Nothing Special   »   [go: up one dir, main page]

CN101227467B - Apparatus for managing black list - Google Patents

Apparatus for managing black list Download PDF

Info

Publication number
CN101227467B
CN101227467B CN200810002339XA CN200810002339A CN101227467B CN 101227467 B CN101227467 B CN 101227467B CN 200810002339X A CN200810002339X A CN 200810002339XA CN 200810002339 A CN200810002339 A CN 200810002339A CN 101227467 B CN101227467 B CN 101227467B
Authority
CN
China
Prior art keywords
blacklist
characteristic information
list item
router
zone
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN200810002339XA
Other languages
Chinese (zh)
Other versions
CN101227467A (en
Inventor
孙勇
郑轶
曹皖明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN200810002339XA priority Critical patent/CN101227467B/en
Publication of CN101227467A publication Critical patent/CN101227467A/en
Application granted granted Critical
Publication of CN101227467B publication Critical patent/CN101227467B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention provides a management process of a blacklist, which comprises the following steps that arranging blacklist conditions for a router, obtaining characteristic information which meets the conditions of joining into the blacklist when the router transmits messages, and managing the blacklist according to the characteristic information. The invention further provides a blacklist management device, which comprises an arrangement module which is used to arrange the blacklist conditions for the router, a transmission module which is used to obtain the characteristic information which meets the conditions of joining into the blacklist when the router transmits messages, and a management module which is used to manage the blacklist according to the characteristic information. The invention increases the real-time of communication blacklist management.

Description

Method for managing black list and device
Technical field
The present invention relates to the communications field, more specifically, relate to a kind of method for managing black list and device.
Background technology
In communication products, blacklist is a kind of mode of filtering according to the source IP address of message and further feature information.The topmost characteristic of blacklist is to add the wherein list item of definition of (dynamically generating) and deletion (regularly aging) automatically, and this is the function that most of communication products all have.This function is obtained by administration module on the one hand needs newly-increased blacklist list item information, and administration module is passed to information module with this information more then, and last information module adds processing; On the other hand, administration module checked to existing blacklist list item at first that before information module transmission information if find to have aging list item, then the announcement information module is deleted these list items.In addition, blacklist management devices manual configuration, modification and deletion at any time as required.
Fig. 1 shows Intranet user is got involved Internet by the router with firewall functionality networking schematic diagram.Intranet is made up of following equipment (but being not limited to following equipment): host PC 1, PC2, switch and router R1 (having firewall functionality).Intranet user PC1 and PC2 are connected to the interface 1 of router R1 by equipment (as switch), can be connected to exterior I nternet from interface 2.The major function of using on router R1 (but being not limited to following function) has: fire compartment wall, blacklist, the zone is detected, network address translation NAT and access control list ACL, opening firewall functionality is the precondition that realizes blacklist and regional measuring ability, blacklist can filter message according to network actual conditions and configuration needs, and the message information that will have aggressiveness or viral source adds the blacklist list item, surveyed area comes identification according to the arrival frequency of a certain message or head feature information, and whether it has the message of aggressiveness or viral source, and the message information that will have aggressiveness or viral source is passed to the blacklist management devices, network address translation function makes when Intranet user and Internet user exchange visits exchanges private network IP address and public network IP address, and access list feature is mainly used in above-mentioned network address translation function.Main configuration on the interface 1 (but being not limited to following configuration) has: be tied to regional A and the network address converting attribute that sets into direction; Main configuration on the interface 2 (but being not limited to following configuration) has: be tied to area B and the network address converting attribute that sets out direction.
Yet the management of these blacklists is adopted the real time communication interface to add automatically between module and is deleted, and when carrying out manual configuration, modification and deletion, has the not high problem of real-time.
Summary of the invention
The present invention aims to provide a kind of method for managing black list and device, can solve the not high problem of blacklist management real-time in the above-mentioned correlation technique.
In an embodiment of the present invention, provide a kind of method for managing black list, may further comprise the steps: to configuration of routers blacklist condition; Therefrom obtain when router E-Packets and satisfy the characteristic information that adds the blacklist condition; According to characteristic information blacklist is managed.
Preferably, configuration blacklist condition specifically comprises: the insincere zone of configuration on router; And on insincere zone configuration blacklist condition.
Preferably, the insincere zone of configuration specifically comprises on router: the interface and the non-safe interface that router are connected outer net join in the insincere zone.
Preferably, characteristic information comprises the source IP address of message.Obviously can also be that content of message relates to responsive keyword, perhaps similarly other information can constitutive characteristic information.
Preferably, according to characteristic information blacklist is managed specifically and to comprise: according to characteristic information blacklist is searched, with aging list item deletion, with characteristic information as new list item adding blacklist.
Preferably, according to characteristic information blacklist is managed specifically and to comprise: according to characteristic information blacklist is searched, aging list item deletion; Mate with blacklist, when not matching characteristic information, characteristic information is added blacklist as new list item; When perhaps matching characteristic information, the list item of deletion coupling.
Preferably, also comprise: on router, open firewall option, be used to select whether to start management blacklist.
Preferably, also comprise: periodically delete the aging list item in the blacklist.
Preferably, also comprise: the list item in the blacklist is provided with ageing time, when the survival of list item exceeds ageing time, list item then is set is aging list item.
Above-mentioned method for managing black list has been avoided the complex communication between a plurality of modules, so improved the real-time of communication blacklist management.
In an embodiment of the present invention, also provide a kind of blacklist management devices, having comprised: configuration module is used for configuration of routers blacklist condition; Forwarding module therefrom obtains when being used for router and E-Packeting and satisfies the characteristic information that adds the blacklist condition; Administration module is used for according to characteristic information blacklist being managed.
Above-mentioned blacklist management devices has been avoided the complex communication between a plurality of modules, so improved the real-time of communication blacklist management.
Description of drawings
Accompanying drawing described herein is used to provide further understanding of the present invention, constitutes the application's a part, and illustrative examples of the present invention and explanation thereof are used to explain the present invention, do not constitute improper qualification of the present invention.In the accompanying drawings:
Fig. 1 shows Intranet user is got involved Internet by the router with firewall functionality networking schematic diagram;
Fig. 2 shows the flow chart according to the method for managing black list of the embodiment of the invention;
Fig. 3 shows according to the automatic management process schematic diagram of the blacklist of the embodiment of the invention;
Fig. 4 shows the blacklist manual administration schematic flow sheet according to the embodiment of the invention;
Fig. 5 shows the block diagram according to the blacklist management devices of the embodiment of the invention.
Embodiment
Below with reference to the accompanying drawings and in conjunction with the embodiments, describe the present invention in detail.
Fig. 2 shows the flow chart according to the method for managing black list of the embodiment of the invention, may further comprise the steps:
Step S10 is to configuration of routers blacklist condition;
Step S20 therefrom obtains when router E-Packets and satisfies the characteristic information that adds the blacklist condition;
Step S30 manages blacklist according to characteristic information.
Above-mentioned method for managing black list has been avoided the complex communication between a plurality of modules, so improved the real-time of communication blacklist management.
Preferably, step S10 specifically comprises: the insincere zone of configuration on router; And on insincere zone configuration blacklist condition.Configuration trusted area and insincere zone on router, and the interface and the non-safe interface that will connect outer net join in the insincere zone; The purpose of dividing zones of different is in order to dwindle the scope that blacklist is checked, only to check insincere zone; The fail safe of interface is not absolute, can at any time any interface be joined insincere zone.
The insincere zone of configuration specifically can comprise on router: the interface and the non-safe interface that router are connected outer net join in the insincere zone.Because message always passes in and out from interface, and interface is bundled on the zone, safe coefficient according to the zone determines whether that needs carry out the zone and detect again, and only flowing through needs the message of surveyed area just to carry out the zone detection, so the zoning helps dwindling the scope of detection.
Preferably, characteristic information comprises the source IP address of message, also can comprise other characteristic informations.
In addition, the blacklist condition can comprise the message aggression mode that needs detect, and the parameter of inspection is set; The message aggression mode can dispose according to different applicable cases, if do not dispose, then can not carry out attack detecting; Be provided with and check that parameter has determined the strict degree of message audit, if be not provided with, then adopts default value.
Preferably, step S30 specifically comprises: according to characteristic information blacklist is searched, the list item deletion with aging adds blacklist with characteristic information as new list item.Specifically, satisfy the message that adds the blacklist condition if exist, then the source IP address of this message and further feature information are sent to the blacklist management devices, the blacklist management devices is searched all blacklist list items, with aging list item deletion, the blacklist management devices adds the blacklist list item with the source IP address and the further feature information of message, and the ageing time that newly adds the blacklist list item can adopt parameter or the default value that sets in advance, and subsequent packet is produced filtration; Otherwise then transmit according to normal flow process.
Preferably, step S30 specifically comprises: according to characteristic information blacklist is searched, with aging list item deletion; Mate with blacklist, when not matching characteristic information, characteristic information is added blacklist as new list item; When perhaps matching characteristic information, the list item of deletion coupling.Specifically, if directly the blacklist list item is operated, then need the source IP address and the further feature information of adding or delete are sent to the blacklist management devices, the blacklist management devices is searched all blacklist list items, with aging list item deletion, then with blacklist in all list items mate, when not matching the list item that needs interpolation, directly add, the ageing time that newly adds the blacklist list item can adopt configuration parameter or default value, and subsequent packet is produced filtration; When matching the list item that needs deletion, directly delete, and subsequent packet is not had filtration; Otherwise provide the information of operation failure.
Preferably, also can on router, open firewall option, be used to select whether to start management blacklist.Need carry out the blacklist inspection when this function has determined message through router, determine message to be added the blacklist list item automatically, determine that the blacklist list item has the characteristic of automatic aging with attack signature; When closing this function, before all blacklist information will be cleared.
Preferably, also comprise: periodically delete the aging list item in the blacklist.Blacklist is regularly deleted aging list item during the triggerless operation, reaches real intellectuality and real-time management.
Can ageing time be set to the list item in the blacklist, when the survival of list item exceeds ageing time, list item then be set be aging list item.
The blacklist management of the described data communication products of above-mentioned method for managing black list has hard real time, does not have information interaction between the module, has both reduced communication complexity, has improved security of communication system simultaneously again.
When forwarding module detects when having aggressive message, at first, the source IP address of message and further feature information are sent to the blacklist management devices, and with this packet loss, then, the blacklist management devices is searched all blacklist list items, with aging list item deletion, then, the blacklist management devices adds the blacklist list item with the source IP address and the further feature information of message, the new ageing time of blacklist list item and the relating to parameters that sets in advance of adding adopts the acquiescence ageing time when not being provided with.
When user's manual configuration or deletion blacklist list item, at first, source IP address and further feature information are sent to the blacklist management devices, then, the blacklist management devices is searched all blacklist list items, with aging list item deletion, then, the blacklist management devices mates source IP address and further feature information and all blacklist list items successively, if configuration operation and coupling not then add the blacklist list item with source IP address and further feature information; If configuration operation and coupling then point out this blacklist list item to exist; If deletion action and coupling are then with this blacklist list item deletion; If deletion action and not the coupling, then point out this blacklist list item not exist.
The above embodiment of the present invention can be the innovation on the software engineering, by optimizing the blacklist management process, with blacklist management real-time and the raising communication system security that strengthens data communication products.
Fig. 3 shows according to the automatic management process schematic diagram of the blacklist of the embodiment of the invention.
Step S302, message filters through blacklist.
Step S304 judges whether by checking.If the source IP address of message and further feature information then are legal message not in the blacklist list item; Otherwise be invalid packet.Blacklist only allows legal message to pass through, and legal message turns to step S308, otherwise step S306, invalid packet directly is dropped;
Step S308, message detects through the zone.
Step S310, surveyed area comes identification according to the arrival frequency of a certain message or head feature information, and whether it has the message of aggressiveness or viral source, attacks or the condition of viral source message if satisfy, and then turns to step S314; Otherwise message enters normal forwarding process step S312;
Step S314 obtains the message source IP address and other characteristic information is passed to the blacklist management devices, and abandons this message, turns to step S316;
Step S316, the blacklist burin-in process.Blacklist is divided into and triggers aging and regularly aging dual mode, only provides the aging mode that triggers among this figure, all can start burin-in process to any operation of blacklist management devices, and the blacklist list item after aging turns to step S318 with deleted; When the blacklist module not being operated in a period of time, timer starts burin-in process, and the blacklist list item after wearing out is with deleted;
Step S318 generates new blacklist list item.Because filter through blacklist the front, the known message with aggressiveness or viral source is all directly abandoned, and the unknown message with aggressiveness or viral source all is the list item that does not have in the blacklist, gets final product so directly add, so far, the processing of blacklist management devices finishes.
Fig. 4 shows the blacklist manual administration schematic flow sheet according to the embodiment of the invention.
Step S402, the operation of blacklist list item.
Step S404, to router input source IP address and other characteristic information, source IP address information is essential option by terminal, further feature information is option, if configuration operation then turns to step S416; Otherwise be deletion action, turn to step S406;
Step S406 extracts source IP address and other characteristic information and passes to the blacklist management devices, turns to step S408;
Step S408, the blacklist burin-in process.The configuration operation of blacklist management devices starts burin-in process, and the blacklist list item after wearing out turns to step S408 with deleted;
Step S410, the blacklist list item is searched.
Step S414 if configuration information has been present in the blacklist list item, then points out this blacklist list item to exist, and so far, the processing of blacklist management devices finishes; Otherwise turn to step S412;
Step S412 points out this blacklist list item not exist, and generates new blacklist list item, and so far, the processing of blacklist management devices finishes;
Step S416 extracts source IP address and other characteristic information of input and passes to the blacklist management devices, turns to step S414;
Step S418, the blacklist burin-in process.The deletion action of blacklist management devices starts burin-in process, and the blacklist list item after wearing out turns to step S420 with deleted;
Step S420, the blacklist list item is searched.If deletion information has been present in the blacklist list item, then turn to step S422;
Step S424, on the contrary point out this blacklist list item not exist, and so far, the processing of blacklist management devices finishes;
Step S422, information has been present in the blacklist list item, deletes this blacklist list item, and so far, the processing of blacklist management devices finishes;
Fig. 5 shows the block diagram according to the blacklist management devices of the embodiment of the invention, comprising:
Configuration module 10 is used for configuration of routers blacklist condition;
Forwarding module 20 therefrom obtains the characteristic information that satisfies the message that adds the blacklist condition when being used for router and E-Packeting;
Administration module 30 is used for according to characteristic information blacklist being managed.
Below in conjunction with Fig. 1 to being described in further detail:
Hardware components is made up of the host PC 1......PC2 more than, a switch, a router with firewall functionality etc., and the networking graph of a relation as shown in Figure 1.
One, the treatment step of software section is as follows:
The 1st step: arranging access control list ACL on router R1 is applied to the dynamic network address transition
ip?access-list?extended?100
rule?1?permit?0?192.168.88.00.0.0.255?any
The 2nd step: on router R1, start firewall functionality, blacklist function and configuring area measuring ability and scanning (screen) group
firewall
blacklist?enable
zone?1
zone?2
screen?zxr
The 3rd step: on router R1, enable the network address translation nat feature and dispose the dynamic network address translation rule
A. enable the NAT module
ip?nat?start
B. the dynamic network address translation rule is applied to Intranet user visit Internet
ip?nat?pool?zte?10.40.88.10?10.40.88.20?prefix_length?24
ip?nat?inside?source?list?100?pool?zte
The 4th step: configuration of IP address and network address translation NAT attribute on interface 1 and interface 2
A. interface 1
ip?address?192.168.88.1?255.255.255.0
ip?nat?inside
B. interface 2
ip?address?10.40.88.1?255.255.255.0
ip?nat?outside
The 5th step: configuration detection is attacked or viral message mode in screen group zxr, and attack or viral message mode can define as required, and the zone can not detect the message of undefined attack pattern or Virus Type
ip?spoofing
icmp?flood?blacklist-timeout?10
The 6th step: binding interface name and scanning (screen) group on zone1 and zone2, only flowing through needs the message of surveyed area just to carry out the zone detection, supposes that from the message that Intranet is sent be safe, does not need to carry out the zone and detects
a.zone?1
interface-bind?fei_1/2
b.zone?2
interface-bind?fei_1/1
screen-bind?zxr
Two, send message to Intranet user from Internet
The 1st step: message arrives interface 2 (interface is called fei_1/1) from interface 3, at first extracts header information, and then through the blacklist inspection, if known invalid packet, then Direct Filtration is fallen; Otherwise entered for the 2nd step;
The 2nd step: message if inspection is not passed through, then entered for the 3rd step through anti-virus and attack protection inspection; Otherwise entered for the 4th step;
The 3rd step: the source IP address and other characteristic information that at first obtain message are passed to the blacklist management devices and are abandoned this message, trigger the blacklist burin-in process then, generate new blacklist list item at last, and flow process finishes;
The 4th step: message is sent from interface 1 according to purpose IP address through after the network address translation, finally arrives Intranet user, and flow process finishes.
Three, send message to Internet from Intranet user
The 1st step: message arrives interface 1 (interface is called fei_1/2) from Intranet user, because the message that hypothesis is sent from Intranet is safe, does not detect so do not need to carry out the zone.If the blacklist inspection is not passed through, then directly abandon this message, flow process finishes; Otherwise entered for the 2nd step;
The 2nd step: according to purpose IP address, message need be sent from interface 2, and interface 1 and interface 2 satisfy the condition of network address translation.Through after the network address translation, message is sent from interface 2, arrives Internet, and flow process finishes.
As can be seen from the above description, the present invention has realized following technique effect:
Compared with prior art, blacklist real time management method of the present invention does not have information interaction between module, and this requires the design in the module compact more, and logicality is stronger, makes that blacklist management real-time and stability are better, and communication system security is higher.Have stable performance, real-time height, advantage such as safe and reliable.
Obviously, those skilled in the art should be understood that, above-mentioned each module of the present invention or each step can realize with the general calculation device, they can concentrate on the single calculation element, perhaps be distributed on the network that a plurality of calculation element forms, alternatively, they can be realized with the executable program code of calculation element, thereby, they can be stored in the storage device and carry out by calculation element, perhaps they are made into each integrated circuit modules respectively, perhaps a plurality of modules in them or step are made into the single integrated circuit module and realize.Like this, the present invention is not restricted to any specific hardware and software combination.
The above is the preferred embodiments of the present invention only, is not limited to the present invention, and for a person skilled in the art, the present invention can have various changes and variation.Within the spirit and principles in the present invention all, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.

Claims (8)

1. a method for managing black list is characterized in that, may further comprise the steps:
The insincere zone of configuration on router, the described blacklist condition of configuration on described insincere zone;
Therefrom obtain when described router E-Packets and satisfy the characteristic information that adds described blacklist condition;
According to described characteristic information blacklist is managed,
Wherein, the insincere zone of configuration comprises that specifically the interface and the non-safe interface that described router are connected outer net join in the described insincere zone on described router.
2. method for managing black list according to claim 1 is characterized in that described characteristic information comprises the source IP address of described message.
3. method for managing black list according to claim 1 is characterized in that, according to described characteristic information blacklist is managed specifically to comprise:
According to described characteristic information described blacklist is searched, the list item deletion with aging adds described blacklist with described characteristic information as new list item.
4. method for managing black list according to claim 1 is characterized in that, according to described characteristic information blacklist is managed specifically to comprise:
According to described characteristic information described blacklist is searched, with aging list item deletion;
Mate with described blacklist, when not matching described characteristic information, described characteristic information is added described blacklist as new list item; Perhaps
When matching described characteristic information, the list item of deletion coupling.
5. method for managing black list according to claim 1 is characterized in that, also comprises:
On described router, open firewall option, be used to select whether to start management described blacklist.
6. method for managing black list according to claim 1 is characterized in that, also comprises:
Periodically delete the aging list item in the described blacklist.
7. method for managing black list according to claim 1 is characterized in that, also comprises:
List item in the described blacklist is provided with ageing time, when the survival of described list item exceeds described ageing time, described list item then is set is aging list item.
8. a blacklist management devices is characterized in that, comprising:
Configuration module is used for the insincere zone of configuration on router, the described blacklist condition of configuration on described insincere zone;
Forwarding module therefrom obtains when being used to described router is E-Packeted and satisfies the characteristic information that adds described blacklist condition;
Administration module is used for according to described characteristic information blacklist being managed,
Wherein, the insincere zone of configuration comprises that specifically the interface and the non-safe interface that described router are connected outer net join in the described insincere zone on described router.
CN200810002339XA 2008-01-08 2008-01-08 Apparatus for managing black list Active CN101227467B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN200810002339XA CN101227467B (en) 2008-01-08 2008-01-08 Apparatus for managing black list

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN200810002339XA CN101227467B (en) 2008-01-08 2008-01-08 Apparatus for managing black list

Publications (2)

Publication Number Publication Date
CN101227467A CN101227467A (en) 2008-07-23
CN101227467B true CN101227467B (en) 2011-11-30

Family

ID=39859218

Family Applications (1)

Application Number Title Priority Date Filing Date
CN200810002339XA Active CN101227467B (en) 2008-01-08 2008-01-08 Apparatus for managing black list

Country Status (1)

Country Link
CN (1) CN101227467B (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102780641B (en) * 2012-08-17 2015-07-08 北京傲天动联技术股份有限公司 Flow table aging method and device of quick forwarding engine, and switch
CN103685318B (en) * 2013-12-31 2017-09-12 山石网科通信技术有限公司 Data processing method and device for network safety prevention
CN103812875A (en) * 2014-03-07 2014-05-21 网神信息技术(北京)股份有限公司 Data processing method and data processing device for gateway equipment
CN104270364B (en) * 2014-09-30 2018-01-12 新华三技术有限公司 A kind of Hypertext Transfer Protocol message treating method and apparatus
CN105871777A (en) * 2015-01-20 2016-08-17 中兴通讯股份有限公司 Wireless router access processing method, wireless router access method and device
CN106021520B (en) * 2016-05-24 2020-02-07 重庆通畅无忧信息技术有限公司 Method for storing and inquiring blacklist of user card
CN109714313A (en) * 2018-11-20 2019-05-03 远江盛邦(北京)网络安全科技股份有限公司 The method of anti-crawler
CN109561109A (en) * 2019-01-16 2019-04-02 新华三技术有限公司 A kind of message processing method and device
CN115208652B (en) * 2022-07-07 2024-05-28 广州市大周电子科技有限公司 Dynamic network resource access control method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1708012A (en) * 2004-06-07 2005-12-14 阿尔卡特公司 Method for preventing attacks on a network server within a call-based-services-environment and attack-prevention-device for executing the method
CN1874303A (en) * 2006-03-04 2006-12-06 华为技术有限公司 Method for implementing black sheet
CN101035098A (en) * 2007-04-24 2007-09-12 北京网秦天下科技有限公司 Method for the mobile terminal to reject the spam via the query
CN101060498A (en) * 2007-06-22 2007-10-24 杭州华三通信技术有限公司 A method for realizing the gateway Mac binding, assembly, gateway and layer 2 switch

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1708012A (en) * 2004-06-07 2005-12-14 阿尔卡特公司 Method for preventing attacks on a network server within a call-based-services-environment and attack-prevention-device for executing the method
CN1874303A (en) * 2006-03-04 2006-12-06 华为技术有限公司 Method for implementing black sheet
CN101035098A (en) * 2007-04-24 2007-09-12 北京网秦天下科技有限公司 Method for the mobile terminal to reject the spam via the query
CN101060498A (en) * 2007-06-22 2007-10-24 杭州华三通信技术有限公司 A method for realizing the gateway Mac binding, assembly, gateway and layer 2 switch

Also Published As

Publication number Publication date
CN101227467A (en) 2008-07-23

Similar Documents

Publication Publication Date Title
CN101227467B (en) Apparatus for managing black list
CN101188612A (en) A blacklist real time management method and device
CN100471172C (en) Method for implementing black sheet
CN101741862B (en) System and method for detecting IRC bot network based on data packet sequence characteristics
CN100566294C (en) Single broadcast reverse path repeating method
CN1855873B (en) Method and system for implementing a high availability vlan
CN102571469B (en) Attack detecting method and device
Nordmark et al. FCFS SAVI: First-Come, first-served source address validation improvement for locally assigned IPv6 addresses
CN101378395B (en) Method and apparatus for preventing reject access aggression
US20150288604A1 (en) Sensor Network Gateway
Kaur et al. Securing BACnet’s pitfalls
KR20170020309A (en) Sensor network gateway
CN107135187A (en) Preventing control method, the apparatus and system of network attack
WO2012077603A1 (en) Computer system, controller, and network monitoring method
CN101888329B (en) Address resolution protocol (ARP) message processing method, device and access equipment
CN104283882B (en) A kind of intelligent safety protection method of router
CN105516129A (en) Method and device for blocking botnet control channel based on SDN (Software Defined Network) technology
CN102137073B (en) Method and access equipment for preventing imitating internet protocol (IP) address to attack
CN101753637A (en) Method and network address translation device preventing network attacks
CN100589434C (en) Method for implementing anti-spurious business server address under access mode
CN101321102A (en) Detection method and access equipment of DHCP server
KR20170017867A (en) Maintaining routing information
CN102045218A (en) Loop detection method and firewall device
CN103491076A (en) Method and system for defending against network attacks
CN101984693A (en) Monitoring method and monitoring device for access of terminal to local area network (LAN)

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant