CN107231271A - A kind of detection method and device of shared verification - Google Patents
A kind of detection method and device of shared verification Download PDFInfo
- Publication number
- CN107231271A CN107231271A CN201710271850.9A CN201710271850A CN107231271A CN 107231271 A CN107231271 A CN 107231271A CN 201710271850 A CN201710271850 A CN 201710271850A CN 107231271 A CN107231271 A CN 107231271A
- Authority
- CN
- China
- Prior art keywords
- address
- detection
- user terminal
- page
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 193
- 238000012795 verification Methods 0.000 title claims abstract description 83
- 238000013515 script Methods 0.000 claims abstract description 20
- 238000012360 testing method Methods 0.000 claims abstract description 11
- 238000000034 method Methods 0.000 claims description 17
- 230000005540 biological transmission Effects 0.000 abstract description 5
- 238000005516 engineering process Methods 0.000 description 5
- 238000007689 inspection Methods 0.000 description 5
- 238000004891 communication Methods 0.000 description 4
- 230000006399 behavior Effects 0.000 description 3
- 238000012546 transfer Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/50—Testing arrangements
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Environmental & Geological Engineering (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a kind of detection method and device of shared verification, the detection method includes:In default detection duration, detect the message of user terminal transmission in target LAN after HTTP HTTP message, to kidnap the flow of the HTTP message;The detection page is pushed to the user terminal, the IP address of internal network and corresponding public network IP address of the user terminal are obtained by the detection page, the detection page carries the script of the IP address of internal network and corresponding public network IP address that obtain user terminal;The quantity of the corresponding IP address of internal network of public network IP address got in the default detection duration is analyzed, the testing result of shared verification in the target LAN is determined according to the result of analysis.The detection method, it is adaptable to install the user terminal of any system, in the absence of misidentifying and using confinement problems, applicability is more preferable.
Description
Technical field
The present invention relates to Internet communication technology field, more particularly to a kind of detection method and device of shared verification.
Background technology
Generally, user, can be in a collective (such as school or enterprise) in order to save cost and protection internal network
Portion sets up a LAN, is surfed the Net in LAN by the way of shared verification, i.e., multiple Intranet (LAN) users pass through
Routing device is carried out after network address translation, and outer net (wide area network) is connected using same public network IP address.And outer net company is provided
Consideration of the operator for interests and management aspect of service is connect, shared verification can be controlled, wherein, it is necessary first to altogether
Online is enjoyed to be detected.
In the prior art, outer net manager is generally arranged for detecting between the LAN and outer net for needing to be managed
The detection means of shared verification, is detected to the shared verification of user.The detection method of shared verification include it is a variety of, for example,
First method is IP (agreement interconnected between Internet Protocol, network) message ID (Identifier, head mark
Know symbol) characteristic detection method, the ID values of the header of the IP messages mainly sent by same terminal are linear to be increased, and is passed through
Detect the change curve of the ID values of the header of the IP messages received, you can judge to send net where the terminal of IP messages
Network whether there is the phenomenon of shared verification.But this detection method is only effective to installing the terminal of Windows systems, for installing
The terminal of linux system, because linear relationship is not present in the ID values of the header of the IP messages of its transmission between a plurality of stream,
It is easily caused misrecognition.Second method is user agent (USER-AGENT) feature detection techniques, mainly in HTTP
In (HyperText Transfer Protocol, HTTP) stream, the USER-AGENT fields of header can be taken
The system information of tape terminal, uses the system information can be with distinguishing terminal.But in this method, terminal in USER-AGENT fields
System information may not be the real system information of terminal, be equally easily caused misrecognition.The third method is the TCP times
Detection method is stabbed, mainly each terminal is respectively provided with a timestamp clock, and the timestamp clock opens it in corresponding terminal
Afterwards, linear increase after an initial value is taken, therefore the timestamp of the TCP message carrying of each terminal transmission is different, thus
Terminal can be made a distinction.But this method is more effective for the terminal for installing linux system, and installs Windows systems
The message that the terminal of system is sent does not carry timestamp, it is impossible to detected that is, this method has certain limitation using this method
Property.
In summary, the detection method of existing shared verification, the problem of existing using limitation and misrecognition.
The content of the invention
The invention provides a kind of detection method and device of shared verification, to solve the detection side of existing shared verification
Method, the problem of existing using limitation and misrecognition.
In a first aspect, the invention provides a kind of detection method of shared verification, the detection method includes:In default detection
In duration, detect the message of user terminal transmission in target LAN after HTTP HTTP message, to kidnap institute
State the flow of HTTP message;The detection page is pushed to the user terminal, the user terminal is obtained by the detection page
IP address of internal network and corresponding public network IP address, the detection page carry obtain user terminal IP address of internal network and phase
Answer the script of public network IP address;Analyze the public network IP address corresponding IP address of internal network got in the default detection duration
Quantity, the testing result of shared verification in the target LAN is determined according to the result of analysis.
Further, before pushing the detection page to the user terminal, the detection method also includes:Determine the HTTP reports
The source IP address of text;Judge whether push the number of times for detecting the page to the source IP address in the default detection duration
More than predetermined threshold value;If it is, the number of times for pushing the detection page to the source IP address of record is updated to zero, with
And stop at the subsequent operation for carrying out shared verification detection in the default detection duration to the target LAN;Or, if
It is no, then perform the follow-up operation for being pushed to the user terminal and detecting the page.
Further, after pushing the detection page to the user terminal, this method also includes:More new record to the source
IP address pushes the number of times of the detection page.
Further, it is HTTP HTTP message to detect the message that user terminal is sent in target LAN
Afterwards, before the flow for kidnapping the HTTP message, the detection method also includes:Detect that the user of the target LAN is whole in real time
Whether the message that end is sent is HTTP message;If it is, performing the operation for the flow for subsequently kidnapping the HTTP message;Or,
If it is not, then re-execute detect the target LAN user terminal send message whether be HTTP message operation,
Until the default detection duration terminates.
Further, the process of the testing result of shared verification in the target LAN is determined according to the result of analysis, is had
Body includes:If the quantity of the corresponding IP address of internal network of the public network IP address is more than or equal to predetermined number, it is determined that described
There is shared verification in target LAN;Or, preset if the quantity of the corresponding IP address of internal network of the public network IP address is less than
Quantity, it is determined that shared verification is not present in the target LAN.
Second aspect, present invention also offers a kind of detection means of shared verification, the detection means includes:Flow is kidnapped
Module, in default detection duration, detecting the message that user terminal is sent in target LAN and being assisted for Hyper text transfer
Discuss after HTTP message, kidnap the flow of the HTTP message;IP address acquisition module, is detected for being pushed to the user terminal
The page, the IP address of internal network and corresponding public network IP address of the user terminal, the detection are obtained by the detection page
The page carries the script of the IP address of internal network and corresponding public network IP address that obtain user terminal;Analysis module, for analyzing
The quantity of the corresponding IP address of internal network of public network IP address got in default detection duration is stated, institute is determined according to the result of analysis
State the testing result of shared verification in target LAN.
Further, the detection means also includes:Source IP address determining module, the source IP for determining the HTTP message
Location;Judge module, for judging to push the number of times for detecting the page to the source IP address in the default detection duration
Whether predetermined threshold value is more than;If it is, the number of times for pushing the detection page to the source IP address of record is updated to
Zero, and stop at the subsequent operation for carrying out shared verification detection in the default detection duration to the target LAN;Or,
If it is not, then performing the follow-up operation for being pushed to the user terminal and detecting the page.
Further, the detection means also includes:Meter record update module, is pushed for more new record to the source IP address
The number of times of the detection page.
Further, the detection means also includes:Packet check module, the user for detecting the target LAN in real time
Whether the message that terminal is sent is HTTP message;If it is, performing the operation for the flow for subsequently kidnapping the HTTP message;
Or, if it is not, then re-execute detect the target LAN user terminal send message whether be HTTP message behaviour
Make, until the default detection duration terminates.
Further, the analysis module is used for the inspection that shared verification in the target LAN is determined according to the result of analysis
Result is surveyed, is specifically included:The analysis module is used to perform operations described below:If the corresponding Intranet IP of the public network IP address
The quantity of location is more than or equal to predetermined number, it is determined that there is shared verification in the target LAN;Or, if the public network
The quantity of the corresponding IP address of internal network of IP address is less than predetermined number, it is determined that be not present in the target LAN on shared
Net.
Technical scheme provided in an embodiment of the present invention can include the following benefits:Shared the invention provides one kind
In the detection method and device of net, the detection method, by kidnapping the flow for each HTTP message that user terminal is sent, to
The user terminal for sending the HTTP message pushes and carries the IP address of internal network and corresponding public network IP address that obtain user terminal
The detection page of script, the IP address of internal network of the user terminal for sending the HTTP message is obtained and corresponding by the detection page
Public network IP address, afterwards by the number of the corresponding IP address of internal network of public network IP address got in the default detection duration of analysis
Amount, you can determine in the default detection duration corresponding period, whether deposited in the corresponding target LAN of the public network IP address
In the situation of shared verification.The detection method, user's end for installing Windows systems and linux system or other systems
End is applicable, in the absence of using limitation, the problem of will not also misidentifying, and applicability is more preferable.
Brief description of the drawings
In order to illustrate more clearly of the technical scheme of the application, letter will be made to the required accompanying drawing used in embodiment below
Singly introduce, it should be apparent that, for those of ordinary skills, without having to pay creative labor,
Other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is a kind of schematic flow sheet of the detection method of shared verification provided in an embodiment of the present invention;
Fig. 2 is a kind of structured flowchart of the detection means of shared verification provided in an embodiment of the present invention.
Embodiment
With reference to background technology understand, Virtual network operator in order to in some LAN shared verification situation carry out detection and
The detection means for detecting shared verification is arranged in management, network that can be between the LAN and outer net, using the detection
Device is detected and managed to the shared verification situation in the LAN.Based on this, the inspection of shared verification that the present invention is provided
In survey method, by the detection means for detecting shared verification, using bypass or serial manner, target LAN is accessed and outer
In communication network between net, so, the user terminal of any one in target LAN is sent to any one message of outer net,
The detection means can be first sent to, is sent afterwards by the detection means to outer net.Herein, detected current
LAN is defined as target LAN.The quantity of target LAN can be one, or multiple, you can to use the inspection
Situation of the device simultaneously to shared verification in one or more target LANs is surveyed to detect.
When carrying out shared verification detection to any one target LAN, typically in one section of duration, the target
The situation of shared verification is detected in LAN, therefore, and the situation of shared verification is detected in the target LAN
Before, it will usually pre-set a default detection duration, the default detection duration can arbitrarily be set according to actual needs
Calmly, the situation of shared verification is detected in default detection duration to the target LAN;Or, can also be with default inspection
A length of cycle during survey, persistently the situation to shared verification in the target LAN detect.When below with a default detection
Exemplified by length, the specific embodiment of the detection method for the shared verification that the present invention is provided is discussed in detail.
Referring to Fig. 1, Fig. 1 is illustrated that a kind of flow signal of the detection method of shared verification provided in an embodiment of the present invention
Figure.Understand that the detection method includes with reference to Fig. 1:
Step 101, in default detection duration, it is hypertext to detect the message that user terminal is sent in target LAN
After host-host protocol HTTP message, the flow of the HTTP message is kidnapped.
Understood with reference to aforementioned background art content, if it is possible to determine that there are multiple user terminals in target LAN uses
Same public network IP address accesses outer net, you can determine there is a situation where shared verification in the target LAN.And if target
There are multiple user terminals in LAN and access outer net using same public network IP address, because each user terminal can be right
An IP address of internal network is answered, the public network IP address will correspond to multiple IP address of internal network.So, as long as determining the target LAN
Whether corresponding public network IP address corresponds to multiple IP address of internal network, you can determine to whether there is shared verification in the target LAN
Situation.Thus, as long as using the detection means being arranged between target LAN and outer net in network, to being used in the LAN
The IP address of internal network and public network IP address of family terminal are analyzed, it is possible to determine the feelings of shared verification in the target LAN
Condition.
In WebRTC (Web Real-Time Communication, webpage real-time Communication for Power) technology, pass through
JavaScript interface can get the IP address of internal network and corresponding public network IP address of user terminal, and based on this, the present invention is real
Apply example and use the user terminal into target LAN, the method for pushing the detection page with JavaScript scripts is obtained and used
The IP address of internal network of family terminal and corresponding public network IP address, wherein, JavaScript scripts can pass through WebRTC technical limit spacings
The IP address of internal network of user terminal and corresponding public network IP address.And want to realize the detection page for pushing to user terminal and carrying script
Face, and allow script to perform, it is necessary to the flow of the HTTP message by browser access webpage is kidnapped, therefore, to target office
, it is necessary to kidnap the HTTP message that user terminal is sent in the target LAN when situation of shared verification is detected in the net of domain
Flow.
When it is implemented, wanting to detect in some period, in target LAN during the situation of shared verification, in detection dress
Put it is middle will detect that the time started be set to the initial time of the period, by default detection duration be set to the period when
It is long.Afterwards, in default detection duration, detect in real time user terminal is sent in the target LAN each message whether be
HTTP message;If it is HTTP message to detect the message that user terminal is sent in the target LAN, the HTTP is kidnapped
The flow of message;Or, if it is not HTTP message to detect the message that user terminal is sent in the target LAN, then again
Whether the message that the user terminal of the perform detection target LAN is sent is the operation of HTTP message, until presetting detection duration
Terminate.In a word, it is desirable in the default detection duration of detection, the situation of shared verification in target LAN, it is necessary first to kidnap the section
In default detection duration, the flow for each HTTP message that user terminal is sent in the target LAN.If target local
Net then in default detection duration, kidnaps each HTTP that user terminal is sent in each target LAN including multiple
The flow of message.
Step 102, the detection page is pushed to the user terminal, pass through the detection page and obtain the user terminal
IP address of internal network and corresponding public network IP address, the detection page carry the IP address of internal network that obtains user terminal and corresponding
The script of public network IP address.
Detection means is kidnapped to after the flow of any one HTTP message, is pushed to the user terminal for sending the HTTP message
Detect the page, the detection page carry obtain user terminal IP address of internal network and corresponding public network IP address script (for example
Can be by the IP address of internal network and the JavaScript scripts of corresponding public network IP address of WebRTC technical limit spacing user terminals),
After the detection page push to the user terminal, the script that the detection page is carried is performed automatically, and script is obtained after being performed
The IP address of internal network and corresponding public network IP address of the user terminal are got, and it is by the IP address of internal network got and public accordingly
Net IP address is sent to detection means;And record has the net that the user terminal is desired access in the script that the detection page is carried
The network address stood, script is got after being performed after the IP address of internal network and corresponding public network IP address of the user terminal, can be by
The browsing pages of the user terminal are redirected to the page for the website that the user terminal is desired access to, and do not interfere with user and access outer
The using effect of net.So, detection means can just get the user for sending each HTTP message by the detection page
The IP address of internal network of terminal and corresponding public network IP address.
In some optional embodiments, for the more accurate feelings for efficiently detecting shared verification in target LAN
Condition, can limit the number of times that the detection page is pushed to each source IP address, it is to avoid pushed to same source IP address and detect the page
Number of times is too many, causes the analysis for the replicate analysis of same source IP address being calculated and being reduced to more source IP address to calculate, influence
The detection efficiency and accuracy of shared verification.When the situation of shared verification in target LAN is detected, it can kidnap
To any one HTTP message, before pushing the detection page to the user terminal for sending the HTTP message, first determine that the HTTP is reported
The source IP address of text, judges to push whether the number of times for detecting the page is more than default threshold to the source IP address in default detection duration
Value;If it is, the number of times for pushing the detection page to the source IP address of record is updated into zero, and stop at described
The subsequent operation of shared verification detection is carried out in default detection duration to the target LAN;Or, if it is not, then perform it is follow-up to
The user terminal for sending the HTTP message pushes the operation of the detection page, and after the detection page is pushed to the user terminal,
The number of times that the detection page is pushed to the source IP address of more new record, being pushed to the source IP address for will recording detects the page
Number of times increase by 1.Wherein, predetermined threshold value can be set according to actual needs, if it is desired to which detection is more accurate, the default threshold
Value could be arranged to less value, and such as 2, but 2 can not be less than;If the precision for testing result is not limited, only need just
Slightly understand in target LAN whether there may be shared verification, then the value of the predetermined threshold value could be arranged to slightly larger value, example
Any one value in such as 5~10.
The number of the corresponding IP address of internal network of public network IP address got in step 103, the analysis default detection duration
Amount, the testing result of shared verification in the target LAN is determined according to the result of analysis.
In default detection duration, detection means is with getting the Intranet IP for the user terminal for sending each HTTP message
Behind location and public network IP address, by analyzing the corresponding Intranet IP of each public network IP address got in the default detection duration
The quantity of address, it is possible to determine within the default detection duration corresponding period, the corresponding target office of the public network IP address
The situation of shared verification in the net of domain.If the quantity of the corresponding IP address of internal network of some public network IP address is more than or equal to default
Quantity, it is determined that there is shared verification in the corresponding target LAN of the public network IP address;Or, if public network IP address correspondence
The quantity of IP address of internal network be less than predetermined number, it is determined that be not present in the corresponding target LAN of the public network IP address shared
Online, wherein, predetermined number could be arranged to 2.If for example, the quantity of the corresponding IP address of internal network of some public network IP address
For 3, then after can determining since the detection, preset in the detection duration corresponding period, the corresponding target of the public network IP address
There is a situation where shared verification in LAN.If the quantity of the corresponding IP address of internal network of some public network IP address is 1, can
After determining since the detection, preset in the detection duration corresponding period, in the corresponding target LAN of the public network IP address
In the absence of the situation of shared verification.
In the detection method of shared verification provided in an embodiment of the present invention, by kidnap user terminal send each
The flow of HTTP message, to send the HTTP message user terminal push carry obtain user terminal IP address of internal network and
The detection page of the script of corresponding public network IP address, is obtained by the detection page in the user terminal for sending the HTTP message
Net IP address and corresponding public network IP address, it is corresponding by the public network IP address got in the default detection duration of analysis afterwards
The quantity of IP address of internal network, you can determine in the default detection duration corresponding period, the corresponding target of the public network IP address
It whether there is the situation of shared verification in LAN.The detection method, for install Windows systems and linux system or its
The user terminal of his system is applicable, in the absence of using limitation, the problem of will not also misidentifying, and applicability is more preferable.
Detection method with above-mentioned shared verification is corresponding, and present invention also offers a kind of detection means of shared verification.
Referring to Fig. 2, Fig. 2 is illustrated that a kind of structural frames of the detection means of shared verification provided in an embodiment of the present invention
Figure.Understand that the detection means includes with reference to Fig. 2:Flow kidnaps module 201, in default detection duration, detecting target
After the message of user terminal transmission is HTTP HTTP message in LAN, the flow of the HTTP message is kidnapped;
IP address acquisition module 202, for pushing the detection page to the user terminal, the user is obtained by the detection page
The IP address of internal network of terminal and corresponding public network IP address, the detection page carry the IP address of internal network for obtaining user terminal
With the script of corresponding public network IP address;Analysis module 203, for analyzing the public network IP got in the default detection duration
The quantity of the corresponding IP address of internal network in location, the detection knot of shared verification in the target LAN is determined according to the result of analysis
Really.
Further, the detection means also includes:Source IP address determining module 204, the source for determining the HTTP message
IP address;Judge module 205, for judging to push the detection page to the source IP address in the default detection duration
Number of times whether be more than predetermined threshold value;If it is, record is pushed into the number of times for detecting the page to the source IP address
Zero is updated to, and stops at the follow-up behaviour for carrying out shared verification detection in the default detection duration to the target LAN
Make;Or, if it is not, then perform the follow-up operation for being pushed to the user terminal and detecting the page.
Further, the detection means also includes:Meter record update module 206, for more new record to the source IP address
Push the number of times of the detection page.
Further, the detection means also includes:Packet check module 207, for detecting the target LAN in real time
Whether the message that user terminal is sent is HTTP message;If it is, performing the behaviour for the flow for subsequently kidnapping the HTTP message
Make;Or, detect whether the message that the user terminal of the target LAN is sent is HTTP message if it is not, then re-executing
Operation, until the default detection duration terminates.
Further, the analysis module 203 is used to determine shared verification in the target LAN according to the result of analysis
Testing result, specifically include:The analysis module is used to perform operations described below:If the corresponding Intranet of the public network IP address
The quantity of IP address is more than or equal to predetermined number, it is determined that there is shared verification in the target LAN;Or, it is if described
The quantity of the corresponding IP address of internal network of public network IP address is less than predetermined number, it is determined that be not present in the target LAN shared
Online.
The detection means of shared verification provided in an embodiment of the present invention, it is possible to implement the detection method of above-mentioned shared verification
Each specific steps, by kidnapping the flow for each HTTP message that user terminal is sent, to sending the HTTP message
User terminal pushes the detection page for the script for carrying the IP address of internal network for obtaining user terminal and corresponding public network IP address, leads to
Cross IP address of internal network and corresponding public network IP address that the detection page obtains the user terminal for sending the HTTP message, Zhi Houtong
Cross the quantity of the corresponding IP address of internal network of public network IP address got in the default detection duration of analysis, you can determine default inspection
Survey in the duration corresponding period, whether there is the situation of shared verification in the corresponding target LAN of the public network IP address.Should
Detection means, is applicable for installing Windows systems and linux system or the user terminal of other systems, in the absence of using
Limitation, the problem of will not also misidentifying, applicability is more preferable.
In the specific implementation, the present invention also provides a kind of computer-readable storage medium, wherein, the computer-readable storage medium can be stored
There is program, the program may include the part or complete in each embodiment of the detection method for the shared verification that the present invention is provided when performing
Portion's step.Described storage medium can be magnetic disc, CD, read-only memory (English:Read-only memory, referred to as:
ROM) or random access memory (English:Random access memory, referred to as:RAM) etc..
It is required that those skilled in the art can be understood that the technology in the embodiment of the present invention can add by software
The mode of general hardware platform realize.Understood based on such, the technical scheme in the embodiment of the present invention substantially or
Say that the part contributed to prior art can be embodied in the form of software product, the computer software product can be deposited
Storage is in storage medium, such as ROM/RAM, magnetic disc, CD, including some instructions are to cause a computer equipment (can be with
It is personal computer, server, or network equipment etc.) perform some part institutes of each of the invention embodiment or embodiment
The method stated.
Between the embodiment of each in this specification identical similar part mutually referring to.Especially for shared verification
Detection means embodiment for, because it is substantially similar to embodiment of the method, so description is fairly simple, related part is joined
The explanation seen in embodiment of the method.
Invention described above embodiment is not intended to limit the scope of the present invention..
Claims (10)
1. a kind of detection method of shared verification, it is characterised in that including:
In default detection duration, it is HTTP HTTP to detect the message that user terminal is sent in target LAN
After message, the flow of the HTTP message is kidnapped;
Push the detection page to the user terminal, by the detection page obtain the user terminal IP address of internal network and
Corresponding public network IP address, the detection page carries the IP address of internal network for obtaining user terminal and corresponding public network IP address
Script;
The quantity of the corresponding IP address of internal network of public network IP address got in the default detection duration is analyzed, according to analysis
As a result the testing result of shared verification in the target LAN is determined.
2. detection method as claimed in claim 1, it is characterised in that, should before pushing the detection page to the user terminal
Detection method also includes:
Determine the source IP address of the HTTP message;
Judge whether the number of times for pushing the detection page to the source IP address in the default detection duration is more than default
Threshold value;If it is, the number of times for pushing the detection page to the source IP address of record is updated into zero, and stop at
The subsequent operation of shared verification detection is carried out in the default detection duration to the target LAN;Or, if it is not, then perform
It is follow-up that the operation for detecting the page is pushed to the user terminal.
3. detection method as claimed in claim 2, it is characterised in that, should after pushing the detection page to the user terminal
Method also includes:
The number of times that the detection page is pushed to the source IP address of more new record.
4. detection method as claimed in claim 1, it is characterised in that detect the report that user terminal is sent in target LAN
Text is after HTTP HTTP message, before the flow for kidnapping the HTTP message, the detection method also includes:
Detect whether the message that the user terminal of the target LAN is sent is HTTP message in real time;If it is, after performing
The operation of the continuous flow for kidnapping the HTTP message;Or, detect that the user of the target LAN is whole if it is not, then re-executing
Hold send message whether be HTTP message operation, until it is described it is default detection duration terminate.
5. detection method as claimed in claim 1, it is characterised in that determined according to the result of analysis in the target LAN
The process of the testing result of shared verification, is specifically included:
If the quantity of the corresponding IP address of internal network of the public network IP address is more than or equal to predetermined number, it is determined that the target
There is shared verification in LAN;Or,
If the quantity of the corresponding IP address of internal network of the public network IP address is less than predetermined number, it is determined that the target LAN
In be not present shared verification.
6. a kind of detection means of shared verification, it is characterised in that including:
Flow kidnaps module, in default detection duration, detecting the message that user terminal is sent in target LAN to be
After HTTP HTTP message, the flow of the HTTP message is kidnapped;
IP address acquisition module, for pushing the detection page to the user terminal, described use is obtained by the detection page
The IP address of internal network of family terminal and corresponding public network IP address, the detection page is with carrying the Intranet IP of acquisition user terminal
Location and the script of corresponding public network IP address;
Analysis module, the number for analyzing the corresponding IP address of internal network of public network IP address got in the default detection duration
Amount, the testing result of shared verification in the target LAN is determined according to the result of analysis.
7. detection means as claimed in claim 6, it is characterised in that the detection means also includes:
Source IP address determining module, the source IP address for determining the HTTP message;
Judge module, for judging to push the number of times for detecting the page to the source IP address in the default detection duration
Whether predetermined threshold value is more than;If it is, the number of times for pushing the detection page to the source IP address of record is updated to
Zero, and stop at the subsequent operation for carrying out shared verification detection in the default detection duration to the target LAN;Or,
If it is not, then performing the follow-up operation for being pushed to the user terminal and detecting the page.
8. detection means as claimed in claim 7, it is characterised in that the detection means also includes:
Meter record update module, the number of times that the detection page is pushed to the source IP address for more new record.
9. detection means as claimed in claim 6, it is characterised in that the detection means also includes:
Packet check module, for detecting whether the message that the user terminal of the target LAN is sent is HTTP reports in real time
Text;If it is, performing the operation for the flow for subsequently kidnapping the HTTP message;Or, if it is not, then re-execute described in detection
The message that the user terminal of target LAN is sent whether be HTTP message operation, until the default detection duration terminates.
10. detection means as claimed in claim 6, it is characterised in that the analysis module is true for the result according to analysis
The testing result of shared verification, is specifically included in the fixed target LAN:
The analysis module is used to perform operations described below:
If the quantity of the corresponding IP address of internal network of the public network IP address is more than or equal to predetermined number, it is determined that the target
There is shared verification in LAN;Or,
If the quantity of the corresponding IP address of internal network of the public network IP address is less than predetermined number, it is determined that the target LAN
In be not present shared verification.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710271850.9A CN107231271A (en) | 2017-04-24 | 2017-04-24 | A kind of detection method and device of shared verification |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710271850.9A CN107231271A (en) | 2017-04-24 | 2017-04-24 | A kind of detection method and device of shared verification |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN107231271A true CN107231271A (en) | 2017-10-03 |
Family
ID=59933140
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710271850.9A Pending CN107231271A (en) | 2017-04-24 | 2017-04-24 | A kind of detection method and device of shared verification |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107231271A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108449392A (en) * | 2018-03-01 | 2018-08-24 | 深圳市创梦天地科技有限公司 | Equipment identification device, method, electronic equipment and storage medium |
| CN110557465A (en) * | 2019-09-09 | 2019-12-10 | 浪潮云信息技术有限公司 | method and device for acquiring IP address of user side |
| CN110839039A (en) * | 2019-11-20 | 2020-02-25 | 成都知道创宇信息技术有限公司 | Intruder countercheck method and device |
| WO2023047160A1 (en) * | 2021-09-27 | 2023-03-30 | Pismo Labs Technology Limited | Methods and systems at a portable gateway of sending and receiving internet protocol (ip) data packets through a wireless gateway |
| CN116232960A (en) * | 2022-12-28 | 2023-06-06 | 新浪技术(中国)有限公司 | Address detection method, monitoring equipment and exit network equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101808018A (en) * | 2010-03-26 | 2010-08-18 | 杭州华三通信技术有限公司 | Method and device for detecting quantity of access terminals |
| US20120257610A1 (en) * | 2008-01-16 | 2012-10-11 | Lasse Maki | Mobile wlan gateway |
| CN104348803A (en) * | 2013-07-31 | 2015-02-11 | 深圳市腾讯计算机系统有限公司 | Link hijacking detecting method and device, user equipment, analysis server and link hijacking detecting system |
| CN105939231A (en) * | 2016-05-16 | 2016-09-14 | 杭州迪普科技有限公司 | Shared access detection method and shared access detection device |
-
2017
- 2017-04-24 CN CN201710271850.9A patent/CN107231271A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120257610A1 (en) * | 2008-01-16 | 2012-10-11 | Lasse Maki | Mobile wlan gateway |
| CN101808018A (en) * | 2010-03-26 | 2010-08-18 | 杭州华三通信技术有限公司 | Method and device for detecting quantity of access terminals |
| CN104348803A (en) * | 2013-07-31 | 2015-02-11 | 深圳市腾讯计算机系统有限公司 | Link hijacking detecting method and device, user equipment, analysis server and link hijacking detecting system |
| CN105939231A (en) * | 2016-05-16 | 2016-09-14 | 杭州迪普科技有限公司 | Shared access detection method and shared access detection device |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108449392A (en) * | 2018-03-01 | 2018-08-24 | 深圳市创梦天地科技有限公司 | Equipment identification device, method, electronic equipment and storage medium |
| CN108449392B (en) * | 2018-03-01 | 2021-10-08 | 深圳市创梦天地科技有限公司 | Device identification apparatus, method, electronic device, and storage medium |
| CN110557465A (en) * | 2019-09-09 | 2019-12-10 | 浪潮云信息技术有限公司 | method and device for acquiring IP address of user side |
| CN110839039A (en) * | 2019-11-20 | 2020-02-25 | 成都知道创宇信息技术有限公司 | Intruder countercheck method and device |
| CN110839039B (en) * | 2019-11-20 | 2022-03-29 | 成都知道创宇信息技术有限公司 | Intruder countercheck method and device |
| WO2023047160A1 (en) * | 2021-09-27 | 2023-03-30 | Pismo Labs Technology Limited | Methods and systems at a portable gateway of sending and receiving internet protocol (ip) data packets through a wireless gateway |
| GB2614588A (en) * | 2021-09-27 | 2023-07-12 | Pismo Labs Technology Ltd | Methods and systems at a portable gateway of sending and receiving internet protocol (IP) data packets through a wireless gateway |
| US12120527B2 (en) | 2021-09-27 | 2024-10-15 | Pismo Labs Technology Limited | Methods and systems at a portable gateway of sending and receiving internet protocol (IP) data packets through a wireless gateway |
| GB2614588B (en) * | 2021-09-27 | 2025-09-10 | Pismo Labs Technology Ltd | Methods and systems at a portable gateway of sending and receiving internet protocol (IP) data packets through a wireless gateway |
| CN116232960A (en) * | 2022-12-28 | 2023-06-06 | 新浪技术(中国)有限公司 | Address detection method, monitoring equipment and exit network equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107231271A (en) | A kind of detection method and device of shared verification | |
| US11102094B2 (en) | Systems and methods for configuring a resource for network traffic analysis | |
| Murley et al. | Websocket adoption and the landscape of the real-time web | |
| CN104834588B (en) | The method and apparatus for detecting resident formula cross site scripting loophole | |
| CN103257989B (en) | Web page download time is analyzed | |
| CN107124430B (en) | Page hijacking monitoring method, device, system and storage medium | |
| CN103067214B (en) | For testing the method for web site performance, client, server and system | |
| CN108052824B (en) | Risk prevention and control method and device and electronic equipment | |
| CN109831429A (en) | A kind of Webshell detection method and device | |
| CN105871947B (en) | The method and device of cross-domain request data | |
| CN107085549B (en) | Method and device for generating fault information | |
| CN104125121A (en) | Network hijacking behavior detecting system and method | |
| CN113518077A (en) | Malicious web crawler detection method, device, equipment and storage medium | |
| CN109739527A (en) | A kind of method, apparatus, server and the storage medium of the publication of client gray scale | |
| CN104426717A (en) | Method, home gateway and system for detecting quality of Internet applications | |
| KR101443071B1 (en) | Error Check System of Webpage | |
| CN106921671B (en) | network attack detection method and device | |
| US10614482B2 (en) | Attribution of a new application installation on a mobile device by analyzing network traffic of the device | |
| EP3977322A1 (en) | Methods for detecting tracking elements of a web page and related server devices | |
| CN105743732A (en) | Method and system for recording transmission paths and distribution conditions of files in local area network | |
| CN107992416A (en) | A kind of definite method and device of webpage time delay | |
| CN107222332B (en) | Test method, device, system and machine readable storage medium | |
| CN108228453A (en) | The adjustment method and device of IOS application program of mobile phone | |
| CN102801740A (en) | Trojan horse virus prevention method and equipment | |
| CN104881605A (en) | Method and apparatus for detecting webpage redirection vulnerabilities |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171003 |
|
| RJ01 | Rejection of invention patent application after publication |