CN109150848A - 一种基于Nginx的蜜罐的实现方法及*** - Google Patents
一种基于Nginx的蜜罐的实现方法及*** Download PDFInfo
- Publication number
- CN109150848A CN109150848A CN201810841150.3A CN201810841150A CN109150848A CN 109150848 A CN109150848 A CN 109150848A CN 201810841150 A CN201810841150 A CN 201810841150A CN 109150848 A CN109150848 A CN 109150848A
- Authority
- CN
- China
- Prior art keywords
- honey jar
- active client
- service
- blacklist
- record
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 235000012907 honey Nutrition 0.000 title claims abstract description 157
- 238000000034 method Methods 0.000 title claims abstract description 40
- 238000004891 communication Methods 0.000 claims abstract description 7
- 238000005516 engineering process Methods 0.000 abstract description 4
- 238000010586 diagram Methods 0.000 description 8
- 238000004590 computer program Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 5
- 230000004048 modification Effects 0.000 description 5
- 238000012986 modification Methods 0.000 description 5
- 230000008569 process Effects 0.000 description 5
- 238000012545 processing Methods 0.000 description 5
- 230000002441 reversible effect Effects 0.000 description 5
- 238000004088 simulation Methods 0.000 description 5
- 230000008901 benefit Effects 0.000 description 3
- 238000004364 calculation method Methods 0.000 description 3
- 238000012360 testing method Methods 0.000 description 3
- 230000008859 change Effects 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 241001269238 Data Species 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 235000014510 cooky Nutrition 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
- 238000001228 spectrum Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000002123 temporal effect Effects 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1491—Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
蜜罐服务路径 | 访问权重 |
/admin | 1 |
/upload.php | 1 |
/backup.zip | 0.7 |
/index.php?m=admin | 0.5 |
/manage | 0.8 |
/admin123 | 0.4 |
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810841150.3A CN109150848B (zh) | 2018-07-27 | 2018-07-27 | 一种基于Nginx的蜜罐的实现方法及*** |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810841150.3A CN109150848B (zh) | 2018-07-27 | 2018-07-27 | 一种基于Nginx的蜜罐的实现方法及*** |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109150848A true CN109150848A (zh) | 2019-01-04 |
CN109150848B CN109150848B (zh) | 2021-11-23 |
Family
ID=64799021
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810841150.3A Active CN109150848B (zh) | 2018-07-27 | 2018-07-27 | 一种基于Nginx的蜜罐的实现方法及*** |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109150848B (zh) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110784471A (zh) * | 2019-10-30 | 2020-02-11 | 深圳前海环融联易信息科技服务有限公司 | 黑名单采集管理方法、装置、计算机设备及存储介质 |
CN111600953A (zh) * | 2020-05-18 | 2020-08-28 | 广州锦行网络科技有限公司 | 基于蜜罐***实现分布式部署的方法 |
CN112383511A (zh) * | 2020-10-27 | 2021-02-19 | 广州锦行网络科技有限公司 | 一种流量转发方法及*** |
CN112600837A (zh) * | 2020-12-11 | 2021-04-02 | 四川长虹电器股份有限公司 | 一种基于nginx的内网蜜罐引流方法 |
CN113132293A (zh) * | 2019-12-30 | 2021-07-16 | ***通信集团湖南有限公司 | 攻击检测方法、设备及公共蜜罐*** |
CN114491533A (zh) * | 2022-01-24 | 2022-05-13 | 烽台科技(北京)有限公司 | 数据处理方法、装置、服务器及存储介质 |
CN115118518A (zh) * | 2022-07-21 | 2022-09-27 | 深圳安天网络安全技术有限公司 | 一种反探测方法及装置 |
CN115134098A (zh) * | 2021-03-12 | 2022-09-30 | 北京沃东天骏信息技术有限公司 | 一种黑客信息获取方法、装置、电子设备及存储介质 |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120150965A1 (en) * | 2010-12-08 | 2012-06-14 | Stephen Wood | Mitigating Email SPAM Attacks |
CN102739647A (zh) * | 2012-05-23 | 2012-10-17 | 国家计算机网络与信息安全管理中心 | 基于高交互蜜罐的网络安全***及实现方法 |
CN105227571A (zh) * | 2015-10-20 | 2016-01-06 | 福建六壬网安股份有限公司 | 基于nginx+lua的web应用防火墙***及其实现方法 |
US20170048274A1 (en) * | 2012-09-28 | 2017-02-16 | Juniper Networks, Inc. | Dynamic service handling using a honeypot |
CN106657258A (zh) * | 2016-11-04 | 2017-05-10 | 成都视达科信息技术有限公司 | 一种基于nginx+lua的安全加速中间件实现方法及装置 |
CN107872467A (zh) * | 2017-12-26 | 2018-04-03 | 中国联合网络通信集团有限公司 | 基于Serverless架构的蜜罐主动防御方法和蜜罐主动防御*** |
-
2018
- 2018-07-27 CN CN201810841150.3A patent/CN109150848B/zh active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120150965A1 (en) * | 2010-12-08 | 2012-06-14 | Stephen Wood | Mitigating Email SPAM Attacks |
CN102739647A (zh) * | 2012-05-23 | 2012-10-17 | 国家计算机网络与信息安全管理中心 | 基于高交互蜜罐的网络安全***及实现方法 |
US20170048274A1 (en) * | 2012-09-28 | 2017-02-16 | Juniper Networks, Inc. | Dynamic service handling using a honeypot |
CN105227571A (zh) * | 2015-10-20 | 2016-01-06 | 福建六壬网安股份有限公司 | 基于nginx+lua的web应用防火墙***及其实现方法 |
CN106657258A (zh) * | 2016-11-04 | 2017-05-10 | 成都视达科信息技术有限公司 | 一种基于nginx+lua的安全加速中间件实现方法及装置 |
CN107872467A (zh) * | 2017-12-26 | 2018-04-03 | 中国联合网络通信集团有限公司 | 基于Serverless架构的蜜罐主动防御方法和蜜罐主动防御*** |
Non-Patent Citations (1)
Title |
---|
FAISAL MEMON: ""How to use Project Honeypot with NGINX and ModSecurity 3.0"", 《HTTPS://WWW.NGINX.COM/BLOG/MODSECURITY-AND-PROJECT-HONEYPOT/》 * |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110784471A (zh) * | 2019-10-30 | 2020-02-11 | 深圳前海环融联易信息科技服务有限公司 | 黑名单采集管理方法、装置、计算机设备及存储介质 |
CN113132293A (zh) * | 2019-12-30 | 2021-07-16 | ***通信集团湖南有限公司 | 攻击检测方法、设备及公共蜜罐*** |
CN113132293B (zh) * | 2019-12-30 | 2022-10-04 | ***通信集团湖南有限公司 | 攻击检测方法、设备及公共蜜罐*** |
CN111600953A (zh) * | 2020-05-18 | 2020-08-28 | 广州锦行网络科技有限公司 | 基于蜜罐***实现分布式部署的方法 |
CN111600953B (zh) * | 2020-05-18 | 2021-01-08 | 广州锦行网络科技有限公司 | 基于蜜罐***实现分布式部署的方法 |
CN112383511A (zh) * | 2020-10-27 | 2021-02-19 | 广州锦行网络科技有限公司 | 一种流量转发方法及*** |
CN112600837A (zh) * | 2020-12-11 | 2021-04-02 | 四川长虹电器股份有限公司 | 一种基于nginx的内网蜜罐引流方法 |
CN115134098A (zh) * | 2021-03-12 | 2022-09-30 | 北京沃东天骏信息技术有限公司 | 一种黑客信息获取方法、装置、电子设备及存储介质 |
CN115134098B (zh) * | 2021-03-12 | 2024-03-01 | 北京沃东天骏信息技术有限公司 | 一种黑客信息获取方法、装置、电子设备及存储介质 |
CN114491533A (zh) * | 2022-01-24 | 2022-05-13 | 烽台科技(北京)有限公司 | 数据处理方法、装置、服务器及存储介质 |
CN115118518A (zh) * | 2022-07-21 | 2022-09-27 | 深圳安天网络安全技术有限公司 | 一种反探测方法及装置 |
Also Published As
Publication number | Publication date |
---|---|
CN109150848B (zh) | 2021-11-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109150848A (zh) | 一种基于Nginx的蜜罐的实现方法及*** | |
EP3479281B1 (en) | Method and computer system for determining a threat score | |
CN107465651B (zh) | 网络攻击检测方法及装置 | |
CN103607385B (zh) | 基于浏览器进行安全检测的方法和装置 | |
US10282542B2 (en) | Information processing apparatus, information processing method, and computer readable medium | |
EP3786827A1 (en) | Cyber attack adversary simulator | |
JP6408395B2 (ja) | ブラックリストの管理方法 | |
CN109818937A (zh) | 针对安卓权限的控制方法、装置、及存储介质、电子装置 | |
CN103701793B (zh) | 服务器肉鸡的识别方法和装置 | |
CN106888106A (zh) | 智能电网中的it资产大规模侦测*** | |
CN103384888A (zh) | 用于恶意软件的检测和扫描的***和方法 | |
US20200366650A1 (en) | Method and system for creating a secure public cloud-based cyber range | |
RU2697950C2 (ru) | Система и способ выявления скрытого поведения расширения браузера | |
CN106341386B (zh) | 针对基于云的多层安全架构的威胁评估级确定及补救 | |
CN110197075A (zh) | 资源访问方法、装置、计算设备以及存储介质 | |
CN113452780B (zh) | 针对客户端的访问请求处理方法、装置、设备及介质 | |
CN108876081A (zh) | 虚拟房间分配方法、装置、存储介质及处理器 | |
CN108600270A (zh) | 一种基于网络日志的异常用户检测方法及*** | |
CN110365712A (zh) | 一种分布式拒绝服务攻击的防御方法及*** | |
CN109951579A (zh) | 域名处理方法、装置、计算机可读存储介质和计算机设备 | |
Alavizadeh et al. | An automated security analysis framework and implementation for MTD techniques on cloud | |
KR102314557B1 (ko) | 보안 통제 관리 시스템 및 그 방법 | |
CN105933398A (zh) | 内容分发网络中的访问请求转发方法和*** | |
JP6707952B2 (ja) | 制御装置、制御方法及びプログラム | |
CN103853580A (zh) | 用于有条件地刷新工作区用户界面的方法与*** |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20240306 Address after: Room 1179, W Zone, 11th Floor, Building 1, No. 158 Shuanglian Road, Qingpu District, Shanghai, 201702 Patentee after: Shanghai Zhongan Information Technology Service Co.,Ltd. Country or region after: China Address before: 518000 Room 201, building A, No. 1, Qian Wan Road, Qianhai Shenzhen Hong Kong cooperation zone, Shenzhen, Guangdong (Shenzhen Qianhai business secretary Co., Ltd.) Patentee before: ZHONGAN INFORMATION TECHNOLOGY SERVICE Co.,Ltd. Country or region before: China |
|
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20240415 Address after: Room 1179, W Zone, 11th Floor, Building 1, No. 158 Shuanglian Road, Qingpu District, Shanghai, 201702 Patentee after: Shanghai Zhongan Information Technology Service Co.,Ltd. Country or region after: China Address before: 518000 Room 201, building A, No. 1, Qian Wan Road, Qianhai Shenzhen Hong Kong cooperation zone, Shenzhen, Guangdong (Shenzhen Qianhai business secretary Co., Ltd.) Patentee before: ZHONGAN INFORMATION TECHNOLOGY SERVICE Co.,Ltd. Country or region before: China |
|
TR01 | Transfer of patent right |