CN101980481B - Method for realizing session replication and tracking during security terminal emulation protocol monitoring - Google Patents
Method for realizing session replication and tracking during security terminal emulation protocol monitoring Download PDFInfo
- Publication number
- CN101980481B CN101980481B CN 201010533530 CN201010533530A CN101980481B CN 101980481 B CN101980481 B CN 101980481B CN 201010533530 CN201010533530 CN 201010533530 CN 201010533530 A CN201010533530 A CN 201010533530A CN 101980481 B CN101980481 B CN 101980481B
- Authority
- CN
- China
- Prior art keywords
- session
- control system
- supervisory control
- client
- replication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a method for realizing session replication and tracking during security terminal emulation protocol monitoring. The method comprises the following steps that: (1) a monitoring system performs secondary login or agency on an SSH protocol, a client initiates a request of starting session replication to the monitoring system, and a new independent virtual session is established between the monitoring system and the client; (2) the monitoring system simultaneously initiates a request of starting session replication to a server, and a new independent virtual session is also established between the server and the monitoring system; (3) the monitoring system correspondingly maps all virtual sessions at two ends; and (4) a virtual memory screen is drawn in the memory, and operation of each session is intercepted in the screen so as to fulfill the aim of independently tracking each session. By the technical means of the invention, on the premise of monitoring the security terminal emulation protocol, session replication and tracking are realized during security terminal emulation protocol monitoring. The method is simple and easy to operate.
Description
Technical field
The invention belongs to security terminal simulation protocol monitoring technique field, specifically relate to realize when a kind of security terminal simulation protocol is monitored the method for session replication and tracking.
Background technology
Terminal emulation protocol is the common protocol that is used to safeguard UNIX or LINUX server; In early days two kinds of TELNET and RLOGIN are arranged based on the popular agreement of TCP/IP network terminal emulation; But because they adopt mode expressly in the process of Network Transmission; This has produced very big potential safety hazard, the person of having an ulterior motive can be easily in bypass to username and password, even operation is monitored and is intercepted and captured.Therefore these two kinds of agreements are transmitted security terminal simulation protocol safer, with better function (hereinafter to be referred as the SSH agreement) step by step and replace.The SSH agreement not only makes network data transmission safer through the method that adopts the SSL asymmetric encryption; And the SSH agreement also provides the function of in same TCP connection, opening a plurality of virtual sessions through the method for tunnel; Be the session replication of SSH, be very easy to the server maintenance personnel.Fail safe just because of the SSH agreement; The mode that grasps packet through bypass commonly used can't therefrom obtain valid data; Therefore if desired the remote access operation based on SSH is monitored; Just must on supervisory control system, carry out secondary and land or act on behalf of, otherwise just can't from ciphered data, restore attendant's operation the SSH agreement.So-called secondary login; Be exactly that operating personnel at first sign in on the supervisory control system through the SSH agreement; Supervisory control system provides friendly menu interface for the operating personnel that authorized, and operating personnel can select the server of own required login directly to login in menu.So-called agency is exactly operating personnel is appointed as the acting server of SSH agreement with supervisory control system, and all SSH protocol access all visit destination server with supervisory control system as the agency.In sum; Principle according to secondary lands or acts on behalf of can be known; The SSH agreement that operating personnel initiate is connected on the supervisory control system and terminates, and all are all initiated by supervisory control system the connection of the destination server of maintenance, and supervisory control system is a server as far as client like this; And be client as far as server end, by this method can anti-easily parse operation behavior.Can satisfy monitoring like this to the SSH agreement; But because in this case; The SSH agreement of client connects to be set up with supervisory control system; Same server end SSH agreement connects also to be set up with supervisory control system, therefore to the forwarding of session replication function, and to the tracking control of full process of each session very difficulty that just becomes.
Summary of the invention
The present invention solves the existing in prior technology technical problem, realizes the method for session replication and tracking when providing a kind of security terminal simulation protocol to monitor.
Above-mentioned technical problem of the present invention mainly is able to solve through following technical proposals: the method that realizes session replication and tracking when a kind of security terminal simulation protocol is monitored; Implementation step is: the ⑴ supervisory control system is carried out secondary login or agency to the SSH agreement; Client is initiated the request that opened session is duplicated to supervisory control system; And ask a sign, this session replication request of supervisory control system response is set up a new independently virtual session after consulting to accomplish between supervisory control system and client; ⑵ supervisory control system is initiated the opened session duplicate requests to server end simultaneously, this session replication request of server end response, and ask a sign, between server end and supervisory control system, also set up a new independently virtual session after consulting to accomplish; ⑶ the session data that supervisory control system is sent according to client finds out the session channel of corresponding service-oriented device end and sends the data to server through this session channel; The session data that the while supervisory control system is sent according to server end finds out the session channel of corresponding curstomer-oriented end and sends the data to client through this session channel, and the virtual sessions that two ends are all map correspondingly; ⑷ draw the virtual memory screen in internal memory, and the operation of each session of intercepting in this screen, reached the purpose that each session is followed the tracks of separately.
As preferably; Among the said step ⑶; Supervisory control system is established as a chained list to the mapping of virtual session; And on this chained list, set up respectively with the client session and be the hash table of index and be the hash table of index, retrieval in the hash table that with the client session is index when receiving client session data, retrieval in the hash table that with the server end session is index when receiving the server end session data with the server end session.
As preferably, among the said step ⑷, supervisory control system is all kept a session node to each session; The virtual memory screen is as a member of session node; When receiving session data, find session node and draw this screen, intercepting is simultaneously operated accordingly.
The present invention has overcome in the existing security terminal simulation protocol technology to the forwarding of session replication function with to the irrealizable defective of the tracking control of full process of each session; Satisfying under the prerequisite that the security terminal simulation protocol is monitored through technological means of the present invention; Also realized when the security terminal simulation protocol is monitored, carrying out session replication and tracking, operation is simple.
Embodiment
Through embodiment, do further bright specifically below to technical scheme of the present invention.
Embodiment: the method that realizes session replication and tracking when a kind of security terminal simulation protocol of the present invention is monitored; Implementation step is: the ⑴ supervisory control system is carried out secondary login or agency to the SSH agreement; Client is initiated the request that opened session is duplicated to supervisory control system; And ask a sign, this session replication request of supervisory control system response is set up a new independently virtual session after consulting to accomplish between supervisory control system and client; ⑵ supervisory control system is initiated the opened session duplicate requests to server end simultaneously, this session replication request of server end response, and ask a sign, between server end and supervisory control system, also set up a new independently virtual session after consulting to accomplish; ⑶ the session data that supervisory control system is sent according to client finds out the session channel of corresponding service-oriented device end and sends the data to server through this session channel; The session data that the while supervisory control system is sent according to server end finds out the session channel of corresponding curstomer-oriented end and sends the data to client through this session channel, and the virtual sessions that two ends are all map correspondingly; ⑷ draw the virtual memory screen in internal memory, and the operation of each session of intercepting in this screen, reached the purpose that each session is followed the tracks of separately.
In the SSH agreement being carried out the process that secondary lands and act on behalf of, owing to need monitor the operation of whole connection procedure, yet the The data of in the protocol transmission process, being deciphered out is that the NVT mode is transmitted.So-called NVT is meant network virtual terminal; The operating data that has wherein not only comprised the user; Also comprised a lot of format informations, therefore only the record data bag is not enough, resolve packet is counter; Simultaneously because the complexity of isomerous environment and the uncertainty of operation only can't correct Solution be separated out operation through filtering formatted data.The present invention is employed in the internal memory operation that the method for drawing the virtual memory screen obtains importing; Also just be equivalent to the same screen of truly seeing with the user of operating terminal of simulation in internal memory; And the operation that the intercepting user is carried out in this screen, so just satisfied correctness and promptness that operation is reduced.Because the user can carry out relatively independent operation in the session that each duplicates out; All need set up an independently virtual memory screen when therefore each session being followed the tracks of; And the operation of each session of intercepting independently in each screen, so just reached the purpose that each session is followed the tracks of separately.
In order to improve efficiency of transmission; Supervisory control system is established as a chained list to the mapping of virtual session among the step ⑶; And on this chained list, set up respectively with the client session and be the hash table of index and be the hash table of index with the server end session; Retrieval in the hash table that with the client session is index when receiving client session data, retrieval in the hash table that with the server end session is index when receiving the server end session data; Among the step ⑷, supervisory control system is all kept a session node to each session, and the virtual memory screen, finds session node and draws this screen when receiving session data as a member of session node, and intercepting is simultaneously operated accordingly.
At last, should be pointed out that above embodiment only is the more representational example of the present invention.Obviously, technical scheme of the present invention is not limited to the foregoing description, and many distortion can also be arranged.All distortion that those of ordinary skill in the art can directly derive or associate from content disclosed by the invention all should be thought protection scope of the present invention.
Claims (3)
1. realize the method for session replication and tracking during a security terminal emulation SSH protocol monitor; The performing step that it is characterized in that said method is: the ⑴ supervisory control system is carried out secondary login or agency to the SSH agreement; Client is initiated the request that opened session is duplicated to supervisory control system; And ask a sign, this session replication request of supervisory control system response is set up a new independently virtual session after consulting to accomplish between supervisory control system and client; ⑵ supervisory control system is initiated the opened session duplicate requests to server end simultaneously, this session replication request of server end response, and ask a sign, between server end and supervisory control system, also set up a new independently virtual session after consulting to accomplish; ⑶ the session data that supervisory control system is sent according to client finds out the session channel of corresponding service-oriented device end and sends the data to server through this session channel; The session data that the while supervisory control system is sent according to server end finds out the session channel of corresponding curstomer-oriented end and sends the data to client through this session channel, and the virtual sessions that two ends are all map correspondingly; ⑷ draw the virtual memory screen in internal memory, and the operation of each session of intercepting in this screen, reached the purpose that each session is followed the tracks of separately.
2. realize the method for session replication and tracking during a kind of security terminal emulation SSH protocol monitor according to claim 1; It is characterized in that among the said step ⑶; Supervisory control system is established as a chained list to the mapping of virtual session; And on this chained list, set up respectively with the client session and be the hash table of index and be the hash table of index with the server end session; Retrieval in the hash table that with the client session is index when receiving client session data, retrieval in the hash table that with the server end session is index when receiving the server end session data.
3. realize the method for session replication and tracking during a kind of security terminal emulation SSH protocol monitor according to claim 1; It is characterized in that among the said step ⑷; Supervisory control system is all kept a session node to each session, and the virtual memory screen is as a member of session node, when receiving session data; Find session node and draw this screen, intercepting is simultaneously operated accordingly.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 201010533530 CN101980481B (en) | 2010-11-05 | 2010-11-05 | Method for realizing session replication and tracking during security terminal emulation protocol monitoring |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 201010533530 CN101980481B (en) | 2010-11-05 | 2010-11-05 | Method for realizing session replication and tracking during security terminal emulation protocol monitoring |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101980481A CN101980481A (en) | 2011-02-23 |
| CN101980481B true CN101980481B (en) | 2012-12-05 |
Family
ID=43600966
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 201010533530 Active CN101980481B (en) | 2010-11-05 | 2010-11-05 | Method for realizing session replication and tracking during security terminal emulation protocol monitoring |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101980481B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106302586A (en) * | 2015-05-25 | 2017-01-04 | 中兴通讯股份有限公司 | A kind of realization method and system of remote terminal instrument |
| CN111143736B (en) * | 2018-11-06 | 2024-02-06 | 广东万丈金数信息技术股份有限公司 | Data transmission method, device, main page server and storage medium |
| CN111884833A (en) * | 2020-07-04 | 2020-11-03 | 中国人民解放军海军航空大学航空作战勤务学院 | Simulation system integration method based on network virtualization technology |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080031141A1 (en) * | 2006-08-01 | 2008-02-07 | Tekelec | Methods, systems, and computer program products for monitoring tunneled internet protocol (IP) traffic on a high bandwidth IP network |
| CN101420432A (en) * | 2008-12-01 | 2009-04-29 | 华为技术有限公司 | Implementing method, system and apparatus for IMS listening |
| US20100220609A1 (en) * | 2009-02-27 | 2010-09-02 | Ascendent Telecommunications Inc. | System and method for reducing call latency in monitored calls |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100531074C (en) * | 2007-08-24 | 2009-08-19 | 中兴通讯股份有限公司 | Method and system for legally monitoring IP multimedia subsystem network |
| CN101114952A (en) * | 2007-08-28 | 2008-01-30 | 飞思达技术(北京)有限公司 | Data flow redirection based VOIP/NGN monitoring, inspecting method and system |
-
2010
- 2010-11-05 CN CN 201010533530 patent/CN101980481B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080031141A1 (en) * | 2006-08-01 | 2008-02-07 | Tekelec | Methods, systems, and computer program products for monitoring tunneled internet protocol (IP) traffic on a high bandwidth IP network |
| CN101420432A (en) * | 2008-12-01 | 2009-04-29 | 华为技术有限公司 | Implementing method, system and apparatus for IMS listening |
| US20100220609A1 (en) * | 2009-02-27 | 2010-09-02 | Ascendent Telecommunications Inc. | System and method for reducing call latency in monitored calls |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101980481A (en) | 2011-02-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104065731B (en) | A kind of ftp file Transmission system and transmission method | |
| US9448914B2 (en) | Method and system for implementing remote debugging | |
| CN106790420B (en) | A kind of more session channel method for building up and system | |
| CN111917727A (en) | Electric power Internet of things safety intelligent image transmission system and method based on 5G and WiFi | |
| CN108881308B (en) | User terminal and authentication method, system and medium thereof | |
| WO2016202007A1 (en) | Device operation and maintenance method and system | |
| CN104753752B (en) | A kind of on-demand connection method suitable for VPN | |
| CN104811433A (en) | Distributed IoT (Internet of Things) solution scheme of C/S configuration | |
| CN108259467A (en) | A kind of encryption and authentication method of block chain communication system | |
| CN102665216B (en) | User authentication method for extensible and distributed wireless local area network (WLAN) | |
| CN104349208A (en) | Message processing method, message processing device, gateway, set-top box and network television system | |
| CN104618522B (en) | The method and Ethernet access equipment that IP address of terminal automatically updates | |
| CN101980481B (en) | Method for realizing session replication and tracking during security terminal emulation protocol monitoring | |
| CN104408777A (en) | Internet attendance management system and method based on P2P communication realized by NAT traversal | |
| CN103873285A (en) | Unified information network management platform | |
| WO2017005163A1 (en) | Wireless communication-based security authentication device | |
| CN105262795B (en) | A kind of on-line education system of private clound and public cloud combination | |
| CN105743868B (en) | A kind of data collection system and method for supporting encryption and non-encrypted agreement | |
| CN108650232A (en) | Unmanned plane media data real-time transmission system and method | |
| CN102780702A (en) | System and method for document security transmission | |
| CN101989987B (en) | Method for realizing transmission and tracking of encrypted files at the time of monitoring security terminal emulation protocol | |
| US20210352746A1 (en) | Mobile platform communication method, device, system, and storage medium | |
| CN116032691B (en) | Shooting range interconnection method, electronic equipment and readable storage medium | |
| CN108259249A (en) | Method for network access, router, terminal device, server and network system | |
| WO2016197993A1 (en) | Router, mobile terminal, and alarm information sending method, and alarm information receiving method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |