CN111078481A - Method and device for acquiring configuration check list, electronic equipment and storage medium - Google Patents
Method and device for acquiring configuration check list, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN111078481A CN111078481A CN201911316904.4A CN201911316904A CN111078481A CN 111078481 A CN111078481 A CN 111078481A CN 201911316904 A CN201911316904 A CN 201911316904A CN 111078481 A CN111078481 A CN 111078481A
- Authority
- CN
- China
- Prior art keywords
- cpe
- information
- operating system
- check list
- host
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 50
- 238000007689 inspection Methods 0.000 claims description 30
- 238000013515 script Methods 0.000 claims description 20
- 238000012545 processing Methods 0.000 claims description 9
- 238000013519 translation Methods 0.000 claims description 6
- 230000008569 process Effects 0.000 description 6
- 230000009471 action Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000012423 maintenance Methods 0.000 description 3
- 238000001514 detection method Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000010295 mobile communication Methods 0.000 description 2
- 238000010606 normalization Methods 0.000 description 2
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
- 238000012163 sequencing technique Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/22—Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing
- G06F11/2247—Verification or detection of system hardware configuration
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/22—Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing
- G06F11/2273—Test methods
Landscapes
- Engineering & Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Quality & Reliability (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The embodiment of the invention provides a method, a device, electronic equipment and a storage medium for acquiring a configuration check list, which are used for solving the problems that the conventional configuration method is time-consuming, high in labor cost, low in safety and not necessarily standard in manual customization of the configuration list and the like. The method comprises the following steps: acquiring operating system information and software information of a host; establishing a CPE database, and carrying out fuzzy matching on the acquired operating system information and software information of the host in the CPE database; taking the name and version number in CPE data obtained by fuzzy matching as retrieval conditions; and searching by using NCP to obtain a check list, and sending the check list to a configuration inspector.
Description
Technical Field
The present invention relates to the field of network security technologies, and in particular, to a method and an apparatus for obtaining a configuration check list, an electronic device, and a storage medium.
Background
At present, the mode of configuration inspection of a host in the market can only be established one by one according to an operating system and installed software of a computer by a configuration administrator. When the number of software preinstalled in the computer is large or the number of computers to be checked and configured is large, the following problems can occur: time cost and labor cost are high: because the number is too large, a configuration manager can only perfect a configuration list one by one according to a computer and software on the computer, and aiming at a single host, hundreds of detection contents are often provided, and detection methods of different versions of different systems are different, so that a large amount of labor and time are spent. The manual establishment has low safety: when the configuration checklist is manufactured, a part of software may be missed or wrong check items may be made manually, which may cause the wrong configuration checklist to be used for checking, the checked result is not necessarily correct, and the safety of the checked asset cannot be guaranteed. The manually created list is not necessarily a specification: there are many uncertainties in manually making checklists, and making checklists is determined by the level of the maker and does not guarantee the normativity of the configuration checklist. Therefore, a method for automatically obtaining a configuration checklist is needed to solve the above problems.
Disclosure of Invention
The embodiment of the invention provides a method, a device, electronic equipment and a storage medium for acquiring a configuration check list, which are used for solving the problems that the conventional configuration method is time-consuming, high in labor cost and low in safety and is not necessarily standard when the configuration list is manually customized.
Based on the above problem, a method for obtaining a configuration checklist provided in an embodiment of the present invention includes:
acquiring operating system information and software information of a host; establishing a CPE database, and carrying out fuzzy matching on the acquired operating system information and software information of the host in the CPE database; taking the name and version number in CPE data obtained by fuzzy matching as retrieval conditions; and searching by using NCP to obtain a check list, and sending the check list to a configuration inspector.
Further, acquiring operating system information and software information of the host specifically includes: acquiring the name and the version number of a host operating system; if the operating system is a Windows series system, software information installed by the host and manufacturer information of the operating system are obtained by scanning a host registry; and if the operating system is a Linux series system, acquiring software information installed by the host and operating system manufacturer information through a command.
Further, establishing a CPE database, specifically: downloading the latest version of CPE file regularly; if downloading for the first time, reading and analyzing an xml file of the CPE file, and inputting the file name and the content item of the xml file into a database; if the downloading is not the first time, downloading the latest version of CPE file, comparing the latest version of CPE file with the xml file name of the CPE file downloaded last time, if the downloading is not the same as the previous downloading, reading and analyzing the xml file of the CPE file downloaded this time, removing the duplicate of the content item according to the CPE _ uri field, reserving the newly-added xml file content item, and inputting the newly-added xml file content item into a database; if the download files are consistent, the download files are not recorded into the database; wherein the xml file content item includes: vendor, name, version number, type, system version, software version, update information, software platform, hardware platform, language, other, cpe _ uri.
Further, before fuzzy matching the acquired host operating system information and the software information in the CPE database, the method further includes: establishing a Chinese and English comparison library: acquiring names of common Chinese name manufacturers, Chinese name software and operating system version names, calling a translation API (application program interface) interface, and translating the names into English; and judging whether the acquired host operating system information and software information have Chinese names, if so, replacing the Chinese names with corresponding English names by using a Chinese and English comparison library.
Further, the NCP is used for searching to obtain an inspection list, and the inspection list is sent to a configuration inspector, specifically: searching by using NCP, acquiring a check list and detailed information in a grading manner, and downloading script data according to the detailed information to obtain a check list data set; removing duplication of the data set of the check list, and recording the number of times of duplication; checking whether the condition that the same name corresponds to different versions exists in the check list or not by utilizing regular matching, if so, removing the check list of the low version and marking; writing each field, repetition times and low version removal conditions of the check list into an excel form to obtain a check list; and sending the inspection list and the corresponding script data to a configuration inspector.
The device for obtaining the configuration checking list provided by the embodiment of the invention comprises the following components: an information acquisition module: the system comprises a host computer, a data processing unit and a data processing unit, wherein the host computer is used for acquiring operating system information and software information of the host computer; a fuzzy matching module: the system comprises a CPE database and a database server, wherein the CPE database is used for establishing a CPE database and carrying out fuzzy matching on the acquired operating system information and software information of a host in the CPE database; a retrieval condition acquisition module: the method is used for taking the name and the version number in the CPE data obtained by fuzzy matching as retrieval conditions; the inspection list acquisition module: the system is used for searching by using NCP, obtaining a check list and sending the check list to a configuration inspector.
Further, the information acquisition module is specifically configured to: acquiring the name and the version number of a host operating system; if the operating system is a Windows series system, software information installed by the host and manufacturer information of the operating system are obtained by scanning a host registry; and if the operating system is a Linux series system, acquiring software information installed by the host and operating system manufacturer information through a command.
Further, the fuzzy matching module further comprises a CPE database establishing module, specifically configured to: downloading the latest version of CPE file regularly; if downloading for the first time, reading and analyzing an xml file of the CPE file, and inputting the file name and the content item of the xml file into a database; if the downloading is not the first time, downloading the latest version of CPE file, comparing the latest version of CPE file with the xml file name of the CPE file downloaded last time, if the latest version of CPE file is not the first time, reading and analyzing the xml file of the CPE file downloaded this time, removing the duplicate of the content item according to the CPE _ uri field, reserving the newly-added xml file content item, and inputting the newly-added xml file content item into the database; if the download files are consistent, the download files are not recorded into the database; wherein the xml file content item includes: vendor, name, version number, type, system version, software version, update information, software platform, hardware platform, language, other, cpe _ uri.
Further, the system also comprises a Chinese and English comparison library establishing module: the system is used for acquiring names of common Chinese name manufacturers, Chinese name software and operating system version names, calling a translation API (application program interface) interface and translating the names into English; and a replacement module: and the system is used for judging whether the acquired host operating system information and software information have Chinese names, and if so, replacing the Chinese names with corresponding English names by using a Chinese and English comparison library.
Further, the checklist obtaining module is specifically configured to: searching by using NCP, acquiring a check list and detailed information in a grading manner, and downloading script data according to the detailed information to obtain a check list data set; removing duplication of the data set of the check list, and recording the number of times of duplication; checking whether the condition that the same name corresponds to different versions exists in the check list or not by utilizing regular matching, if so, removing the check list of the low version and marking; writing each field, repetition times and low version removal conditions of the check list into an excel form to obtain a check list; and sending the inspection list and the corresponding script data to a configuration inspector.
The embodiment of the invention also discloses an electronic device for acquiring the configuration check list, which comprises: the device comprises a shell, a processor, a memory, a circuit board and a power circuit, wherein the circuit board is arranged in a space enclosed by the shell, and the processor and the memory are arranged on the circuit board; a power supply circuit for supplying power to each circuit or device of the electronic apparatus; the memory is used for storing executable program codes; the processor executes a program corresponding to the executable program code by reading the executable program code stored in the memory, and is used for executing the method for acquiring the configuration checklist.
An embodiment of the present invention provides a computer-readable storage medium, which is characterized in that the computer-readable storage medium stores one or more programs, and the one or more programs are executable by one or more processors to implement any one of the aforementioned methods for obtaining a configuration checklist.
Compared with the prior art, the method, the device, the electronic equipment and the storage medium for obtaining the configuration check list provided by the embodiment of the invention at least realize the following beneficial effects: acquiring operating system information and software information of a host; establishing a CPE database, and carrying out fuzzy matching on the acquired operating system information and software information of the host in the CPE database; taking the name and version number in CPE data obtained by fuzzy matching as retrieval conditions; and searching by using NCP to obtain a check list, and sending the check list to a configuration inspector. According to the embodiment of the invention, the configuration check list can be automatically generated for the assets, so that the requirement of manual operation is reduced, the labor cost is reduced, and the loss caused by manual misoperation is avoided; meanwhile, the NCP is used for obtaining the list data items, so that the normalization of the list is ensured, a plurality of uncertain factors are reduced, and the safety of the assets after inspection is ensured; the operation and maintenance cost is further reduced, and the inspection efficiency is improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of a method for obtaining a configuration checklist according to an embodiment of the present invention;
FIG. 2 is a flowchart of another method for obtaining a configuration checklist according to an embodiment of the present invention;
FIG. 3 is a block diagram of an apparatus for obtaining a configuration checklist according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
To more clearly illustrate the embodiments of the present invention, the technical terms involved are thus explained and illustrated:
CPE: CPE (acronym for Common Platform execution) is a method for naming software applications, operating systems, and hardware in a standardized manner.
NCP: NCP is an abbreviation of National Checklist Program, a U.S. government published safety manifest (or benchmark) library defined by NIST SP800-70, which provides detailed guidance for the security configuration of operating systems and applications.
And (2) xml: extensible markup language, a subset of standard generalized markup language, xml for short. Is a markup language for marking electronic documents to be structured. In electronic computers, a label refers to a symbol of information that can be understood by a computer, and by this label, various information such as articles and the like can be handled between computers. It can be used to mark data, define data types, and is a source language that allows a user to define his or her own markup language.
The following describes specific embodiments of a method, an apparatus, an electronic device, and a storage medium for obtaining a configuration checklist according to embodiments of the present invention with reference to the accompanying drawings.
The method for obtaining the configuration check list provided by the embodiment of the invention, as shown in fig. 1, specifically includes the following steps:
s101, acquiring operating system information and software information of a host;
acquiring a name and a version number of a host operating system through system. If the operating system is a Windows series system, software information installed by the host and manufacturer information of the operating system are obtained by scanning a host registry; and if the operating system is a Linux series system, acquiring software information installed by the host and operating system manufacturer information through a command.
S102, establishing a CPE database, and carrying out fuzzy matching on the acquired operating system information and software information of the host in the CPE database;
establishing a CPE database, wherein the specific method comprises the following steps: downloading the latest version of CPE file regularly; if downloading for the first time, reading and analyzing an xml file of the CPE file, and inputting the file name and the content item of the xml file into a database; if the downloading is not the first time, downloading the latest version of CPE file, comparing the latest version of CPE file with the xml file name of the CPE file downloaded last time, if the latest version of CPE file is not the first time, reading and analyzing the xml file of the CPE file downloaded this time, removing the duplicate of the content item according to the CPE _ uri field, reserving the newly-added xml file content item, and inputting the newly-added xml file content item into the database; if the download files are consistent, the download files are not recorded into the database; wherein the xml file content item includes: manufacturer, name, version number, type, system version, software version, update information, software platform, hardware platform, language, other, cpe _ uri, wherein the name refers to the name of software or the name of an operating system, the type refers to which type of the three types of software, hardware or operating system, the system version refers to a release version, an enterprise version, a professional version and the like, the other types can be contents such as information remarks and the like, and the cpe _ uri is unique identification of content items and is formed by combining according to a certain format.
S103, taking the name and the version number in the CPE data obtained by fuzzy matching as retrieval conditions;
s104, searching by using NCP to obtain a check list, and sending the check list to a configuration checker;
the method specifically comprises the following steps: searching by using NCP, acquiring a check list and detailed information in a grading manner, and downloading script data according to the detailed information to obtain a check list data set; removing duplication of the data set of the check list, and recording the number of times of duplication; checking whether the condition that the same name corresponds to different versions exists in the check list or not by utilizing regular matching, if so, removing the check list of the low version and marking; writing each field, repetition times and low version removal conditions of the check list into an excel form to obtain a check list; sending the inspection list and the corresponding script data to a configuration inspector; wherein each field of the checklist includes: citations, supporting resources, inspection goals, inspection form summaries, known issues, inspection form roles, target audience, target operating environment, test information, inspection manifest names, regulatory compliance, dependencies/requirements, comments/warnings/others, contact methods, guarantors, licensing agreements, change history, product support, disclaimers, and the like.
According to the embodiment of the invention, the configuration check list can be automatically generated for the assets, so that the requirement of manual operation is reduced, the labor cost is reduced, and the loss caused by manual misoperation is avoided; meanwhile, the NCP is used for obtaining the list data items, so that the normalization of the list is ensured, a plurality of uncertain factors are reduced, and the safety of the assets after inspection is ensured; the operation and maintenance cost is further reduced, and the inspection efficiency is improved.
As shown in fig. 2, another method for obtaining a configuration check list provided in an embodiment of the present invention specifically includes the following steps:
s201, acquiring operating system information and software information of a host;
s202, establishing a Chinese and English comparison library;
and acquiring names of common Chinese name manufacturers, Chinese name software and operating system version names through a crawler, calling a translation API (application programming interface) interface, and translating the names into English.
S203, judging whether the acquired host operating system information and software information have Chinese names, if so, executing a step S204, otherwise, executing a step S205;
s204, replacing the Chinese name with a corresponding English name by using a Chinese and English comparison library;
and checking whether the obtained operating system manufacturer, operating system name, operating system version, software manufacturer, software name and software version have Chinese names, and if so, replacing the Chinese names with corresponding English names.
S205, establishing a CPE database, and carrying out fuzzy matching on the acquired operating system information and software information of the host in the CPE database;
s206, taking the name and the version number in the CPE data obtained by fuzzy matching as retrieval conditions, and utilizing NCP to retrieve;
s207, acquiring the inspection list and the detailed information in a grading manner, and downloading script data according to the detailed information to obtain an inspection list data set;
acquiring a check list through an NCP website in multiple times, sequentially accessing the links of the check list, and acquiring the detailed information of the check list; meanwhile, data are downloaded to the local according to the script downloading link in the detailed information, and due to the fact that the number of downloaded scripts is likely to be large, a plurality of downloading tasks can be started simultaneously for downloading, and downloading efficiency is improved.
S208, removing duplication of the data set of the check list, and recording the number of repetition times;
and carrying out deduplication operation on the acquired checking list data set through checking list names, and recording the repetition times of each list.
S209, checking whether the same name corresponds to different versions in the check list by using regular matching, if so, executing a step S210, otherwise, executing a step S211;
s210, removing the low-version check list and marking;
s211, writing each field, repetition times and low version removal conditions of the check list into an excel form to obtain a check list;
writing the obtained information into an excel table, sequencing according to the repetition times, and if the repetition times are high, the inspection priority is high; the excel table has a first behavior header, is written into each field of the check list, is linked with the low version of the list by the number of times of list repetition, and sequentially writes the data of the configuration check list into the corresponding cells from the second row according to the just sorted sequence; and writing the low-version link into the corresponding list low-version link column of the corresponding row, so that a configurator can conveniently check the low-version link column.
S212, sending the inspection list and the corresponding script data to a configuration inspector;
creating folders according to different list lists for all downloaded checking list script data, and naming the corresponding folders as list names; and compressing the excel information table and the packed script data, and sending the compressed package to a configuration inspector.
S213, the configuration inspector performs configuration inspection on the host through the list information and the file of the compressed packet.
For example, the pre-installed operating system of a host is Windows10, and the pre-installed software includes a series of software such as Google Chrome46, Microsoft Office 2016, Microsoft PowerPoint 2016 and Microsoft Excel 2016. After the processing according to the method provided by the embodiment, a series of Excel list information and script files of configuration inspection lists such as Microsoft PowerPoint 2016STIG (Version 1, Release 1), CIS Microsoft PowerPoint 2016Benchmark (1.0.1), Windows10STIG (Version 1, Release 19), CIS Microsoft Windows10 Enterprise Release1809Benchmark (1.6.0), Microsoft Excel 2016STIG (Version 1, Release 2), cisicrosoft Excel 2016Benchmark (1.0.1), CIS Google chrobenchmark (2.0.0) and the like can be obtained. Detailed configuration and inspection instructions are provided in excel list information, and configuration and inspection personnel can perform configuration and inspection more quickly according to the list information and the provided script file.
According to the embodiment of the invention, the acquired information is converted into CPE data to be retrieved, so that the retrieval condition is more accurate, the query times can be reduced, and the retrieval efficiency is improved; the method and the device have the advantages that the configuration check list is automatically generated for the assets, the requirement for manual operation is reduced, the labor cost is reduced, and errors caused by complicated manual operation are reduced; meanwhile, the list data items are obtained by using the NCP, the NIST SP800-70 standard is observed, a plurality of uncertain factors are reduced, and the safety of the assets after inspection is ensured; the operation and maintenance cost is further reduced, and the inspection efficiency is improved.
An apparatus for obtaining a configuration checklist according to an embodiment of the present invention, as shown in fig. 3, includes:
the information acquisition module 301: the system comprises a host computer, a data processing unit and a data processing unit, wherein the host computer is used for acquiring operating system information and software information of the host computer;
the fuzzy matching module 302: the system comprises a CPE database and a database server, wherein the CPE database is used for establishing a CPE database and carrying out fuzzy matching on the acquired operating system information and software information of a host in the CPE database;
the search condition acquisition module 303: the method is used for taking the name and the version number in the CPE data obtained by fuzzy matching as retrieval conditions;
the checklist obtaining module 304: the system is used for searching by using NCP, obtaining a check list and sending the check list to a configuration inspector.
Further, the information obtaining module 301 is specifically configured to: acquiring the name and the version number of a host operating system; if the operating system is a Windows series system, software information installed by the host and manufacturer information of the operating system are obtained by scanning a host registry; and if the operating system is a Linux series system, acquiring software information installed by the host and operating system manufacturer information through a command.
Further, the fuzzy matching module 302 further includes a CPE database establishing module 3021, specifically configured to: downloading the latest version of CPE file regularly; if downloading for the first time, reading and analyzing an xml file of the CPE file, and inputting the file name and the content item of the xml file into a database; if the downloading is not the first time, downloading the latest version of CPE file, comparing the latest version of CPE file with the xml file name of the CPE file downloaded last time, if the latest version of CPE file is not the first time, reading and analyzing the xml file of the CPE file downloaded this time, removing the duplicate of the content item according to the CPE _ uri field, reserving the newly-added xml file content item, and inputting the newly-added xml file content item into the database; if the download files are consistent, the download files are not recorded into the database; wherein the xml file content item includes: vendor, name, version number, type, system version, software version, update information, software platform, hardware platform, language, other, cpe _ uri.
Further, the module 305 for establishing a chinese-english comparison library is further included: the system is used for acquiring names of common Chinese name manufacturers, Chinese name software and operating system version names, calling a translation API (application program interface) interface and translating the names into English; and a replacement module: and the system is used for judging whether the acquired host operating system information and software information have Chinese names, and if so, replacing the Chinese names with corresponding English names by using a Chinese and English comparison library.
Further, the checklist obtaining module 304 is specifically configured to: searching by using NCP, acquiring a check list and detailed information in a grading manner, and downloading script data according to the detailed information to obtain a check list data set; removing duplication of the data set of the check list, and recording the number of times of duplication; checking whether the condition that the same name corresponds to different versions exists in the check list or not by utilizing regular matching, if so, removing the check list of the low version and marking; writing each field, repetition times and low version removal conditions of the check list into an excel form to obtain a check list; and sending the inspection list and the corresponding script data to a configuration inspector.
An embodiment of the present invention further provides an electronic device, fig. 4 is a schematic structural diagram of an embodiment of the electronic device of the present invention, and a flow of the embodiment shown in fig. 1-2 of the present invention can be implemented, as shown in fig. 4, where the electronic device may include: the device comprises a shell 41, a processor 42, a memory 43, a circuit board 44 and a power circuit 45, wherein the circuit board 44 is arranged inside a space enclosed by the shell 41, and the processor 42 and the memory 43 are arranged on the circuit board 44; a power supply circuit 45 for supplying power to each circuit or device of the electronic apparatus; the memory 43 is used for storing executable program code; the processor 42 executes a program corresponding to the executable program code by reading the executable program code stored in the memory 43, for executing the method described in any of the foregoing embodiments.
The specific execution process of the above steps by the processor 42 and the steps further executed by the processor 42 by running the executable program code may refer to the description of the embodiment shown in fig. 1-2 of the present invention, and are not described herein again.
The electronic device exists in a variety of forms, including but not limited to:
(1) a mobile communication device: such devices are characterized by mobile communications capabilities and are primarily targeted at providing voice, data communications. Such terminals include: smart phones (e.g., iphones), multimedia phones, functional phones, and low-end phones, among others.
(2) Ultra mobile personal computer device: the equipment belongs to the category of personal computers, has calculation and processing functions and generally has the characteristic of mobile internet access. Such terminals include: PDA, MID, and UMPC devices, etc., such as ipads.
(3) A portable entertainment device: such devices can display and play multimedia content. This type of device comprises: audio, video players (e.g., ipods), handheld game consoles, electronic books, and smart toys and portable car navigation devices.
(4) A server: the device for providing the computing service comprises a processor, a hard disk, a memory, a system bus and the like, and the server is similar to a general computer architecture, but has higher requirements on processing capacity, stability, reliability, safety, expandability, manageability and the like because of the need of providing high-reliability service.
(5) And other electronic equipment with data interaction function.
Embodiments of the present invention also provide a computer readable storage medium storing one or more programs, the one or more programs being executable by one or more processors to implement a method as in any preceding embodiment.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments.
In particular, as for the apparatus embodiment, since it is substantially similar to the method embodiment, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
For convenience of description, the above devices are described separately in terms of functional division into various units/modules. Of course, the functionality of the units/modules may be implemented in one or more software and/or hardware implementations of the invention.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
The above description is only for the specific embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are included in the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (12)
1. A method for obtaining a configuration checklist, comprising:
acquiring operating system information and software information of a host;
establishing a CPE database, and carrying out fuzzy matching on the acquired operating system information and software information of the host in the CPE database;
taking the name and version number in CPE data obtained by fuzzy matching as retrieval conditions;
and searching by using NCP to obtain a check list, and sending the check list to a configuration inspector.
2. The method of claim 1, wherein the obtaining operating system information and software information of the host includes:
acquiring the name and the version number of a host operating system;
if the operating system is a Windows series system, software information installed by the host and manufacturer information of the operating system are obtained by scanning a host registry;
and if the operating system is a Linux series system, acquiring software information installed by the host and operating system manufacturer information through a command.
3. The method according to claim 1, wherein establishing a CPE database specifically is:
downloading the latest version of CPE file regularly;
if downloading for the first time, reading and analyzing an xml file of the CPE file, and inputting the file name and the content item of the xml file into a database;
if the downloading is not the first time, downloading the latest version of CPE file, comparing the latest version of CPE file with the xml file name of the CPE file downloaded last time, if the downloading is not the same as the previous downloading, reading and analyzing the xml file of the CPE file downloaded this time, removing the duplicate of the content item according to the CPE _ uri field, reserving the newly-added xml file content item, and inputting the newly-added xml file content item into a database; if the download files are consistent, the download files are not recorded into the database;
wherein the xml file content item includes: vendor, name, version number, type, system version, software version, update information, software platform, hardware platform, language, other, cpe _ uri.
4. The method of claim 1, wherein prior to fuzzy matching the obtained host operating system information and software information in the CPE database, further comprising:
establishing a Chinese and English comparison library: acquiring names of common Chinese name manufacturers, Chinese name software and operating system version names, calling a translation API (application program interface) interface, and translating the names into English;
and judging whether the acquired host operating system information and software information have Chinese names, if so, replacing the Chinese names with corresponding English names by using a Chinese and English comparison library.
5. The method of claim 1, wherein the NCP is used to perform a search to obtain a checklist, and wherein the checklist is sent to a configuration inspector, specifically:
searching by using NCP, acquiring a check list and detailed information in a grading manner, and downloading script data according to the detailed information to obtain a check list data set;
removing duplication of the data set of the check list, and recording the number of times of duplication;
checking whether the condition that the same name corresponds to different versions exists in the check list or not by utilizing regular matching, if so, removing the check list of the low version and marking;
writing each field, repetition times and low version removal conditions of the check list into an excel form to obtain a check list;
and sending the inspection list and the corresponding script data to a configuration inspector.
6. An apparatus for obtaining a configuration checklist, comprising:
an information acquisition module: the system comprises a host computer, a data processing unit and a data processing unit, wherein the host computer is used for acquiring operating system information and software information of the host computer;
a fuzzy matching module: the system comprises a CPE database and a database server, wherein the CPE database is used for establishing a CPE database and carrying out fuzzy matching on the acquired operating system information and software information of a host in the CPE database;
a retrieval condition acquisition module: the method is used for taking the name and the version number in the CPE data obtained by fuzzy matching as retrieval conditions;
the inspection list acquisition module: the system is used for searching by using NCP, obtaining a check list and sending the check list to a configuration inspector.
7. The apparatus of claim 6, wherein the information acquisition module is specifically configured to:
acquiring the name and the version number of a host operating system;
if the operating system is a Windows series system, software information installed by the host and manufacturer information of the operating system are obtained by scanning a host registry;
and if the operating system is a Linux series system, acquiring software information installed by the host and operating system manufacturer information through a command.
8. The apparatus of claim 6, wherein the fuzzy matching module further comprises a CPE database establishment module, specifically configured to:
downloading the latest version of CPE file regularly;
if downloading for the first time, reading and analyzing an xml file of the CPE file, and inputting the file name and the content item of the xml file into a database;
if the downloading is not the first time, downloading the latest version of CPE file, comparing the latest version of CPE file with the xml file name of the CPE file downloaded last time, if the latest version of CPE file is not the first time, reading and analyzing the xml file of the CPE file downloaded this time, removing the duplicate of the content item according to the CPE _ uri field, reserving the newly-added xml file content item, and inputting the newly-added xml file content item into the database; if the download files are consistent, the download files are not recorded into the database;
wherein the xml file content item includes: vendor, name, version number, type, system version, software version, update information, software platform, hardware platform, language, other, cpe _ uri.
9. The apparatus of claim 6, further comprising a chinese-english comparison library creating module: the system is used for acquiring names of common Chinese name manufacturers, Chinese name software and operating system version names, calling a translation API (application program interface) interface and translating the names into English;
and a replacement module: and the system is used for judging whether the acquired host operating system information and software information have Chinese names, and if so, replacing the Chinese names with corresponding English names by using a Chinese and English comparison library.
10. The apparatus of claim 6, wherein the checklist obtaining module is specifically configured to:
searching by using NCP, acquiring a check list and detailed information in a grading manner, and downloading script data according to the detailed information to obtain a check list data set;
removing duplication of the data set of the check list, and recording the number of times of duplication;
checking whether the condition that the same name corresponds to different versions exists in the check list or not by utilizing regular matching, if so, removing the check list of the low version and marking;
writing each field, repetition times and low version removal conditions of the check list into an excel form to obtain a check list;
and sending the inspection list and the corresponding script data to a configuration inspector.
11. An electronic device, characterized in that the electronic device comprises: the device comprises a shell, a processor, a memory, a circuit board and a power circuit, wherein the circuit board is arranged in a space enclosed by the shell, and the processor and the memory are arranged on the circuit board; a power supply circuit for supplying power to each circuit or device of the electronic apparatus; the memory is used for storing executable program codes; the processor executes a program corresponding to the executable program code by reading the executable program code stored in the memory, for executing the method of obtaining a configuration checklist according to any one of the preceding claims 1 to 5.
12. A computer readable storage medium, characterized in that the computer readable storage medium stores one or more programs executable by one or more processors to implement the method of obtaining a configuration checklist of any of the preceding claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911316904.4A CN111078481B (en) | 2019-12-19 | 2019-12-19 | Method, device, electronic equipment and storage medium for acquiring configuration checklist |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911316904.4A CN111078481B (en) | 2019-12-19 | 2019-12-19 | Method, device, electronic equipment and storage medium for acquiring configuration checklist |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111078481A true CN111078481A (en) | 2020-04-28 |
| CN111078481B CN111078481B (en) | 2023-12-26 |
Family
ID=70315603
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911316904.4A Active CN111078481B (en) | 2019-12-19 | 2019-12-19 | Method, device, electronic equipment and storage medium for acquiring configuration checklist |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111078481B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111611284A (en) * | 2020-05-28 | 2020-09-01 | 联想(北京)有限公司 | Material list generation method and electronic equipment |
| CN112734056A (en) * | 2020-12-29 | 2021-04-30 | 望海康信(北京)科技股份公司 | Operation and maintenance system, method and corresponding equipment and storage medium |
| CN114070638A (en) * | 2021-11-22 | 2022-02-18 | 安天科技集团股份有限公司 | Computer system security defense method, device, electronic equipment and medium |
| CN117150097A (en) * | 2023-08-31 | 2023-12-01 | 应急管理部大数据中心 | Automatic matching method for law enforcement checklist |
| CN117151397A (en) * | 2023-08-31 | 2023-12-01 | 应急管理部大数据中心 | Intelligent matching management method for field inspection scheme tasks |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100246436A1 (en) * | 2009-03-26 | 2010-09-30 | At&T Services, Inc. | User-controlled network configuration for handling multiple classes of service |
| US8725702B1 (en) * | 2012-03-15 | 2014-05-13 | Symantec Corporation | Systems and methods for repairing system files |
| US20140189873A1 (en) * | 2009-12-21 | 2014-07-03 | Symantec Corporation | System and method for vulnerability risk analysis |
| CN106201867A (en) * | 2016-06-29 | 2016-12-07 | 武汉斗鱼网络科技有限公司 | Customizable automatic unit method of testing and system under a kind of Linux platform |
| WO2018121442A1 (en) * | 2016-12-30 | 2018-07-05 | 腾讯科技(深圳)有限公司 | Method and device for processing software information, storage medium, and electronic device |
| CN108900527A (en) * | 2018-07-20 | 2018-11-27 | 南京方恒信息技术有限公司 | A kind of security configuration check system |
-
2019
- 2019-12-19 CN CN201911316904.4A patent/CN111078481B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100246436A1 (en) * | 2009-03-26 | 2010-09-30 | At&T Services, Inc. | User-controlled network configuration for handling multiple classes of service |
| US20140189873A1 (en) * | 2009-12-21 | 2014-07-03 | Symantec Corporation | System and method for vulnerability risk analysis |
| US8725702B1 (en) * | 2012-03-15 | 2014-05-13 | Symantec Corporation | Systems and methods for repairing system files |
| CN106201867A (en) * | 2016-06-29 | 2016-12-07 | 武汉斗鱼网络科技有限公司 | Customizable automatic unit method of testing and system under a kind of Linux platform |
| WO2018121442A1 (en) * | 2016-12-30 | 2018-07-05 | 腾讯科技(深圳)有限公司 | Method and device for processing software information, storage medium, and electronic device |
| CN108900527A (en) * | 2018-07-20 | 2018-11-27 | 南京方恒信息技术有限公司 | A kind of security configuration check system |
Non-Patent Citations (1)
| Title |
|---|
| 张力;: "引入SCAP标准提高***配置安全", 信息安全与技术, no. 10, pages 24 - 28 * |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111611284A (en) * | 2020-05-28 | 2020-09-01 | 联想(北京)有限公司 | Material list generation method and electronic equipment |
| CN112734056A (en) * | 2020-12-29 | 2021-04-30 | 望海康信(北京)科技股份公司 | Operation and maintenance system, method and corresponding equipment and storage medium |
| CN114070638A (en) * | 2021-11-22 | 2022-02-18 | 安天科技集团股份有限公司 | Computer system security defense method, device, electronic equipment and medium |
| CN114070638B (en) * | 2021-11-22 | 2023-07-18 | 安天科技集团股份有限公司 | Computer system security defense method and device, electronic equipment and medium |
| CN117150097A (en) * | 2023-08-31 | 2023-12-01 | 应急管理部大数据中心 | Automatic matching method for law enforcement checklist |
| CN117151397A (en) * | 2023-08-31 | 2023-12-01 | 应急管理部大数据中心 | Intelligent matching management method for field inspection scheme tasks |
| CN117150097B (en) * | 2023-08-31 | 2024-03-01 | 应急管理部大数据中心 | Automatic matching method for law enforcement checklist |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111078481B (en) | 2023-12-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111078481B (en) | Method, device, electronic equipment and storage medium for acquiring configuration checklist | |
| CN106897072B (en) | Service engineering calling method and device and electronic equipment | |
| CN111507086B (en) | Automatic discovery of translated text locations in localized applications | |
| CN103559065B (en) | Method and system for OTA (Over-the-Air Technology) upgrade | |
| US20150142813A1 (en) | Language tag management on international data storage | |
| CN117112060A (en) | Component library construction method and device, electronic equipment and storage medium | |
| KR20070095530A (en) | Method for providing patch data to client terminals and game providing system of enabling the method | |
| CN114756868A (en) | Network asset and vulnerability association method and device based on fingerprint | |
| US20140359077A1 (en) | Method and apparatus for transmitting symbol files | |
| CN112711424B (en) | Method and device for determining risk problems of application program and storage medium | |
| CN109471799A (en) | A kind of dispositions method of demand environment, device, storage medium and terminal | |
| CN112948827A (en) | Source code compiling verification method, system, equipment and storage medium | |
| CN110955449B (en) | Gray scale release method and device for client | |
| CN106445737B (en) | Multi-backup starting method | |
| CN111488483A (en) | Method, device, terminal and non-transitory computer-readable storage medium for updating song library | |
| CN116795486A (en) | Analysis method and device for container mirror image file purification, storage medium and terminal | |
| CN115794220A (en) | Software source migration method, device and system, computing device and readable storage medium | |
| CN114816816A (en) | Collapse stack information processing method, device, equipment and storage medium | |
| CN114816470A (en) | Metadata database management method and device, electronic equipment and medium | |
| CN111736848A (en) | Packet conflict positioning method and device, electronic equipment and readable storage medium | |
| US20170154096A1 (en) | Data service system and electronic apparatus | |
| CN113190465B (en) | Test information processing method, device, equipment and storage medium | |
| CN116955209B (en) | WebAsssembly virtual machine testing method and device | |
| CN112749085B (en) | Cross-cluster task publishing method and device, electronic equipment and storage medium | |
| CN109471650B (en) | Upgrading abnormity determining method and device and computer equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 150028 building 7, innovation and entrepreneurship square, science and technology innovation city, Harbin high tech Industrial Development Zone, Heilongjiang Province (No. 838, Shikun Road) Applicant after: Antan Technology Group Co.,Ltd. Address before: 150028 building 7, innovation and entrepreneurship square, science and technology innovation city, Harbin high tech Industrial Development Zone, Harbin, Heilongjiang Province (No. 838, Shikun Road) Applicant before: Harbin Antian Science and Technology Group Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |