflation tube 17 is installed on the outer wall of the box body 1.
  • the inside of the inflation tube 17 is connected to the inflation port 141 through a pipeline.
  • the inflation tube 17 is inflated through an air pump to inflate the first inflatable gasket 14 and the second inflatable gasket 14.
  • the gasket 16 is filled with gas, thereby ensuring the protective effect on the battery and the scanning tool 4 .
  • compression blocks 161 are installed on both sides of the inner walls of the second inflatable gasket 16 for compressing and fixing the outside of the scanning tool 4 so that it is in the equipment. It remains fixed in the groove 15 and will not loosen.
  • the pressing block 161 has an L-shaped structure, and a pressing plate 162 is installed on the inside.
  • the outside of the pressing block 161 is pressed against the outer wall of the scanning tool 4, and the outside of the pressing plate 162 is pressed against the inner wall of the equipment slot 15.
  • a spring 163 is provided between the tightening block 161 and the pressure plate 162. The spring 163 compresses the pressure plate 162 to increase the friction between the pressure plate 162 and the inner wall of the equipment slot 15, thereby ensuring that the scanning tool 4 is fixed.
  • the security scanning tool When using the security scanning tool based on vulnerability POC detection of the present invention, first open the cover 2 of the device, then put the battery into the battery slot 13, put the scanning tool 4 into the equipment slot 15, and use the air pump to By inflating the gas tube 17, the gas in the first gas washer 14 and the second gas gasket 16 can be filled, thereby ensuring the protective effect on the battery and the scanning tool 4.
  • the pressure plate 162 is pressed tightly by the spring 163 to increase the size of the pressure plate. 162 and the inner wall of the equipment slot 15 to ensure that the scanning tool 4 is fixed. Then cover the cover 2, and you can carry the box 1 with you.
  • you need to use the security scanning tool 4 open the cover 2 , and then take out the scanning tool 4 from the equipment slot 15.

Landscapes

  • Engineering & Computer Science (AREA)
  • Chemical & Material Sciences (AREA)
  • Chemical Kinetics & Catalysis (AREA)
  • Electrochemistry (AREA)
  • General Chemical & Material Sciences (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mechanical Engineering (AREA)
  • Manufacturing & Machinery (AREA)
  • Buffer Packaging (AREA)
  • Casings For Electric Apparatus (AREA)

Abstract

Disclosed in embodiments of the present application is a vulnerability POC detection-based security scanning tool, comprising a box body (1). A cover plate (2) is hingedly connected to the top of the box body (1); a plurality of battery containers (13) and a device container (15) are formed in the box body (1); batteries (3) are arranged in the battery containers (13); a scanning tool (4) is arranged in the device container (15); a first inflation gasket (14) is arranged on the inner wall of each battery container (13); a second inflation gasket (16) is arranged on the inner wall of the device container (15); the first inflation gaskets (14) and the second inflation gasket (16) are of a rectangular ring-shaped structure; a sealing strip (18) is installed on the inner wall of an opening of the box body (1). According to the vulnerability POC detection-based security scanning tool, batteries and a device can be conveniently placed and fixed by means of the battery containers and the device container arranged therein, the batteries and the device are protected by the first inflation gaskets and the second inflation gasket, vibration or crush damage during carrying is avoided, the box body facilitates carrying, and the portability of the apparatus is improved.

Description

一种基于漏洞POC检测的安全扫描工具A security scanning tool based on vulnerability POC detection 技术领域Technical field
本实用新型涉及漏洞检测设备技术领域,具体地说,涉及一种基于漏洞POC检测的安全扫描工具。The utility model relates to the technical field of vulnerability detection equipment, specifically to a security scanning tool based on vulnerability POC detection.
背景技术Background technique
POC检测,即Proof of Concept,是业界流行的针对客户具体应用的验证性测试,根据用户对采用系统提出的性能要求和扩展需求的指标,在选用服务器上进行真实数据的运行,对承载用户数据量和运行时间进行实际测算,并根据用户未来业务扩展的需求加大数据量以验证系统和平台的承载能力和性能变化,在进行漏洞的POC检测时,需要使用安全扫描工具进行安全扫描,NMAP通过端口扫描对端口状态进行确认,扫描技术包括:TCP SYN scan;TCP connect scan;TCP ACK scan;TCP FIN/Xmas/NULL scan;UDP scan;SCTP INIT/COOKIE-ECHO;idle scan;FTP bounce scan。服务版本探测与识别,如果是TCP端口,则尝试建立TCP连接,通常在等待时间内,会接收到目标机发送的“Welcome Banner”信息。POC testing, or Proof of Concept, is a popular verification test in the industry for customer-specific applications. According to the performance requirements and expansion demand indicators proposed by users for the adopted system, real data is run on the selected server to carry out user data. Conduct actual calculations on the volume and running time, and increase the amount of data according to the user's future business expansion needs to verify the carrying capacity and performance changes of the system and platform. When conducting POC detection of vulnerabilities, security scanning tools need to be used for security scanning, NMAP Confirm port status through port scanning. Scanning technologies include: TCP SYN scan; TCP connect scan; TCP ACK scan; TCP FIN/Xmas/NULL scan; UDP scan; SCTP INIT/COOKIE-ECHO; idle scan; FTP bounce scan. Service version detection and identification, if it is a TCP port, try to establish a TCP connection, usually within the waiting time, you will receive the "Welcome Banner" message sent by the target machine.
现有的基于漏洞POC检测的安全扫描工具在使用时不便于进行携带,在携带时工具不便于固定,容易受到碰撞或者挤压,从而造成设备损坏,且在使用时需要更换电池,电池的放置和收纳也不够方便。Existing security scanning tools based on vulnerability POC detection are not easy to carry when using them. The tools are not easy to fix when carrying, and they are easy to be collided or squeezed, causing damage to the equipment. In addition, the battery needs to be replaced during use. The placement of the battery And storage is not convenient enough.
实用新型内容Utility model content
本实用新型的目的在于提供一种基于漏洞POC检测的安全扫描工具,以解决上述背景技术中提出的问题。The purpose of this utility model is to provide a security scanning tool based on vulnerability POC detection to solve the problems raised in the above background technology.
为实现上述目的,本实用新型提供了一种基于漏洞POC检测的安全扫描工具,包括盒体,所述盒体的顶部铰接有盖板,所述盒体的内部开设有若干电池槽和设备槽,所述电池槽的内部设置有电池,所述设备槽的内部设置有扫描工具,所述电池槽的内壁设置有第一充气垫圈,所述设备槽的内壁设置有第二充气垫圈,所述第一充气垫圈和第二充气垫圈为矩形环状结构,所述盒体的开口处内壁安装有密封条。In order to achieve the above purpose, the present utility model provides a security scanning tool based on vulnerability POC detection, which includes a box body, the top of the box body is hinged with a cover plate, and a number of battery slots and equipment slots are provided inside the box body. , a battery is arranged inside the battery slot, a scanning tool is arranged inside the equipment slot, a first inflatable gasket is arranged on the inner wall of the battery slot, a second inflatable gasket is arranged on the inner wall of the equipment slot, The first inflatable gasket and the second inflatable gasket are rectangular annular structures, and a sealing strip is installed on the inner wall of the opening of the box.
作为优选,所述盖板的一侧安装有扣板,所述盒体的一侧外壁安装有扣孔,所述扣板与扣孔卡接配合。Preferably, a buckle plate is installed on one side of the cover plate, a button hole is installed on one side of the outer wall of the box body, and the buckle plate snaps into the button hole.
作为优选,所述盒体的外壁安装有把手。Preferably, a handle is installed on the outer wall of the box.
作为优选,所述第一充气垫圈和第二充气垫圈的外壁设置有充气口。Preferably, the outer walls of the first inflatable gasket and the second inflatable gasket are provided with inflatable openings.
作为优选,所述盒体的外壁安装有充气管,所述充气管的内侧与充气口之间通过管道连接。Preferably, an inflation tube is installed on the outer wall of the box, and the inside of the inflation tube is connected to the inflation port through a pipeline.
作为优选,所述第二充气垫圈的两侧内壁安装有压紧块。Preferably, compression blocks are installed on the inner walls of both sides of the second inflatable gasket.
作为优选,所述压紧块为L形结构,且内侧安装有压板,所述压紧块与压板之间设置有弹簧。Preferably, the pressing block has an L-shaped structure, and a pressure plate is installed on the inside. A spring is provided between the pressing block and the pressure plate.
与现有技术相比,本实用新型的有益效果:Compared with the existing technology, the beneficial effects of this utility model are:
该基于漏洞POC检测的安全扫描工具中,通过其中设置的电池槽和设备槽能够方便进行电池和设备的放置和固定,通过第一充气垫圈和第二充气垫圈将电池和设备进行保护,避免携带时受到震动或者挤压损坏,且通过盒体方便进行携带,提高该装置的便携性。In this security scanning tool based on vulnerability POC detection, the battery slot and the device slot provided in it can facilitate the placement and fixation of the battery and the device. The battery and the device are protected by the first inflatable gasket and the second inflatable gasket to avoid carrying them. It is easily damaged by vibration or extrusion, and can be easily carried through the box, improving the portability of the device.
附图说明Description of the drawings
图1为本实用新型的整体结构示意图;Figure 1 is a schematic diagram of the overall structure of the utility model;
图2为本实用新型中第一充气垫圈的结构示意图;Figure 2 is a schematic structural diagram of the first inflatable gasket in the present utility model;
图3为本实用新型中压紧块的结构示意图。Figure 3 is a schematic structural diagram of the compression block in the present utility model.
图中各个标号意义为:The meaning of each symbol in the figure is:
1、盒体;11、扣孔;12、把手;13、电池槽;14、第一充气垫圈;141、充气口;15、设备槽;16、第二充气垫圈;161、压紧块;162、压板;163、弹簧;17、充气管;18、密封条;2、盖板;21、扣板;3、电池;4、扫描工具。1. Box body; 11. Button hole; 12. Handle; 13. Battery slot; 14. First inflatable gasket; 141. Inflatable port; 15. Equipment slot; 16. Second inflatable gasket; 161. Pressure block; 162 , pressure plate; 163, spring; 17, inflatable tube; 18, sealing strip; 2, cover plate; 21, buckle plate; 3, battery; 4, scanning tool.
具体实施方式Detailed ways
下面将结合本实用新型实施例中的附图,对本实用新型实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本实用新型一部分实施例,而不是全部的实施例。基于本实用新型中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获 得的所有其他实施例,都属于本实用新型保护的范围。The technical solutions in the embodiments of the present utility model will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present utility model. Obviously, the described embodiments are only part of the embodiments of the present utility model, not all implementations. example. Based on the embodiments of the present utility model, all other embodiments obtained by those of ordinary skill in the art without making creative efforts belong to the scope of protection of the present utility model.
在本实用新型的描述中,需要理解的是,术语“中心”、“纵向”、“横向”、“长度”、“宽度”、“厚度”、“上”、“下”、“前”、“后”、“左”、“右”、“竖直”、“水平”、“顶”、“底”、“内”、“外”、“顺时针”、“逆时针”等指示的方位或位置关系为基于附图所示的方位或位置关系,仅是为了便于描述本实用新型和简化描述,而不是指示或暗示所指的设备或元件必须具有特定的方位、以特定的方位构造和操作,因此不能理解为对本实用新型的限制。In the description of the present invention, it should be understood that the terms "center", "longitudinal", "transverse", "length", "width", "thickness", "upper", "lower", "front", The directions indicated by "back", "left", "right", "vertical", "horizontal", "top", "bottom", "inside", "outside", "clockwise", "counterclockwise" etc. Or the positional relationship is based on the orientation or positional relationship shown in the drawings, which is only for the convenience of describing the present invention and simplifying the description, and does not indicate or imply that the equipment or components referred to must have a specific orientation, be constructed in a specific orientation, and operation, therefore it cannot be construed as a limitation of the present invention.
此外,术语“第一”、“第二”仅用于描述目的,而不能理解为指示或暗示相对重要性或者隐含指明所指示的技术特征的数量。由此,限定有“第一”、“第二”特征可以明示或者隐含地包括一个或者更多个该特征。在本实用新型的描述中,“若干”的含义是两个或两个以上,除非另有明确具体的限定。In addition, the terms “first” and “second” are used for descriptive purposes only and cannot be understood as indicating or implying relative importance or implicitly indicating the quantity of indicated technical features. Thus, defining "first" and "second" features may explicitly or implicitly include one or more of these features. In the description of the present invention, "several" means two or more, unless otherwise clearly and specifically limited.
实施例1Example 1
本实用新型提供一种基于漏洞POC检测的安全扫描工具,如图1-图3所示,包括盒体1,盒体1的顶部铰接有盖板2,方便盒体1的打开和关闭,盒体1的内部开设有若干电池槽13和设备槽15,电池槽13的内部设置有电池3,便于将电池进行收纳放置,设备槽15的内部设置有扫描工具4,用于将安全扫描工具进行收纳放置,电池槽13的内壁设置有第一充气垫圈14,用于将电池3的外部进行防护,设备槽15的内壁设置有第二充气垫圈16,用于将扫描工具4的外部进行防护,第一充气垫圈14和第二充气垫圈16为矩形环状结构,盒体1的开口处内壁安装有密封条18,保证盖板2盖上后的密封性。The utility model provides a security scanning tool based on vulnerability POC detection, as shown in Figures 1 to 3, including a box body 1. The top of the box body 1 is hinged with a cover plate 2 to facilitate the opening and closing of the box body 1. A number of battery slots 13 and equipment slots 15 are provided inside the body 1. Batteries 3 are provided inside the battery slot 13 to facilitate storage and placement of the batteries. A scanning tool 4 is provided inside the equipment slot 15 for scanning the security scanning tool. When stored and placed, the inner wall of the battery slot 13 is provided with a first inflatable gasket 14 for protecting the outside of the battery 3, and the inner wall of the equipment slot 15 is provided with a second inflatable gasket 16 for protecting the outside of the scanning tool 4. The first inflatable gasket 14 and the second inflatable gasket 16 are rectangular annular structures, and a sealing strip 18 is installed on the inner wall of the opening of the box body 1 to ensure the sealing performance after the cover plate 2 is closed.
本实施例中,盖板2的一侧安装有扣板21,盒体1的一侧外壁安装有扣孔11,扣板21与扣孔11卡接配合,方便盖板2盖上后保持固定,不会造成松动。In this embodiment, a buckle plate 21 is installed on one side of the cover 2, and a button hole 11 is installed on one side of the outer wall of the box body 1. The buckle plate 21 snaps into the button hole 11 to facilitate the cover 2 to remain fixed after being closed. , will not cause looseness.
值得说明的是,扫描工具4在进行网络扫描时,会依据IP地址进行按序扫描,而防火墙等安全设备通常具有防扫描机制,会根据扫描的顺序性来判断,如果单一IP请求过多并带有一定规则性,则很容易被判定为攻击行为,后续的连接请求将会被阻断。针对绕 过防火墙等安全设备的过滤,为了突破防火墙的封锁,收集网络资产信息,在进行远扫描时通常可以采用IP报文分片、IP诱骗、扫描延时等技术。IP报文分片技术可以将探测报文进行分片处理,例如,将TCP报文拆分成多个IP报文发送过去,某些简单的防火墙为了加快处理速度可能不会进行重组检查,以此避开其检查。IP诱骗(IP decoys)在进行扫描时,将真实IP地址和其他在线主机的IP地址混合使用,以此让目标主机的防火墙或IDS追踪检查大量的不同IP地址的数据报文,降低其追查到自身的概率。但是,某些高级的IDS系统通过统计分析仍然可以追踪出扫描者真实IP地址。还有一种技术是扫描延时,某些防火墙针对发送过于频繁的数据报文会进行严格的侦查,而且某些系统限制错误报文产生的频率。例如,Solaris系统通常会限制每秒钟只能产生一个ICMP消息回复给UDP扫描。所以,定制该情况下的发送报文频率和发送报文延时可以降低目标主机的审查强度、节省网络带宽。It is worth mentioning that Scan Tool 4 will scan sequentially based on IP addresses when performing network scans. Security devices such as firewalls usually have anti-scanning mechanisms and will judge based on the order of scanning. If there are too many requests for a single IP and With certain rules, it can easily be judged as an attack, and subsequent connection requests will be blocked. In order to bypass the filtering of security devices such as firewalls, in order to break through the firewall blockade and collect network asset information, technologies such as IP packet fragmentation, IP deception, and scan delay can usually be used during remote scanning. IP packet fragmentation technology can fragment detection packets, for example, splitting TCP packets into multiple IP packets and sending them over. Some simple firewalls may not perform reassembly checks in order to speed up processing. This avoids its inspection. IP decoys (IP decoys) mix real IP addresses with the IP addresses of other online hosts during scanning, allowing the target host's firewall or IDS to track and inspect a large number of data packets with different IP addresses, reducing the number of traceable own probability. However, some advanced IDS systems can still track the scanner's real IP address through statistical analysis. Another technique is scanning delay. Some firewalls will conduct strict detection of data packets sent too frequently, and some systems limit the frequency of error packets. For example, Solaris systems typically limit generating one ICMP message per second in response to a UDP scan. Therefore, customizing the frequency and delay of sending messages in this case can reduce the censorship intensity of the target host and save network bandwidth.
具体的,盒体1的外壁安装有把手12,方便盒体1的携带。Specifically, a handle 12 is installed on the outer wall of the box 1 to facilitate the carrying of the box 1 .
进一步的,第一充气垫圈14和第二充气垫圈16的外壁设置有充气口141,方便将第一充气垫圈14和第二充气垫圈16充气,从而保证防护效果。Furthermore, the outer walls of the first inflatable gasket 14 and the second inflatable gasket 16 are provided with inflation openings 141 to facilitate inflating the first inflatable gasket 14 and the second inflatable gasket 16 to ensure the protective effect.
进一步的,盒体1的外壁安装有充气管17,充气管17的内侧与充气口141之间通过管道连接,通过气泵向充气管17内充气,即可将第一充气垫圈14和第二充气垫圈16内的气体充满,从而保证对电池和扫描工具4的防护效果。Further, an inflation tube 17 is installed on the outer wall of the box body 1. The inside of the inflation tube 17 is connected to the inflation port 141 through a pipeline. The inflation tube 17 is inflated through an air pump to inflate the first inflatable gasket 14 and the second inflatable gasket 14. The gasket 16 is filled with gas, thereby ensuring the protective effect on the battery and the scanning tool 4 .
实施例2Example 2
为了进一步提高对扫描工具4的定位,在实施例1的基础上,第二充气垫圈16的两侧内壁安装有压紧块161,用于将扫描工具4的外侧压紧固定,使其在设备槽15内保持固定,不会松动。In order to further improve the positioning of the scanning tool 4, on the basis of Embodiment 1, compression blocks 161 are installed on both sides of the inner walls of the second inflatable gasket 16 for compressing and fixing the outside of the scanning tool 4 so that it is in the equipment. It remains fixed in the groove 15 and will not loosen.
进一步的,压紧块161为L形结构,且内侧安装有压板162,压紧块161的外侧压紧在扫描工具4的外壁上,压板162的外侧压紧在设备槽15的内壁上,压紧块161与压板162之间设置有弹簧163,通过弹簧163将压板162压紧,增大压板162与设备槽15内壁 的摩擦力,从而保证扫描工具4固定。Further, the pressing block 161 has an L-shaped structure, and a pressing plate 162 is installed on the inside. The outside of the pressing block 161 is pressed against the outer wall of the scanning tool 4, and the outside of the pressing plate 162 is pressed against the inner wall of the equipment slot 15. A spring 163 is provided between the tightening block 161 and the pressure plate 162. The spring 163 compresses the pressure plate 162 to increase the friction between the pressure plate 162 and the inner wall of the equipment slot 15, thereby ensuring that the scanning tool 4 is fixed.
本实用新型的基于漏洞POC检测的安全扫描工具在使用时,首先将该装置的盖板2打开,再将电池放入电池槽13内,将扫描工具4放入设备槽15内,并通过气泵向充气管17内充气,即可将第一充气垫圈14和第二充气垫圈16内的气体充满,从而保证对电池和扫描工具4的防护效果,通过弹簧163将压板162压紧,增大压板162与设备槽15内壁的摩擦力,从而保证扫描工具4固定,接着将盖板2盖上,即可将盒体1随身携带,在需要进行安全扫描工具4的使用时,将盖板2打开,再将扫描工具4从设备槽15内取出即可。When using the security scanning tool based on vulnerability POC detection of the present invention, first open the cover 2 of the device, then put the battery into the battery slot 13, put the scanning tool 4 into the equipment slot 15, and use the air pump to By inflating the gas tube 17, the gas in the first gas washer 14 and the second gas gasket 16 can be filled, thereby ensuring the protective effect on the battery and the scanning tool 4. The pressure plate 162 is pressed tightly by the spring 163 to increase the size of the pressure plate. 162 and the inner wall of the equipment slot 15 to ensure that the scanning tool 4 is fixed. Then cover the cover 2, and you can carry the box 1 with you. When you need to use the security scanning tool 4, open the cover 2 , and then take out the scanning tool 4 from the equipment slot 15.
以上显示和描述了本实用新型的基本原理、主要特征和本实用新型的优点。本行业的技术人员应该了解,本实用新型不受上述实施例的限制,上述实施例和说明书中描述的仅为本实用新型的优选例,并不用来限制本实用新型,在不脱离本实用新型精神和范围的前提下,本实用新型还会有各种变化和改进,这些变化和改进都落入要求保护的本实用新型范围内。本实用新型要求保护范围由所附的权利要求书及其等效物界定。The basic principles, main features and advantages of the present utility model are shown and described above. Those skilled in the industry should understand that the present utility model is not limited by the above-mentioned embodiments. The above-mentioned embodiments and descriptions are only preferred examples of the present utility model and are not used to limit the present utility model. Without departing from the present utility model, Under the premise of keeping the spirit and scope of the present utility model, there will be various changes and improvements, and these changes and improvements all fall within the scope of the claimed utility model. The protection scope of the present utility model is defined by the appended claims and their equivalents.

Claims (7)

  1. 一种基于漏洞POC检测的安全扫描工具,包括盒体(1),其特征在于:所述盒体(1)的顶部铰接有盖板(2),所述盒体(1)的内部开设有若干电池槽(13)和设备槽(15),所述电池槽(13)的内部设置有电池(3),所述设备槽(15)的内部设置有扫描工具(4),所述电池槽(13)的内壁设置有第一充气垫圈(14),所述设备槽(15)的内壁设置有第二充气垫圈(16),所述第一充气垫圈(14)和第二充气垫圈(16)为矩形环状结构,所述盒体(1)的开口处内壁安装有密封条(18)。A security scanning tool based on vulnerability POC detection, including a box body (1), which is characterized in that: a cover plate (2) is hinged on the top of the box body (1), and a cover plate (2) is provided inside the box body (1). Several battery slots (13) and equipment slots (15), the battery slot (13) is provided with a battery (3), the equipment slot (15) is provided with a scanning tool (4), and the battery slot (13) is provided with a scanning tool (4). The inner wall of (13) is provided with a first inflatable gasket (14), and the inner wall of the equipment slot (15) is provided with a second inflatable gasket (16). The first inflatable gasket (14) and the second inflatable gasket (16) ) is a rectangular annular structure, and a sealing strip (18) is installed on the inner wall of the opening of the box (1).
  2. 根据权利要求1所述的基于漏洞POC检测的安全扫描工具,其特征在于:所述盖板(2)的一侧安装有扣板(21),所述盒体(1)的一侧外壁安装有扣孔(11),所述扣板(21)与扣孔(11)卡接配合。The security scanning tool based on vulnerability POC detection according to claim 1, characterized in that: a buckle plate (21) is installed on one side of the cover plate (2), and a buckle plate (21) is installed on one side of the outer wall of the box body (1). There is a button hole (11), and the button plate (21) snaps into fit with the button hole (11).
  3. 根据权利要求1所述的基于漏洞POC检测的安全扫描工具,其特征在于:所述盒体(1)的外壁安装有把手(12)。The security scanning tool based on vulnerability POC detection according to claim 1, characterized in that: a handle (12) is installed on the outer wall of the box (1).
  4. 根据权利要求1所述的基于漏洞POC检测的安全扫描工具,其特征在于:所述第一充气垫圈(14)和第二充气垫圈(16)的外壁设置有充气口(141)。The security scanning tool based on vulnerability POC detection according to claim 1, characterized in that: the outer walls of the first inflatable gasket (14) and the second inflatable gasket (16) are provided with inflation ports (141).
  5. 根据权利要求4所述的基于漏洞POC检测的安全扫描工具,其特征在于:所述盒体(1)的外壁安装有充气管(17),所述充气管(17)的内侧与充气口(141)之间通过管道连接。The security scanning tool based on vulnerability POC detection according to claim 4, characterized in that: an inflation tube (17) is installed on the outer wall of the box (1), and the inside of the inflation tube (17) is connected to the inflation port (17). 141) are connected through pipelines.
  6. 根据权利要求1所述的基于漏洞POC检测的安全扫描工具,其特征在于:所述第二充气垫圈(16)的两侧内壁安装有压紧块(161)。The security scanning tool based on vulnerability POC detection according to claim 1, characterized in that: compression blocks (161) are installed on the inner walls of both sides of the second inflatable gasket (16).
  7. 根据权利要求6所述的基于漏洞POC检测的安全扫描工具,其特征在于:所述压紧块(161)为L形结构,且内侧安装有压板(162),所述压紧块(161)与压板(162)之间设置有弹簧(163)。The security scanning tool based on vulnerability POC detection according to claim 6, characterized in that: the pressing block (161) has an L-shaped structure, and a pressing plate (162) is installed inside, and the pressing block (161) A spring (163) is provided between the pressure plate (162).
PCT/CN2022/124303 2022-03-22 2022-10-10 Vulnerability poc detection-based security scanning tool WO2023178990A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202220621814.7U CN217216606U (en) 2022-03-22 2022-03-22 Security scanning tool based on loophole POC detection
CN202220621814.7 2022-03-22

Publications (1)

Publication Number Publication Date
WO2023178990A1 true WO2023178990A1 (en) 2023-09-28

Family

ID=82757079

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/124303 WO2023178990A1 (en) 2022-03-22 2022-10-10 Vulnerability poc detection-based security scanning tool

Country Status (2)

Country Link
CN (1) CN217216606U (en)
WO (1) WO2023178990A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN217216606U (en) * 2022-03-22 2022-08-16 云南电网有限责任公司红河供电局 Security scanning tool based on loophole POC detection

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN207547695U (en) * 2017-12-04 2018-06-29 杨喆 A kind of portable construction site puncher
CN208647474U (en) * 2018-07-14 2019-03-26 徐大海 A kind of protective device based on the shockproof anticollision of computer
CN211593397U (en) * 2020-01-16 2020-09-29 蚌埠学院 Portable storage box of manual model
CN213242744U (en) * 2020-09-08 2021-05-18 昆山市山山塑胶科技有限公司 Battery box convenient for fixing battery
CN213878235U (en) * 2020-07-20 2021-08-03 湖州快驴科技有限公司 Power battery box
CN214567093U (en) * 2021-03-25 2021-11-02 陈万意 Unmanned aerial vehicle rotor winding and unwinding devices
CN217216606U (en) * 2022-03-22 2022-08-16 云南电网有限责任公司红河供电局 Security scanning tool based on loophole POC detection

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN207547695U (en) * 2017-12-04 2018-06-29 杨喆 A kind of portable construction site puncher
CN208647474U (en) * 2018-07-14 2019-03-26 徐大海 A kind of protective device based on the shockproof anticollision of computer
CN211593397U (en) * 2020-01-16 2020-09-29 蚌埠学院 Portable storage box of manual model
CN213878235U (en) * 2020-07-20 2021-08-03 湖州快驴科技有限公司 Power battery box
CN213242744U (en) * 2020-09-08 2021-05-18 昆山市山山塑胶科技有限公司 Battery box convenient for fixing battery
CN214567093U (en) * 2021-03-25 2021-11-02 陈万意 Unmanned aerial vehicle rotor winding and unwinding devices
CN217216606U (en) * 2022-03-22 2022-08-16 云南电网有限责任公司红河供电局 Security scanning tool based on loophole POC detection

Also Published As

Publication number Publication date
CN217216606U (en) 2022-08-16

Similar Documents

Publication Publication Date Title
WO2023178990A1 (en) Vulnerability poc detection-based security scanning tool
Handley et al. Network Intrusion Detection: Evasion, Traffic Normalization, and {End-to-End} Protocol Semantics
Yoda et al. Finding a connection chain for tracing intruders
US7797749B2 (en) Defending against worm or virus attacks on networks
Yeo et al. A framework for wireless LAN monitoring and its applications
US8638762B2 (en) System and method for network integrity
US7565693B2 (en) Network intrusion detection and prevention system and method thereof
CN111756598A (en) Asset discovery method based on combination of active detection and flow analysis
WO2016133662A1 (en) Systems and methods for determining trustworthiness of the signaling and data exchange between network systems
CN112788034A (en) Processing method and device for resisting network attack, electronic equipment and storage medium
Acharya et al. Firewall verification and redundancy checking are equivalent
Singh et al. Testbed-based evaluation of siem tool for cyber kill chain model in power grid scada system
CN105554022A (en) Automatic testing method of software
WO2021047494A1 (en) Top cover assembly, secondary battery and electric device
Cadet et al. Coping with denial-of-service attacks on the IP telephony system
US20170366600A1 (en) Operating system fingerprint detection
Reed et al. A reliable real-time slow DoS detection framework for resource-constrained IoT networks
JPH0846379A (en) Fixing structure for cooling fan
CN209730356U (en) High-tension cable Explosion proof joint
Lu et al. Client-side evil twin attacks detection using statistical characteristics of 802.11 data frames
Agoni et al. Ip spoofing detection for preventing ddos attack in fog computing
CN217742021U (en) Leak detector based on NMAP
CN111157833A (en) Power distribution terminal safety detection system and method based on automatic operation of assembly line
US20100218246A1 (en) Detecting the type of nat firewall using messages
CN115150140A (en) Distributed attack trapping system and method based on centralized and unified defense deployment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22933041

Country of ref document: EP

Kind code of ref document: A1