CN106657139A - Login password processing method, apparatus and system - Google Patents
Login password processing method, apparatus and system Download PDFInfo
- Publication number
- CN106657139A CN106657139A CN201710035910.7A CN201710035910A CN106657139A CN 106657139 A CN106657139 A CN 106657139A CN 201710035910 A CN201710035910 A CN 201710035910A CN 106657139 A CN106657139 A CN 106657139A
- Authority
- CN
- China
- Prior art keywords
- password
- login password
- login
- list
- preset
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/069—Management of faults, events, alarms or notifications using logs of notifications; Post-processing of notifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a login password processing method, apparatus and system. The method comprises the following steps: when an IP address of an access device is determined to have an attack behavior and the attack is successful, determining a first login password successfully attacked by the IP address; sending a first alarm message used for modifying the first login password to a management device; when a response message returned by the management device based on the first alarm message, analyzing the response message to obtain a second login password, wherein the second login password is a modified login password; and determining whether the second login password is valid based on a preset password list, wherein the preset password list is used for recording passwords that are broken easily. By application of the login password processing method, apparatus and system provided by the embodiment of the invention, the problems of low processing efficiency of the login password and low validity of the login password are solved.
Description
Technical field
The present invention relates to network communication technology field, more particularly to a kind of processing method of login password, apparatus and system.
Background technology
In prior art, log server is stored to the log information produced in network, and log information can be included and stepped on
The important data messages such as record password, when the quantity of log information is more huge, log server needs the day of analysis and arrangement
Will information is numerous and jumbled, the login password attacked cannot managed devices know that the treatment effeciency of login password is low in time, change
Login password afterwards is likely to because arranging improper, and be cracked again, and the validity of login password is low.
The content of the invention
In view of this, the present invention provides a kind of processing method of login password, apparatus and system, to solve to login password
Treatment effeciency it is low, the low problem of login password validity.
For achieving the above object, present invention offer technical scheme is as follows:
According to the first aspect of the invention, it is proposed that a kind of processing method of login password, methods described includes:
When it is determined that the IP address of access equipment has attack and success attack, the IP address success attack is determined
The first login password;
The first warning message for changing first login password is sent to management equipment;
When the response message that the management equipment is returned based on first warning message is received, analyze the response to
Message obtains the second login password, and second login password is amended login password;
Whether effectively second login password is determined based on preset password list, the preset password list is used to record
The password being easily cracked.
According to the second aspect of the invention, it is proposed that a kind of processing meanss of login password, including:
First determining module, for when it is determined that the IP address of access equipment has attack and success attack, it is determined that
First login password of the IP address success attack;
First alarm module, for determine in sending for changing first determining module to management equipment described the
First warning message of one login password;
Packet parsing module, described in sending in the management equipment is received based on first alarm module
During the response message that the first warning message is returned, analyze the response to message and obtain the second login password, second login is close
Code is amended login password;
Effective judgement module, for determining the second login described in the packet parsing module based on preset password list
Effectively whether, the preset password list is used to record the password being easily cracked password.
From above technical scheme, log server determines that the IP address of access equipment has attack and attacks into
During work(, log server sends the first warning message for changing the first login password to management equipment, when getting management
During amended second login password that equipment is returned, log server determines that the second login password is based on preset password list
It is no effective, when the second login password is invalid so that management equipment is entered in time by obtaining null result to the second login password
Row change, when log server needs the log information quantity of analysis and arrangement more huge, the login password attacked can
To be known in time by the first warning message managed devices, while log server determines that second steps on based on preset password list
Whether effectively, the treatment effeciency for solving login password to being attacked is low, the low problem of login password validity for record password.
Description of the drawings
Fig. 1 is the network architecture diagram that the processing system of the login password that the present invention is provided is suitable for;
Fig. 2 is the embodiment flow chart of the processing method of the login password that the present invention is provided;
Fig. 3 is the embodiment flow chart of the processing method of another login password that the present invention is provided;
Fig. 4 is a kind of hardware structure diagram of safeguard that the present invention is provided;
Fig. 5 is the embodiment block diagram of the processing meanss of the login password that the present invention is provided;
Fig. 6 is the embodiment block diagram of the processing meanss of another login password that the present invention is provided.
Specific embodiment
Here exemplary embodiment will be illustrated in detail, its example is illustrated in the accompanying drawings.Explained below is related to
During accompanying drawing, unless otherwise indicated, the same numbers in different accompanying drawings represent same or analogous key element.Following exemplary embodiment
Described in embodiment do not represent and the consistent all embodiments of the present invention.Conversely, they be only with it is such as appended
The example of the consistent apparatus and method of some aspects described in detail in claims, the present invention.
It is, only merely for the purpose of description specific embodiment, and to be not intended to be limiting the present invention in terminology used in the present invention.
" one kind ", " described " and " being somebody's turn to do " of singulative used in the present invention and appended claims is also intended to include majority
Form, unless context clearly shows that other implications.It is also understood that term "and/or" used herein is referred to and wrapped
Containing one or more associated any or all possible combinations for listing project.
It will be appreciated that though various information, but this may be described using term first, second, third, etc. in the present invention
A little information should not necessarily be limited by these terms.These terms are only used for that same type of information is distinguished from each other out.For example, without departing from
In the case of the scope of the invention, the first information can also be referred to as the second information, and similarly, the second information can also be referred to as
One information.Depending on linguistic context, word as used in this " if " can be construed to " ... when " or " when ...
When " or " in response to determining ".
Fig. 1 is the network architecture diagram that the processing system of the login password that the present invention is provided is suitable for, as shown in figure 1, the net
Network Organization Chart includes:Client 11, safeguard 12, service equipment 13, log server 14, management equipment 15.Wherein, visitor
Family end 11 is arranged on personal computer (Personal Computer, PC), and client 11 can also be arranged on mobile phone, flat board
On the terminal devices such as computer, intelligent watch, this sentences client 11 as the example of access equipment;Safeguard 12 is used to gather
Log information produced by the access service equipment 13 of client 11 and the feedback client 11 of service equipment 13, log information can be with
Comprising the first default mark, the second default mark, IP address, attack time, attack frequency, number of times of attack, the first login password,
Account number, five-tuple information etc. are logged in, wherein, the first default mark can be used for marking whether IP address has attack, the
Two default marks can be used for mark and whether successful attack, specifically, the correlation of the first default mark and the second default mark
Description refers to corresponding content in following step 201, is not first described further herein;Log server 14 is used to store safeguard
The log information of 12 collections.
Generally, client 11 is sent for asking during the message for logging in via safeguard 12 to service equipment 13, protection
The analytic message of equipment 12 obtains log information.Safeguard 12 sends the daily record report for carrying log information to log server 14
Text, the parsing daily record message of log server 14 obtains log information, and log server 14 determines the access included in log information
Whether the IP address of equipment has attack and whether successful attacks, and how access equipment is determined for log server 14
IP address whether there is attack and whether successful step is attacked refer to specifically retouching for step 201 in following Fig. 2
State, be not first described further herein, when the IP address of the determination access equipment of log server 14 has attack and success attack,
Log server 14 determine IP address success attack the first login password, the first login password be, for example, " 123456 ", daily record
Server 14 sends the first warning message for changing the first login password to management equipment 15, when log server 14 is received
When being based on the response message that the first warning message is returned to management equipment 15, the resolution response message of log server 14 obtains second
Login password, the second login password be amended login password, the second login password be, for example, " H7uSd4 ", log server
Whether effectively 14 determine the second login password based on preset password list, and preset password list is used to recording easily be cracked close
Code.Additionally, when log server 14 receives the request message of carrying information to be found of the transmission of management equipment 15, daily record clothes
Business device 14 is matched information to be found with the whole log informations recorded in default log list, wherein, information to be found
For the information for needing to extract, so that information to be found is for source port 80 as an example, administrative staff are by management equipment 15
Interactive software, be input into information source port 80 to be found, and log server 14 will be recorded in source port 80 and default log list
Whole log informations are matched, when information to be found is matched into the one of log information recorded in default log list
During work(, log server 14 sends the feedback message for carrying information to be found and relevant information, relevant information to management equipment 15
It is the information obtained via identical packet parsing with information to be found, the source port 80 for for example obtaining via identical packet parsing
Relevant information also includes:Destination interface 81, source IP address 192.168.5.17, purpose IP address 124.202.166.57, agreement
TCP, the first default mark, the second default mark, attack time, login account number, login password etc..Those skilled in the art can be with
It is understood by, in presetting the whole log informations recorded in log list, multiple source ports 80, multiple source ports 80 may be included
Each self-corresponding relevant information is fed back to management equipment 15, management equipment show rule to information to be found based on default and
Relevant information is shown, and for example, the number of the source port 80 that the match is successful from default log list, source port is shown first
80 corresponding relevant informations can be detailed as daily record, can be shown by way of drop-down menu, by administrative staff's point
Hit corresponding source port 80 and then show the corresponding relevant information of source port 80, improve the efficiency of information searching.By this
Inventive embodiments, when login password is attacked, log server 14 to management equipment 15 sends the first warning message, is easy to
Management equipment 15 is modified in time to login password, obtains the second login password, and log server 14 is arranged based on preset password
Whether effectively table determines the second login password, when the second login password is invalid so that management equipment passes through to obtain null result,
The second login password is modified in time, when log server 14 needs the log information quantity of analysis and arrangement more huge
When, the login password attacked can in time be known by the first warning message managed devices 15, while log server
Whether effectively 14 determine the second login password based on preset password list, solves the process effect of the login password to being attacked
Rate is low, the low problem of login password validity.
It is that the present invention is further described, there is provided the following example:
Fig. 2 is the embodiment flow chart of the processing method of the login password that the present invention is provided, and with reference to Fig. 1 example is carried out
Property explanation, the present embodiment can be applied on the log server 14 in above-mentioned Fig. 1, as shown in Fig. 2 comprising the steps:
Step 201:When it is determined that the IP address of access equipment has attack, it is determined that attack whether success, when it is determined that
During success attack, execution step 202- step 205, when it is determined that attacking unsuccessful, execution step 207- step 208.
Step 202:Determine the first login password of IP address success attack.
Step 203:The first warning message for changing the first login password is sent to management equipment.
Step 204:When the response message that management equipment is returned based on the first warning message is received, resolution response message
The second login password is obtained, the second login password is amended login password.
Step 205:Whether effectively second login password is determined based on preset password list, preset password list is used to record
The password being easily cracked, optionally, after step 205 step 206 is can also carry out.
Step 206:First login password is recorded in preset password list, flow process terminates.
Step 207:Determine that IP address attacks the 4th unsuccessful login password.
Step 208:4th login password is recorded in preset password list, flow process terminates.
In step 201, in one embodiment, using client 11 as access equipment, log server 14 determines daily record
Whether the IP address of the access equipment included in information has attack, attacks whether successful method can be:Daily record is believed
The first default mark, the second default mark, the IP address of client 11 are included in breath, first presets mark for marking IP address
Whether there is attack, whether successful second presets mark attacks for mark.Specifically, it is with IP address
192.168.5.17, there is no attack with first default " 0 " mark IP address 192.168.5.17 that is designated, it is pre- with first
If being designated one token IP address 192.168.5.17 has attack, marked with the second default be designated " Login OK "
Success attack, by second it is default be designated " Login FAIL " mark attack it is unsuccessful as a example by, when the first default mark is labeled as
" 1 ", and second it is default be designated " Login OK ", log server 14 determines the IP address 192.168.5.17 tool of client 11
There are attack and success attack, the execution step 202- step 205 of log server 14;When the first default mark is labeled as " 1 ",
And second it is default be designated " Login FAIL ", log server 14 determines that IP address 192.168.5.17 of client 11 has
Attack, but attack unsuccessful, the execution step 207- step 208 of log server 14.
It should be noted that when the IP address that client 11 is determined by log server 14 has attack and attack
Success, and the IP address for determining client 11 is got when there is the result of attack and success attack, sheet can not be performed
Step 201 in embodiment.
In step 202., in one embodiment, log server 14 is used to store the daily record letter of the collection of safeguard 12
Breath, the IP address comprising client 11 and the login password of attack in log information, the login password attacked herein is first
Login password, with IP address as 192.168.5.17, the first login password be " 123456 " as a example by, log server 14 determine IP
First login password 123456 of address 192.168.5.17 success attacks.
In step 203, in one embodiment, log server 14 sends to management equipment 15 and is logged in for modification first
First warning message of password.
In step 204, in one embodiment, when log server 14 receives management equipment 15 based on the first alarm report
During the response message that text is returned, the resolution response message of log server 14 obtains the second login password, and the second login password is to repair
Login password after changing, the second login password is, for example, " H7uSd4 ".
In step 205, in one embodiment, log server 14 determines the second login password based on preset password list
Whether effectively, preset password list is used to record the password being easily cracked, and preset password list records have at least one the 3rd to step on
Record password, the password that the 3rd login password herein is as easily cracked, the 3rd login password recorded in preset password list
Can also be preset by administrative staff, as shown in table 1, there are 4 the 3rd login passwords with record in preset password list, to pre-
If the structure of cipher list is illustrative:
Table 1
Sequence number | 3rd login password |
1 | 000000 |
2 | AABBCCDD |
3 | 19890405 |
4 | 1A2A3A |
5 | - |
6 | - |
Sequence number 1,2,3,4 shown in table 1 respectively correspond to the 3rd login password 000000, the 3rd login password AABBCCDD,
3rd login password 19890405, the 3rd login password 1A2A3A;Respectively corresponding "-", "-" are represented and are recorded as sky sequence number 5,6.
Specifically, how log server 14 determines that whether effectively the second login password, can based on the preset password list shown in table 1
With reference to step 301 process description in following Fig. 3, first it is not described further herein.
Optionally, step 206 is can also carry out, it should be noted that step 206 is optional step.
In step 206, in one embodiment, log server 14 records the first login password in preset password list
In, with reference to table 1, so that the first login password is for 123456 as an example, log server 14 records the first login password 123456
In table 1, the preset password list after record is as shown in table 2:
Table 2
The first login password of corresponding record 123456 of sequence number 5 shown in table 2, for log server 14 client 11 is determined
IP address there is attack and success attack, can terminate flow process to this.
In step 207, in one embodiment, row is attacked when log server 14 determines that the IP address of client 11 has
For but when attacking unsuccessful, log server 14 determines that IP address attacks unsuccessful the 4th login password, the 4th login password
For example, Q4IMN6.
In a step 208, in one embodiment, although the 4th login password is not cracked successfully, but due to the 4th login
Password is attacked, and sinks into greatly to be cracked in risk, therefore log server 14 exists the 4th login password equally record
In preset password list, for used as the whether effective foundation of amended login password is determined, as shown in table 3, the 4th to log in
Password Q4IMN6 is recorded in the preset password list of table 1:
Table 3
Sequence number | 3rd login password |
1 | 000000 |
2 | AABBCCDD |
3 | 19890405 |
4 | 1A2A3A |
5 | Q4IMN6 |
6 | - |
Determine that the IP address of client 11 has a case that attack but attacks unsuccessful for log server 14, arrive
This can terminate flow process.
In the embodiment of the present invention, log server determines that the IP address of access equipment has attack and success attack
When, log server sends the first warning message for changing the first login password to management equipment, sets when management is got
During amended second login password of standby return, whether log server determines the second login password based on preset password list
Effectively, when the second login password is invalid so that management equipment is carried out in time by obtaining null result to the second login password
Change, when log server needs the log information quantity of analysis and arrangement more huge, the login password attacked can be with
Known in time by the first warning message managed devices, while log server determines the second login based on preset password list
Whether effectively, the treatment effeciency for solving login password to being attacked is low, the low problem of login password validity for password.
Fig. 3 is the embodiment flow chart of the processing method of another login password that the present invention is provided, and the present embodiment can be with
Apply on the log server 14 in above-mentioned Fig. 1, the embodiment of the present invention combines Fig. 2, table 2, to the how base of log server 14
Whether effectively to determine the second login password in preset password list, illustrative, step 205 is referred in above-mentioned Fig. 2
Preset password list records have at least one the 3rd login passwords, the 3rd login password is the password being easily cracked, such as Fig. 3 institutes
Show, comprise the steps:
Step 301:Each the 3rd login password recorded in second login password and preset password list is carried out
Match somebody with somebody, when the match is successful for one of them the 3rd login password recorded in the second login password and preset password list, determine the
Two login passwords are invalid, execution step 302, when each the 3rd login recorded in the second login password and preset password list
Password determines the second login password effectively, execution step 303 when the match is successful.
Step 302:Second warning message invalid for feeding back the second login password is sent to management equipment.
Step 303:Send for confirming the effective confirmation message of the second login password to management equipment.
In step 301, log server 14 by record in the second login password and preset password list each the
Three login passwords are matched, when one of them the 3rd login password recorded in the second login password and preset password list
With it is successful when, log server 14 determine the second login password it is invalid, with the second login password as 000000, preset password list
As a example by table 2, the match is successful for the second login password 000000 the 3rd login password 000000 corresponding with sequence number 1 in table 2, represents
Second login password 000000 is easily cracked, and is bad login password, the execution step 302 of log server 14;When the second login
Each the 3rd login password recorded in password and preset password list is when the match is successful, and log server 14 determines the
Two login passwords effectively, with the second login password as U10DE6, preset password list for table 2 as a example by, the second login password
The match is successful with each the 3rd login password in table 2 for U10DE6, represents that the second login password is difficult to be cracked, and is effective
Login password, the execution step 303 of log server 14.
In step 302, log server 14 sends the invalid for feeding back the second login password to management equipment 15
Two warning messages.
In step 303, log server 14 is sent for confirming the second login password effectively really to management equipment 15
Recognize message.
In the embodiment of the present invention, whether effectively log server 14 determines the second login password based on preset password list,
When log server 14 needs the second login password quantity of analysis and arrangement more huge, preset password list reality can be based on
Now to the quick judgement of the second login password validity, the treatment effeciency to the second login password is improve.
Corresponding to the processing method of above-mentioned login password, the invention allows for the hardware knot of the safeguard shown in Fig. 4
Composition.Refer to Fig. 4, in hardware view, the safeguard include processor, internal bus, network interface, internal memory and it is non-easily
The property lost memory, the hardware being also possible that certainly required for other business.It is right that processor reads from nonvolatile memory
The computer program answered is in internal memory and then runs, and the processing meanss of login password are formed on logic level.Certainly, except soft
Outside part implementation, the present invention is not precluded from other implementations, such as mode of logical device or software and hardware combining etc.
Deng, that is to say, that the executive agent of following handling process is not limited to each logical block, or hardware or logic device
Part.
Fig. 5 is the embodiment block diagram of the processing meanss of the login password that the present invention is provided, as shown in figure 5, the login
The processing meanss of password can include:First determining module 51, the first alarm module 52, packet parsing module 53, validity are sentenced
Disconnected module 54, wherein:
First determining module 51, for when it is determined that the IP address of access equipment has attack and success attack, really
Determine the first login password of IP address success attack;
First alarm module 52, first for determining in sending for changing the first determining module 51 to management equipment steps on
First warning message of record password;
Packet parsing module 53, for the first alarm sent in management equipment is received based on the first alarm module 52
During the response message that message is returned, resolution response message obtains the second login password, and the second login password is amended login
Password;
Effective judgement module 54, for determining the second login password in packet parsing module 53 based on preset password list
Whether effectively, preset password list is used to record the password being easily cracked.
Fig. 6 is the embodiment block diagram of the processing meanss of another login password that the present invention is provided, as shown in fig. 6, upper
On the basis of stating embodiment illustrated in fig. 5, Effective judgement module 54 includes:
Password match submodule 541, for by record in the second login password and preset password list each the 3rd
Login password is matched, and preset password list records have at least one the 3rd login passwords, and the 3rd login password is easily to be broken
The password of solution;
Invalid submodule 542 is determined, for when the second login password in password match submodule 541 and preset password list
One of them the 3rd login password of middle record determines that the second login password is invalid when the match is successful;
It is determined that effective submodule 543, for when the second login password in password match submodule 541 and preset password list
Each the 3rd login password of middle record determines that the second login password is effective when the match is successful.
In one embodiment, the processing meanss of login password also include:
Second alarm module 55, for when it is determined that determining that the second login password is invalid in invalid submodule 542, to management
Equipment sends second warning message invalid for feeding back the second login password.
In one embodiment, the processing meanss of login password also include:
First logging modle 56, for when it is determined that the IP address of access equipment has attack and success attack, inciting somebody to action
First login password is recorded in preset password list.
In one embodiment, the processing meanss of login password also include:
Second determining module 57, for when it is determined that the IP address of access equipment have attack but attack it is unsuccessful when,
Determine that IP address attacks the 4th unsuccessful login password;
Second logging modle 58, the 4th login password for will determine in the second determining module 57 is recorded in preset password
In list.
The function of unit and effect realizes that process specifically refers in said method correspondence step in said apparatus
Process is realized, be will not be described here.
For device embodiment, because it corresponds essentially to embodiment of the method, so related part is referring to method reality
Apply the part explanation of example.Device embodiment described above is only schematic, wherein described as separating component
The unit of explanation can be or may not be physically separate, can be as the part that unit shows or can also
It is not physical location, you can be located at a place, or can also be distributed on multiple NEs.Can be according to reality
Need the purpose for selecting some or all of module therein to realize the present invention program.Those of ordinary skill in the art are not paying
In the case of going out creative work, you can to understand and implement.
As seen from the above-described embodiment, log server determines that the IP address of access equipment has attack and success attack
When, log server sends the first warning message for changing the first login password to management equipment, sets when management is got
During amended second login password of standby return, whether log server determines the second login password based on preset password list
Effectively, when the second login password is invalid so that management equipment is carried out in time by obtaining null result to the second login password
Change, when log server needs the log information quantity of analysis and arrangement more huge, the login password attacked can be with
Known in time by the first warning message managed devices, while log server determines the second login based on preset password list
Whether effectively, the treatment effeciency for solving login password to being attacked is low, the low problem of login password validity for password.
Those skilled in the art will readily occur to its of the present invention after considering specification and putting into practice invention disclosed herein
Its embodiment.It is contemplated that cover any modification of the present invention, purposes or adaptations, these modifications, purposes or
Person's adaptations follow the general principle of the present invention and including the undocumented common knowledge in the art of the present invention
Or conventional techniques.Description and embodiments are considered only as exemplary, and true scope and spirit of the invention are by following
Claim is pointed out.
Also, it should be noted that term " including ", "comprising" or its any other variant are intended to nonexcludability
Comprising so that a series of process, method, commodity or equipment including key elements not only includes those key elements, but also wrapping
Other key elements being not expressly set out are included, or also includes intrinsic for this process, method, commodity or equipment wanting
Element.In the absence of more restrictions, the key element for being limited by sentence "including a ...", it is not excluded that wanting including described
Also there is other identical element in process, method, commodity or the equipment of element.
Presently preferred embodiments of the present invention is the foregoing is only, not to limit the present invention, all essences in the present invention
Within god and principle, any modification, equivalent substitution and improvements done etc. should be included within the scope of protection of the invention.
Claims (10)
1. a kind of processing method of login password, it is characterised in that methods described includes:
When it is determined that the IP address of access equipment has attack and success attack, the of the IP address success attack is determined
One login password;
The first warning message for changing first login password is sent to management equipment;
When the response message that the management equipment is returned based on first warning message is received, message is analyzed the response to
The second login password is obtained, second login password is amended login password;
Whether effectively second login password is determined based on preset password list, the preset password list is used to record easily quilt
The password for cracking.
2. method according to claim 1, it is characterised in that the preset password list records have at least one the 3rd to step on
Record password, the 3rd login password is the password being easily cracked, described to determine described second based on preset password list
Whether login password effectively includes:
Second login password is matched with each the 3rd login password recorded in the preset password list;
When one of them the 3rd login password recorded in second login password with the preset password list, the match is successful
When, determine that second login password is invalid;
When second login password is not matched into each the 3rd login password recorded in the preset password list
During work(, determine that second login password is effective.
3. method according to claim 2, it is characterised in that methods described also includes:
When it is determined that second login password is invalid, to the management equipment send for feed back second login password without
Second warning message of effect.
4. method according to claim 1, it is characterised in that methods described also includes:
First login password is recorded in the preset password list.
5. method according to claim 1, it is characterised in that methods described also includes:
When it is determined that the IP address of the access equipment has attack but attacks unsuccessful, determine that the IP address is attacked not
Successful 4th login password;
4th login password is recorded in preset password list.
6. a kind of processing meanss of login password, it is characterised in that described device includes:
First determining module, for when it is determined that the IP address of access equipment has attack and success attack, it is determined that described
First login password of IP address success attack;
First alarm module, described first for determining in sending for changing first determining module to management equipment steps on
First warning message of record password;
Packet parsing module, for described first of the transmission in the management equipment is received based on first alarm module
During the response message that warning message is returned, analyze the response to message and obtain the second login password, second login password is
Amended login password;
Effective judgement module, for determining the second login password described in the packet parsing module based on preset password list
Whether effectively, the preset password list is used to record the password being easily cracked.
7. device according to claim 6, it is characterised in that the Effective judgement module includes:
Password match submodule, for by record in second login password and the preset password list each the 3rd
Login password is matched, and the preset password list records have at least one the 3rd login passwords, the 3rd login password
For the password being easily cracked;
Determine invalid submodule, arrange with the preset password for working as the second login password described in the password match submodule
One of them the 3rd login password recorded in table determines that second login password is invalid when the match is successful;
It is determined that effective submodule, arranges for working as the second login password described in the password match submodule with the preset password
Each the 3rd login password recorded in table determines that second login password is effective when the match is successful.
8. device according to claim 7, it is characterised in that described device also includes:
Second alarm module, for when it is described determine determine that second login password is invalid in invalid submodule when, to described
Management equipment sends second warning message invalid for feeding back second login password.
9. device according to claim 6, it is characterised in that described device also includes:
First logging modle, for when it is determined that the IP address of access equipment has attack and success attack, by described
One login password is recorded in the preset password list;And/or,
Second determining module, for when it is determined that the IP address of the access equipment have attack but attack it is unsuccessful when, really
The fixed IP address attacks the 4th unsuccessful login password;
Second logging modle, the 4th login password for will determine in second determining module is recorded in preset password
In list.
10. a kind of processing system of modification logging, it is characterised in that the system includes:Client, safeguard, service set
Standby, log server, management equipment;Wherein,
The client, for sending the message logged in for request to the service equipment via the safeguard;
The safeguard, for parsing the message, the daily record for carrying the log information is sent to the log server
Message;
The log server, for parsing the daily record message log information is obtained, when true based on the log information
When the IP address for determining access equipment has attack and success attack, determine that the first login of the IP address success attack is close
Code, to the management equipment the first warning message for changing first login password is sent;
The management equipment, for returning the response message generated based on first warning message to the log server;
The log server, for analyzing the response to message the second login password is obtained, and second login password is to repair
Whether effectively login password after changing, determine second login password, the preset password list based on preset password list
For recording the password being easily cracked, when the log server receives the carrying information to be found that the management equipment sends
Request message when, by the information to be found with the default log list record whole log informations matched,
The information to be found be need extract information, when in the information to be found with the default log list record wherein
One log information sends the feedback report for carrying the information to be found and relevant information to the management equipment when the match is successful
Text, the relevant information is the information obtained via identical packet parsing with the information to be found;
The management equipment, for showing that rule is shown to the information to be found and relevant information based on default.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710035910.7A CN106657139A (en) | 2017-01-18 | 2017-01-18 | Login password processing method, apparatus and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710035910.7A CN106657139A (en) | 2017-01-18 | 2017-01-18 | Login password processing method, apparatus and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106657139A true CN106657139A (en) | 2017-05-10 |
Family
ID=58841805
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710035910.7A Pending CN106657139A (en) | 2017-01-18 | 2017-01-18 | Login password processing method, apparatus and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106657139A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107332703A (en) * | 2017-06-28 | 2017-11-07 | 武汉斗鱼网络科技有限公司 | A kind of inspection method and device of many application daily records |
CN109815689A (en) * | 2018-12-28 | 2019-05-28 | 北京奇安信科技有限公司 | A kind of website cipher safety guard method and device |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130318578A1 (en) * | 2012-05-24 | 2013-11-28 | Ca, Inc. | Password management and smart honey pot system |
CN103532797A (en) * | 2013-11-06 | 2014-01-22 | 网之易信息技术(北京)有限公司 | Abnormity monitoring method and device for user registration |
CN104348817A (en) * | 2013-08-07 | 2015-02-11 | 深圳市腾讯计算机***有限公司 | User account protection method and user account protection device |
CN104811447A (en) * | 2015-04-21 | 2015-07-29 | 深信服网络科技(深圳)有限公司 | Security detection method and system based on attack association |
CN104811449A (en) * | 2015-04-21 | 2015-07-29 | 深信服网络科技(深圳)有限公司 | Base collision attack detecting method and system |
CN105376210A (en) * | 2014-12-08 | 2016-03-02 | 哈尔滨安天科技股份有限公司 | Account threat identification and defense method and system |
CN105406976A (en) * | 2014-08-29 | 2016-03-16 | 中国电信股份有限公司 | Weak password checking method and system |
-
2017
- 2017-01-18 CN CN201710035910.7A patent/CN106657139A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130318578A1 (en) * | 2012-05-24 | 2013-11-28 | Ca, Inc. | Password management and smart honey pot system |
CN104348817A (en) * | 2013-08-07 | 2015-02-11 | 深圳市腾讯计算机***有限公司 | User account protection method and user account protection device |
CN103532797A (en) * | 2013-11-06 | 2014-01-22 | 网之易信息技术(北京)有限公司 | Abnormity monitoring method and device for user registration |
CN105406976A (en) * | 2014-08-29 | 2016-03-16 | 中国电信股份有限公司 | Weak password checking method and system |
CN105376210A (en) * | 2014-12-08 | 2016-03-02 | 哈尔滨安天科技股份有限公司 | Account threat identification and defense method and system |
CN104811447A (en) * | 2015-04-21 | 2015-07-29 | 深信服网络科技(深圳)有限公司 | Security detection method and system based on attack association |
CN104811449A (en) * | 2015-04-21 | 2015-07-29 | 深信服网络科技(深圳)有限公司 | Base collision attack detecting method and system |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107332703A (en) * | 2017-06-28 | 2017-11-07 | 武汉斗鱼网络科技有限公司 | A kind of inspection method and device of many application daily records |
CN107332703B (en) * | 2017-06-28 | 2020-08-04 | 武汉斗鱼网络科技有限公司 | Method and device for checking multi-application logs |
CN109815689A (en) * | 2018-12-28 | 2019-05-28 | 北京奇安信科技有限公司 | A kind of website cipher safety guard method and device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
USRE49089E1 (en) | Security for WAP servers | |
CN110881044B (en) | Computer firewall dynamic defense security platform | |
CN108989346B (en) | Third-party valid identity escrow agile authentication access method based on account hiding | |
AU2007273085B2 (en) | System and method of analyzing web content | |
CN103227786B (en) | A kind of website login information filling method and device | |
US20080168546A1 (en) | Randomized images collection method enabling a user means for entering data from an insecure client-computing device to a server-computing device | |
CN108809895B (en) | Method and device for detecting weak password | |
CN107770171A (en) | The verification method and system of the anti-reptile of server | |
CN106878265A (en) | A kind of data processing method and device | |
CN105939326A (en) | Message processing method and device | |
CN105516133A (en) | User identity verification method, server and client | |
CN109861968A (en) | Resource access control method, device, computer equipment and storage medium | |
CN101473314B (en) | Entering confidential information on an untrusted machine | |
CN105939327A (en) | Auditing log generation method and device | |
CN113098835A (en) | Honeypot implementation method based on block chain, honeypot client and honeypot system | |
CN106921671A (en) | The detection method and device of a kind of network attack | |
McCalley et al. | Analysis of back-doored phishing kits | |
Djap et al. | Xb-pot: Revealing honeypot-based attacker’s behaviors | |
CN106657139A (en) | Login password processing method, apparatus and system | |
CN108322420A (en) | The detection method and device of backdoor file | |
CN105141624B (en) | Login method, account management server and FTP client FTP | |
CN103188208B (en) | Authority control method, system and the call center of web page access | |
RU103643U1 (en) | ANTI-PHISH ATTACK SYSTEM | |
CN106295366B (en) | Sensitive data identification method and device | |
US20090150448A1 (en) | Method for identifying at least two similar webpages |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170510 |