CN101980481A - Method for realizing session replication and tracking during security terminal emulation protocol monitoring - Google Patents
Method for realizing session replication and tracking during security terminal emulation protocol monitoring Download PDFInfo
- Publication number
- CN101980481A CN101980481A CN2010105335304A CN201010533530A CN101980481A CN 101980481 A CN101980481 A CN 101980481A CN 2010105335304 A CN2010105335304 A CN 2010105335304A CN 201010533530 A CN201010533530 A CN 201010533530A CN 101980481 A CN101980481 A CN 101980481A
- Authority
- CN
- China
- Prior art keywords
- session
- control system
- supervisory control
- client
- replication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a method for realizing session replication and tracking during security terminal emulation protocol monitoring. The method comprises the following steps that: (1) a monitoring system performs secondary login or agency on an SSH protocol, a client initiates a request of starting session replication to the monitoring system, and a new independent virtual session is established between the monitoring system and the client; (2) the monitoring system simultaneously initiates a request of starting session replication to a server, and a new independent virtual session is also established between the server and the monitoring system; (3) the monitoring system correspondingly maps all virtual sessions at two ends; and (4) a virtual memory screen is drawn in the memory, and operation of each session is intercepted in the screen so as to fulfill the aim of independently tracking each session. By the technical means of the invention, on the premise of monitoring the security terminal emulation protocol, session replication and tracking are realized during security terminal emulation protocol monitoring. The method is simple and easy to operate.
Description
Technical field
The invention belongs to security terminal simulation protocol monitoring technique field, specifically relate to realize when a kind of security terminal simulation protocol is monitored the method for session replication and tracking.
Background technology
Terminal emulation protocol is the common protocol that is used to safeguard UNIX or LINUX server, in early days two kinds of TELNET and RLOGIN are arranged based on the popular agreement of TCP/IP network terminal emulation, but because they adopt mode expressly in the process of Network Transmission, this has produced very big potential safety hazard, the person of having an ulterior motive can be easily in bypass to username and password, even operation is monitored and is intercepted and captured.Therefore these two kinds of agreements are transmitted security terminal simulation protocol safer, with better function (hereinafter to be referred as the SSH agreement) step by step and replace.The SSH agreement not only makes network data transmission safer by the method that adopts the SSL asymmetric encryption, and the SSH agreement also provides the function of opening a plurality of virtual sessions in same TCP connection by the method for tunnel, be the session replication of SSH, be very easy to the server maintenance personnel.Fail safe just because of the SSH agreement, the mode that grasps packet by bypass commonly used can't therefrom obtain valid data, therefore if desired the remote access operation based on SSH is monitored, just must on supervisory control system, carry out secondary and land or act on behalf of, otherwise just can't from ciphered data, restore attendant's operation the SSH agreement.So-called secondary login, be exactly that operating personnel at first sign in on the supervisory control system by the SSH agreement, supervisory control system provides friendly menu interface for the operating personnel that authorized, and operating personnel can select the server of own required login directly to login in menu.So-called agency is exactly operating personnel is appointed as the acting server of SSH agreement with supervisory control system, and all SSH protocol access all visit destination server with supervisory control system as the agency.In sum, can know according to the principle that secondary lands or acts on behalf of, the SSH agreement that operating personnel initiate is connected on the supervisory control system and terminates, all are all initiated by supervisory control system the connection of the destination server of maintenance, supervisory control system is a server for client like this, and be client for server end, by this method can anti-easily parse operation behavior.Can satisfy monitoring like this to the SSH agreement, but because in this case, the SSH agreement of client connects to be set up with supervisory control system, same server end SSH agreement connects also to be set up with supervisory control system, therefore to the forwarding of session replication function, and to the tracking control of full process of each session very difficulty that just becomes.
Summary of the invention
The present invention solves the existing in prior technology technical problem, and the method for session replication and tracking is provided when providing a kind of security terminal simulation protocol to monitor.
Above-mentioned technical problem of the present invention is mainly solved by following technical proposals: the method that realizes session replication and tracking when a kind of security terminal simulation protocol is monitored, implementation step is: the ⑴ supervisory control system is carried out secondary login or agency to the SSH agreement, client is initiated the request that opened session is duplicated to supervisory control system, and ask a sign, supervisory control system responds this session replication request, sets up a new independently virtual session after consulting to finish between supervisory control system and client; ⑵ supervisory control system is initiated the opened session duplicate requests to server end simultaneously, and server end responds this session replication request, and asks a sign, also sets up a new independently virtual session after consulting to finish between server end and supervisory control system; ⑶ the session data that supervisory control system is sent according to client finds out the session channel of corresponding service-oriented device end and sends the data to server by this session channel, the session data that the while supervisory control system is sent according to server end finds out the session channel of corresponding curstomer-oriented end and sends the data to client by this session channel, and the virtual sessions that two ends are all map correspondingly; ⑷ draw the virtual memory screen in internal memory, and the operation of each session of intercepting in this screen, reached the purpose that each session is followed the tracks of separately.
As preferably, among the described step ⑶, supervisory control system is established as a chained list to the mapping of virtual session, and on this chained list, set up respectively with the client session and be the hash table of index and be the hash table of index with the server end session, retrieval in the hash table that with the client session is index when receiving client session data, retrieval in the hash table that with the server end session is index when receiving the server end session data.
As preferably, among the described step ⑷, supervisory control system is all kept a session node to each session, the virtual memory screen is as a member of session node, when receiving session data, find session node and draw this screen, the corresponding operation of intercepting simultaneously.
The present invention has overcome in the existing security terminal simulation protocol technology to the forwarding of session replication function with to the irrealizable defective of the tracking control of full process of each session, satisfying under the prerequisite that the security terminal simulation protocol is monitored by technological means of the present invention, also realized carrying out session replication and tracking when the security terminal simulation protocol is monitored, operation is simple.
Embodiment
Below by embodiment, technical scheme of the present invention is described in further detail.
Embodiment: the method that realizes session replication and tracking when a kind of security terminal simulation protocol of the present invention is monitored, implementation step is: the ⑴ supervisory control system is carried out secondary login or agency to the SSH agreement, client is initiated the request that opened session is duplicated to supervisory control system, and ask a sign, supervisory control system responds this session replication request, sets up a new independently virtual session after consulting to finish between supervisory control system and client; ⑵ supervisory control system is initiated the opened session duplicate requests to server end simultaneously, and server end responds this session replication request, and asks a sign, also sets up a new independently virtual session after consulting to finish between server end and supervisory control system; ⑶ the session data that supervisory control system is sent according to client finds out the session channel of corresponding service-oriented device end and sends the data to server by this session channel, the session data that the while supervisory control system is sent according to server end finds out the session channel of corresponding curstomer-oriented end and sends the data to client by this session channel, and the virtual sessions that two ends are all map correspondingly; ⑷ draw the virtual memory screen in internal memory, and the operation of each session of intercepting in this screen, reached the purpose that each session is followed the tracks of separately.
In the SSH agreement being carried out the process that secondary lands and act on behalf of owing to need monitor to the operation of whole connection procedure, yet in the protocol transmission process decrypted The data of coming out be that the NVT mode is transmitted.So-called NVT is meant network virtual terminal, the operating data that has wherein not only comprised the user, a lot of format informations have also been comprised, therefore only the record data bag is not enough, to resolve packet is counter, simultaneously because the complexity of isomerous environment and the uncertainty of operation only can't correctly parse operation by filtering formatted data.The operation that the present invention adopts the method for drafting virtual memory screen in internal memory to obtain importing, also just be equivalent to the same screen of truly seeing with the user of operating terminal of simulation in internal memory, and the intercepting operation that the user carried out in this screen, so just satisfied correctness and promptness that operation is reduced.Because the user can carry out relatively independent operation in the session that each duplicates out, all need to set up an independently virtual memory screen when therefore each session being followed the tracks of, and in each screen, intercept the operation of each session independently, so just reached the purpose that each session is followed the tracks of separately.
In order to improve efficiency of transmission, supervisory control system is established as a chained list to the mapping of virtual session among the step ⑶, and on this chained list, set up respectively with the client session and be the hash table of index and be the hash table of index with the server end session, retrieval in the hash table that with the client session is index when receiving client session data, retrieval in the hash table that with the server end session is index when receiving the server end session data; Among the step ⑷, supervisory control system is all kept a session node to each session, and the virtual memory screen, finds session node and draws this screen when receiving session data as a member of session node, the corresponding operation of intercepting simultaneously.
At last, should be pointed out that above embodiment only is the more representational example of the present invention.Obviously, technical scheme of the present invention is not limited to the foregoing description, and many distortion can also be arranged.All distortion that those of ordinary skill in the art can directly derive or associate from content disclosed by the invention all should be thought protection scope of the present invention.
Claims (3)
1. realize the method for session replication and tracking when a security terminal simulation protocol is monitored, the performing step that it is characterized in that described method is: the ⑴ supervisory control system is carried out secondary login or agency to the SSH agreement, client is initiated the request that opened session is duplicated to supervisory control system, and ask a sign, supervisory control system responds this session replication request, sets up a new independently virtual session after consulting to finish between supervisory control system and client; ⑵ supervisory control system is initiated the opened session duplicate requests to server end simultaneously, and server end responds this session replication request, and asks a sign, also sets up a new independently virtual session after consulting to finish between server end and supervisory control system; ⑶ the session data that supervisory control system is sent according to client finds out the session channel of corresponding service-oriented device end and sends the data to server by this session channel, the session data that the while supervisory control system is sent according to server end finds out the session channel of corresponding curstomer-oriented end and sends the data to client by this session channel, and the virtual sessions that two ends are all map correspondingly; ⑷ draw the virtual memory screen in internal memory, and the operation of each session of intercepting in this screen, reached the purpose that each session is followed the tracks of separately.
2. when monitoring, realizes a kind of security terminal simulation protocol according to claim 1 the method for session replication and tracking, it is characterized in that among the described step ⑶, supervisory control system is established as a chained list to the mapping of virtual session, and on this chained list, set up respectively with the client session and be the hash table of index and be the hash table of index with the server end session, retrieval in the hash table that with the client session is index when receiving client session data, retrieval in the hash table that with the server end session is index when receiving the server end session data.
3. when monitoring, realizes a kind of security terminal simulation protocol according to claim 1 the method for session replication and tracking, it is characterized in that among the described step ⑷, supervisory control system is all kept a session node to each session, the virtual memory screen is as a member of session node, when receiving session data, find session node and draw this screen, the corresponding operation of intercepting simultaneously.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 201010533530 CN101980481B (en) | 2010-11-05 | 2010-11-05 | Method for realizing session replication and tracking during security terminal emulation protocol monitoring |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 201010533530 CN101980481B (en) | 2010-11-05 | 2010-11-05 | Method for realizing session replication and tracking during security terminal emulation protocol monitoring |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101980481A true CN101980481A (en) | 2011-02-23 |
CN101980481B CN101980481B (en) | 2012-12-05 |
Family
ID=43600966
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN 201010533530 Active CN101980481B (en) | 2010-11-05 | 2010-11-05 | Method for realizing session replication and tracking during security terminal emulation protocol monitoring |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101980481B (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2016188172A1 (en) * | 2015-05-25 | 2016-12-01 | 中兴通讯股份有限公司 | Method and system for implementing remote terminal tool |
CN111143736A (en) * | 2018-11-06 | 2020-05-12 | 广东万丈金数信息技术股份有限公司 | Data transmission method, device, main page server and storage medium |
CN111884833A (en) * | 2020-07-04 | 2020-11-03 | 中国人民解放军海军航空大学航空作战勤务学院 | Simulation system integration method based on network virtualization technology |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101110719A (en) * | 2007-08-24 | 2008-01-23 | 中兴通讯股份有限公司 | Method and system for legally monitoring IP multimedia subsystem network |
CN101114952A (en) * | 2007-08-28 | 2008-01-30 | 飞思达技术(北京)有限公司 | Data flow redirection based VOIP/NGN monitoring, inspecting method and system |
US20080031141A1 (en) * | 2006-08-01 | 2008-02-07 | Tekelec | Methods, systems, and computer program products for monitoring tunneled internet protocol (IP) traffic on a high bandwidth IP network |
CN101420432A (en) * | 2008-12-01 | 2009-04-29 | 华为技术有限公司 | Implementing method, system and apparatus for IMS listening |
US20100220609A1 (en) * | 2009-02-27 | 2010-09-02 | Ascendent Telecommunications Inc. | System and method for reducing call latency in monitored calls |
-
2010
- 2010-11-05 CN CN 201010533530 patent/CN101980481B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080031141A1 (en) * | 2006-08-01 | 2008-02-07 | Tekelec | Methods, systems, and computer program products for monitoring tunneled internet protocol (IP) traffic on a high bandwidth IP network |
CN101110719A (en) * | 2007-08-24 | 2008-01-23 | 中兴通讯股份有限公司 | Method and system for legally monitoring IP multimedia subsystem network |
CN101114952A (en) * | 2007-08-28 | 2008-01-30 | 飞思达技术(北京)有限公司 | Data flow redirection based VOIP/NGN monitoring, inspecting method and system |
CN101420432A (en) * | 2008-12-01 | 2009-04-29 | 华为技术有限公司 | Implementing method, system and apparatus for IMS listening |
US20100220609A1 (en) * | 2009-02-27 | 2010-09-02 | Ascendent Telecommunications Inc. | System and method for reducing call latency in monitored calls |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2016188172A1 (en) * | 2015-05-25 | 2016-12-01 | 中兴通讯股份有限公司 | Method and system for implementing remote terminal tool |
CN111143736A (en) * | 2018-11-06 | 2020-05-12 | 广东万丈金数信息技术股份有限公司 | Data transmission method, device, main page server and storage medium |
CN111143736B (en) * | 2018-11-06 | 2024-02-06 | 广东万丈金数信息技术股份有限公司 | Data transmission method, device, main page server and storage medium |
CN111884833A (en) * | 2020-07-04 | 2020-11-03 | 中国人民解放军海军航空大学航空作战勤务学院 | Simulation system integration method based on network virtualization technology |
Also Published As
Publication number | Publication date |
---|---|
CN101980481B (en) | 2012-12-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104065731B (en) | A kind of ftp file Transmission system and transmission method | |
CN106790420B (en) | A kind of more session channel method for building up and system | |
US9448914B2 (en) | Method and system for implementing remote debugging | |
CN111917727A (en) | Electric power Internet of things safety intelligent image transmission system and method based on 5G and WiFi | |
US20160212098A1 (en) | Load balancing internet protocol security tunnels | |
CN104270334A (en) | SSH (Secure Shell) network security access protocol monitoring method | |
CN102857520B (en) | Telnet protocol security access system and method for character terminal | |
CN105262771A (en) | Attack and defense test method for network safety of power industry | |
CN102665216B (en) | User authentication method for extensible and distributed wireless local area network (WLAN) | |
CN108259467A (en) | A kind of encryption and authentication method of block chain communication system | |
CN104811433A (en) | Distributed IoT (Internet of Things) solution scheme of C/S configuration | |
CN104349208A (en) | Message processing method, message processing device, gateway, set-top box and network television system | |
CN101980481B (en) | Method for realizing session replication and tracking during security terminal emulation protocol monitoring | |
CN102820999A (en) | Management and control system and method for network service level and function of cloud virtual desktop application | |
CN115549932A (en) | Safety access system and access method for massive heterogeneous Internet of things terminals | |
CN102780702B (en) | System and method for document security transmission | |
WO2017005163A1 (en) | Wireless communication-based security authentication device | |
WO2015014085A1 (en) | Protocol conversion method and protocol converter | |
CN101989987B (en) | Method for realizing transmission and tracking of encrypted files at the time of monitoring security terminal emulation protocol | |
US20210352746A1 (en) | Mobile platform communication method, device, system, and storage medium | |
CN104954339A (en) | Electric power emergency repair remote communication method and system | |
CN103401751B (en) | Internet safety protocol tunnel establishing method and device | |
CN109218064A (en) | network management system and management method | |
CN108259249A (en) | Method for network access, router, terminal device, server and network system | |
CN112838933B (en) | Information synchronization method, equipment and storage medium in network traffic analysis |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant |