Nothing Special   »   [go: up one dir, main page]

CN101980481A - Method for realizing session replication and tracking during security terminal emulation protocol monitoring - Google Patents

Method for realizing session replication and tracking during security terminal emulation protocol monitoring Download PDF

Info

Publication number
CN101980481A
CN101980481A CN2010105335304A CN201010533530A CN101980481A CN 101980481 A CN101980481 A CN 101980481A CN 2010105335304 A CN2010105335304 A CN 2010105335304A CN 201010533530 A CN201010533530 A CN 201010533530A CN 101980481 A CN101980481 A CN 101980481A
Authority
CN
China
Prior art keywords
session
control system
supervisory control
client
replication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2010105335304A
Other languages
Chinese (zh)
Other versions
CN101980481B (en
Inventor
黄艺海
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
HANGZHOU SAFETYBASE INFORMATION TECHNOLOGY Co Ltd
Original Assignee
HANGZHOU SAFETYBASE INFORMATION TECHNOLOGY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by HANGZHOU SAFETYBASE INFORMATION TECHNOLOGY Co Ltd filed Critical HANGZHOU SAFETYBASE INFORMATION TECHNOLOGY Co Ltd
Priority to CN 201010533530 priority Critical patent/CN101980481B/en
Publication of CN101980481A publication Critical patent/CN101980481A/en
Application granted granted Critical
Publication of CN101980481B publication Critical patent/CN101980481B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Computer And Data Communications (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention provides a method for realizing session replication and tracking during security terminal emulation protocol monitoring. The method comprises the following steps that: (1) a monitoring system performs secondary login or agency on an SSH protocol, a client initiates a request of starting session replication to the monitoring system, and a new independent virtual session is established between the monitoring system and the client; (2) the monitoring system simultaneously initiates a request of starting session replication to a server, and a new independent virtual session is also established between the server and the monitoring system; (3) the monitoring system correspondingly maps all virtual sessions at two ends; and (4) a virtual memory screen is drawn in the memory, and operation of each session is intercepted in the screen so as to fulfill the aim of independently tracking each session. By the technical means of the invention, on the premise of monitoring the security terminal emulation protocol, session replication and tracking are realized during security terminal emulation protocol monitoring. The method is simple and easy to operate.

Description

When monitoring, realizes a kind of security terminal simulation protocol the method for session replication and tracking
Technical field
The invention belongs to security terminal simulation protocol monitoring technique field, specifically relate to realize when a kind of security terminal simulation protocol is monitored the method for session replication and tracking.
Background technology
Terminal emulation protocol is the common protocol that is used to safeguard UNIX or LINUX server, in early days two kinds of TELNET and RLOGIN are arranged based on the popular agreement of TCP/IP network terminal emulation, but because they adopt mode expressly in the process of Network Transmission, this has produced very big potential safety hazard, the person of having an ulterior motive can be easily in bypass to username and password, even operation is monitored and is intercepted and captured.Therefore these two kinds of agreements are transmitted security terminal simulation protocol safer, with better function (hereinafter to be referred as the SSH agreement) step by step and replace.The SSH agreement not only makes network data transmission safer by the method that adopts the SSL asymmetric encryption, and the SSH agreement also provides the function of opening a plurality of virtual sessions in same TCP connection by the method for tunnel, be the session replication of SSH, be very easy to the server maintenance personnel.Fail safe just because of the SSH agreement, the mode that grasps packet by bypass commonly used can't therefrom obtain valid data, therefore if desired the remote access operation based on SSH is monitored, just must on supervisory control system, carry out secondary and land or act on behalf of, otherwise just can't from ciphered data, restore attendant's operation the SSH agreement.So-called secondary login, be exactly that operating personnel at first sign in on the supervisory control system by the SSH agreement, supervisory control system provides friendly menu interface for the operating personnel that authorized, and operating personnel can select the server of own required login directly to login in menu.So-called agency is exactly operating personnel is appointed as the acting server of SSH agreement with supervisory control system, and all SSH protocol access all visit destination server with supervisory control system as the agency.In sum, can know according to the principle that secondary lands or acts on behalf of, the SSH agreement that operating personnel initiate is connected on the supervisory control system and terminates, all are all initiated by supervisory control system the connection of the destination server of maintenance, supervisory control system is a server for client like this, and be client for server end, by this method can anti-easily parse operation behavior.Can satisfy monitoring like this to the SSH agreement, but because in this case, the SSH agreement of client connects to be set up with supervisory control system, same server end SSH agreement connects also to be set up with supervisory control system, therefore to the forwarding of session replication function, and to the tracking control of full process of each session very difficulty that just becomes.
Summary of the invention
The present invention solves the existing in prior technology technical problem, and the method for session replication and tracking is provided when providing a kind of security terminal simulation protocol to monitor.
Above-mentioned technical problem of the present invention is mainly solved by following technical proposals: the method that realizes session replication and tracking when a kind of security terminal simulation protocol is monitored, implementation step is: the ⑴ supervisory control system is carried out secondary login or agency to the SSH agreement, client is initiated the request that opened session is duplicated to supervisory control system, and ask a sign, supervisory control system responds this session replication request, sets up a new independently virtual session after consulting to finish between supervisory control system and client; ⑵ supervisory control system is initiated the opened session duplicate requests to server end simultaneously, and server end responds this session replication request, and asks a sign, also sets up a new independently virtual session after consulting to finish between server end and supervisory control system; ⑶ the session data that supervisory control system is sent according to client finds out the session channel of corresponding service-oriented device end and sends the data to server by this session channel, the session data that the while supervisory control system is sent according to server end finds out the session channel of corresponding curstomer-oriented end and sends the data to client by this session channel, and the virtual sessions that two ends are all map correspondingly; ⑷ draw the virtual memory screen in internal memory, and the operation of each session of intercepting in this screen, reached the purpose that each session is followed the tracks of separately.
As preferably, among the described step ⑶, supervisory control system is established as a chained list to the mapping of virtual session, and on this chained list, set up respectively with the client session and be the hash table of index and be the hash table of index with the server end session, retrieval in the hash table that with the client session is index when receiving client session data, retrieval in the hash table that with the server end session is index when receiving the server end session data.
As preferably, among the described step ⑷, supervisory control system is all kept a session node to each session, the virtual memory screen is as a member of session node, when receiving session data, find session node and draw this screen, the corresponding operation of intercepting simultaneously.
The present invention has overcome in the existing security terminal simulation protocol technology to the forwarding of session replication function with to the irrealizable defective of the tracking control of full process of each session, satisfying under the prerequisite that the security terminal simulation protocol is monitored by technological means of the present invention, also realized carrying out session replication and tracking when the security terminal simulation protocol is monitored, operation is simple.
Embodiment
Below by embodiment, technical scheme of the present invention is described in further detail.
Embodiment: the method that realizes session replication and tracking when a kind of security terminal simulation protocol of the present invention is monitored, implementation step is: the ⑴ supervisory control system is carried out secondary login or agency to the SSH agreement, client is initiated the request that opened session is duplicated to supervisory control system, and ask a sign, supervisory control system responds this session replication request, sets up a new independently virtual session after consulting to finish between supervisory control system and client; ⑵ supervisory control system is initiated the opened session duplicate requests to server end simultaneously, and server end responds this session replication request, and asks a sign, also sets up a new independently virtual session after consulting to finish between server end and supervisory control system; ⑶ the session data that supervisory control system is sent according to client finds out the session channel of corresponding service-oriented device end and sends the data to server by this session channel, the session data that the while supervisory control system is sent according to server end finds out the session channel of corresponding curstomer-oriented end and sends the data to client by this session channel, and the virtual sessions that two ends are all map correspondingly; ⑷ draw the virtual memory screen in internal memory, and the operation of each session of intercepting in this screen, reached the purpose that each session is followed the tracks of separately.
In the SSH agreement being carried out the process that secondary lands and act on behalf of owing to need monitor to the operation of whole connection procedure, yet in the protocol transmission process decrypted The data of coming out be that the NVT mode is transmitted.So-called NVT is meant network virtual terminal, the operating data that has wherein not only comprised the user, a lot of format informations have also been comprised, therefore only the record data bag is not enough, to resolve packet is counter, simultaneously because the complexity of isomerous environment and the uncertainty of operation only can't correctly parse operation by filtering formatted data.The operation that the present invention adopts the method for drafting virtual memory screen in internal memory to obtain importing, also just be equivalent to the same screen of truly seeing with the user of operating terminal of simulation in internal memory, and the intercepting operation that the user carried out in this screen, so just satisfied correctness and promptness that operation is reduced.Because the user can carry out relatively independent operation in the session that each duplicates out, all need to set up an independently virtual memory screen when therefore each session being followed the tracks of, and in each screen, intercept the operation of each session independently, so just reached the purpose that each session is followed the tracks of separately.
In order to improve efficiency of transmission, supervisory control system is established as a chained list to the mapping of virtual session among the step ⑶, and on this chained list, set up respectively with the client session and be the hash table of index and be the hash table of index with the server end session, retrieval in the hash table that with the client session is index when receiving client session data, retrieval in the hash table that with the server end session is index when receiving the server end session data; Among the step ⑷, supervisory control system is all kept a session node to each session, and the virtual memory screen, finds session node and draws this screen when receiving session data as a member of session node, the corresponding operation of intercepting simultaneously.
At last, should be pointed out that above embodiment only is the more representational example of the present invention.Obviously, technical scheme of the present invention is not limited to the foregoing description, and many distortion can also be arranged.All distortion that those of ordinary skill in the art can directly derive or associate from content disclosed by the invention all should be thought protection scope of the present invention.

Claims (3)

1. realize the method for session replication and tracking when a security terminal simulation protocol is monitored, the performing step that it is characterized in that described method is: the ⑴ supervisory control system is carried out secondary login or agency to the SSH agreement, client is initiated the request that opened session is duplicated to supervisory control system, and ask a sign, supervisory control system responds this session replication request, sets up a new independently virtual session after consulting to finish between supervisory control system and client; ⑵ supervisory control system is initiated the opened session duplicate requests to server end simultaneously, and server end responds this session replication request, and asks a sign, also sets up a new independently virtual session after consulting to finish between server end and supervisory control system; ⑶ the session data that supervisory control system is sent according to client finds out the session channel of corresponding service-oriented device end and sends the data to server by this session channel, the session data that the while supervisory control system is sent according to server end finds out the session channel of corresponding curstomer-oriented end and sends the data to client by this session channel, and the virtual sessions that two ends are all map correspondingly; ⑷ draw the virtual memory screen in internal memory, and the operation of each session of intercepting in this screen, reached the purpose that each session is followed the tracks of separately.
2. when monitoring, realizes a kind of security terminal simulation protocol according to claim 1 the method for session replication and tracking, it is characterized in that among the described step ⑶, supervisory control system is established as a chained list to the mapping of virtual session, and on this chained list, set up respectively with the client session and be the hash table of index and be the hash table of index with the server end session, retrieval in the hash table that with the client session is index when receiving client session data, retrieval in the hash table that with the server end session is index when receiving the server end session data.
3. when monitoring, realizes a kind of security terminal simulation protocol according to claim 1 the method for session replication and tracking, it is characterized in that among the described step ⑷, supervisory control system is all kept a session node to each session, the virtual memory screen is as a member of session node, when receiving session data, find session node and draw this screen, the corresponding operation of intercepting simultaneously.
CN 201010533530 2010-11-05 2010-11-05 Method for realizing session replication and tracking during security terminal emulation protocol monitoring Active CN101980481B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 201010533530 CN101980481B (en) 2010-11-05 2010-11-05 Method for realizing session replication and tracking during security terminal emulation protocol monitoring

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 201010533530 CN101980481B (en) 2010-11-05 2010-11-05 Method for realizing session replication and tracking during security terminal emulation protocol monitoring

Publications (2)

Publication Number Publication Date
CN101980481A true CN101980481A (en) 2011-02-23
CN101980481B CN101980481B (en) 2012-12-05

Family

ID=43600966

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 201010533530 Active CN101980481B (en) 2010-11-05 2010-11-05 Method for realizing session replication and tracking during security terminal emulation protocol monitoring

Country Status (1)

Country Link
CN (1) CN101980481B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016188172A1 (en) * 2015-05-25 2016-12-01 中兴通讯股份有限公司 Method and system for implementing remote terminal tool
CN111143736A (en) * 2018-11-06 2020-05-12 广东万丈金数信息技术股份有限公司 Data transmission method, device, main page server and storage medium
CN111884833A (en) * 2020-07-04 2020-11-03 中国人民解放军海军航空大学航空作战勤务学院 Simulation system integration method based on network virtualization technology

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101110719A (en) * 2007-08-24 2008-01-23 中兴通讯股份有限公司 Method and system for legally monitoring IP multimedia subsystem network
CN101114952A (en) * 2007-08-28 2008-01-30 飞思达技术(北京)有限公司 Data flow redirection based VOIP/NGN monitoring, inspecting method and system
US20080031141A1 (en) * 2006-08-01 2008-02-07 Tekelec Methods, systems, and computer program products for monitoring tunneled internet protocol (IP) traffic on a high bandwidth IP network
CN101420432A (en) * 2008-12-01 2009-04-29 华为技术有限公司 Implementing method, system and apparatus for IMS listening
US20100220609A1 (en) * 2009-02-27 2010-09-02 Ascendent Telecommunications Inc. System and method for reducing call latency in monitored calls

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080031141A1 (en) * 2006-08-01 2008-02-07 Tekelec Methods, systems, and computer program products for monitoring tunneled internet protocol (IP) traffic on a high bandwidth IP network
CN101110719A (en) * 2007-08-24 2008-01-23 中兴通讯股份有限公司 Method and system for legally monitoring IP multimedia subsystem network
CN101114952A (en) * 2007-08-28 2008-01-30 飞思达技术(北京)有限公司 Data flow redirection based VOIP/NGN monitoring, inspecting method and system
CN101420432A (en) * 2008-12-01 2009-04-29 华为技术有限公司 Implementing method, system and apparatus for IMS listening
US20100220609A1 (en) * 2009-02-27 2010-09-02 Ascendent Telecommunications Inc. System and method for reducing call latency in monitored calls

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016188172A1 (en) * 2015-05-25 2016-12-01 中兴通讯股份有限公司 Method and system for implementing remote terminal tool
CN111143736A (en) * 2018-11-06 2020-05-12 广东万丈金数信息技术股份有限公司 Data transmission method, device, main page server and storage medium
CN111143736B (en) * 2018-11-06 2024-02-06 广东万丈金数信息技术股份有限公司 Data transmission method, device, main page server and storage medium
CN111884833A (en) * 2020-07-04 2020-11-03 中国人民解放军海军航空大学航空作战勤务学院 Simulation system integration method based on network virtualization technology

Also Published As

Publication number Publication date
CN101980481B (en) 2012-12-05

Similar Documents

Publication Publication Date Title
CN104065731B (en) A kind of ftp file Transmission system and transmission method
CN106790420B (en) A kind of more session channel method for building up and system
US9448914B2 (en) Method and system for implementing remote debugging
CN111917727A (en) Electric power Internet of things safety intelligent image transmission system and method based on 5G and WiFi
US20160212098A1 (en) Load balancing internet protocol security tunnels
CN104270334A (en) SSH (Secure Shell) network security access protocol monitoring method
CN102857520B (en) Telnet protocol security access system and method for character terminal
CN105262771A (en) Attack and defense test method for network safety of power industry
CN102665216B (en) User authentication method for extensible and distributed wireless local area network (WLAN)
CN108259467A (en) A kind of encryption and authentication method of block chain communication system
CN104811433A (en) Distributed IoT (Internet of Things) solution scheme of C/S configuration
CN104349208A (en) Message processing method, message processing device, gateway, set-top box and network television system
CN101980481B (en) Method for realizing session replication and tracking during security terminal emulation protocol monitoring
CN102820999A (en) Management and control system and method for network service level and function of cloud virtual desktop application
CN115549932A (en) Safety access system and access method for massive heterogeneous Internet of things terminals
CN102780702B (en) System and method for document security transmission
WO2017005163A1 (en) Wireless communication-based security authentication device
WO2015014085A1 (en) Protocol conversion method and protocol converter
CN101989987B (en) Method for realizing transmission and tracking of encrypted files at the time of monitoring security terminal emulation protocol
US20210352746A1 (en) Mobile platform communication method, device, system, and storage medium
CN104954339A (en) Electric power emergency repair remote communication method and system
CN103401751B (en) Internet safety protocol tunnel establishing method and device
CN109218064A (en) network management system and management method
CN108259249A (en) Method for network access, router, terminal device, server and network system
CN112838933B (en) Information synchronization method, equipment and storage medium in network traffic analysis

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant