[go: up one dir, main page]

CN102801699B - The system preventing server data from distorting, method and apparatus - Google Patents

The system preventing server data from distorting, method and apparatus Download PDF

Info

Publication number
CN102801699B
CN102801699B CN201110447094.3A CN201110447094A CN102801699B CN 102801699 B CN102801699 B CN 102801699B CN 201110447094 A CN201110447094 A CN 201110447094A CN 102801699 B CN102801699 B CN 102801699B
Authority
CN
China
Prior art keywords
information
server
modification
main server
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201110447094.3A
Other languages
Chinese (zh)
Other versions
CN102801699A (en
Inventor
王乃青
桑胜田
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Antiy Network Technology Co Ltd
Original Assignee
Beijing Antiy Electronic Equipment Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Antiy Electronic Equipment Co Ltd filed Critical Beijing Antiy Electronic Equipment Co Ltd
Priority to CN201110447094.3A priority Critical patent/CN102801699B/en
Publication of CN102801699A publication Critical patent/CN102801699A/en
Application granted granted Critical
Publication of CN102801699B publication Critical patent/CN102801699B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Computer And Data Communications (AREA)

Abstract

本发明提供了一种防止服务器数据篡改的系统、方法及设备。系统包括固定主机、主服务器及备份服务器,所述的固定主机用于记录登录用户信息及修改操作信息并验证用户密钥,向主服务器及备份服务器发送修改指令;主服务器用于接收固定主机发送的修改指令及备份服务器发送的运行情况信息,当接收到非固定主机或备份服务器发送的信息时,记录非法访问信息并报警;备份服务器用于接收固定主机及主服务器发送的修改指令。所述主服务器连接局域网,所述备份服务器连接外网,且主服务器与备份服务器采用不同架构及操作系统。通过本发明的方法有效防止了服务器内容被篡改,提高了服务器安全性。

The invention provides a system, method and equipment for preventing server data tampering. The system includes a fixed host, a main server and a backup server. The fixed host is used to record login user information and modify operation information and verify user keys, and send modification instructions to the main server and backup server; the main server is used to receive the information sent by the fixed host. When receiving the information sent by the non-fixed host or the backup server, it will record the illegal access information and give an alarm; the backup server is used to receive the modification instructions sent by the fixed host and the main server. The main server is connected to a local area network, and the backup server is connected to an external network, and the main server and the backup server adopt different architectures and operating systems. The method of the invention effectively prevents the content of the server from being tampered with, and improves the security of the server.

Description

防止服务器数据篡改的系统、方法及设备System, method and device for preventing server data tampering

技术领域 technical field

本发明涉及主机安全领域,特别涉及一种防止服务器数据篡改的系统、方法及设备。 The invention relates to the field of host security, in particular to a system, method and equipment for preventing server data tampering.

背景技术 Background technique

随着互联网时代的发展,计算机服务器会越来越多,而服务器的安全性越来越重要。现有的服务器很多是采用备份服务器来保证数据的完整性,同时使用一些方法对数据进行加密或对服务器进行监控。但是当服务器被攻破的时候,数据的完整性就无法保存,服务器数据或主页将受到篡改。 With the development of the Internet age, there will be more and more computer servers, and the security of servers is becoming more and more important. Many existing servers use backup servers to ensure data integrity, and use some methods to encrypt data or monitor servers. But when the server is compromised, the integrity of the data cannot be preserved, and the server data or homepage will be tampered with.

发明内容 Contents of the invention

本发明提供了一种防止服务器数据篡改的系统、方法及设备,解决了服务器数据被恶意修改,及服务器数据被恶意修改后无法保证数据完整性的问题。 The invention provides a system, method and device for preventing tampering of server data, which solves the problem that server data is maliciously modified and data integrity cannot be guaranteed after server data is maliciously modified.

一种防止服务器数据篡改的系统,包括: A system for preventing tampering of server data, comprising:

固定主机,用于记录登录用户信息及修改操作信息,发送用户修改指令前验证用户密钥,如果用户密钥正确,则将主机验证信息加入用户修改指令,发送到主服务器及备份服务器,并接收确认信息,如果用户密钥错误,则产生报警信号; Fixed host, used to record login user information and modify operation information, verify the user key before sending the user modification command, if the user key is correct, add the host verification information to the user modification command, send it to the main server and backup server, and receive Confirm the information, if the user key is wrong, an alarm signal will be generated;

主服务器,用于接收用户修改指令,并判断发送端是否是固定主机,如果是,则根据用户修改指令进行修改,记录修改时间及操作类型,并返回确认信息,否则确认为非法访问,并记录非法访问次数及非法访问信息; The main server is used to receive user modification instructions, and judge whether the sending end is a fixed host, if so, modify according to the user modification instructions, record the modification time and operation type, and return confirmation information, otherwise it is confirmed as illegal access, and record Number of illegal visits and illegal access information;

主服务器接收并记录备份服务器发送的运行情况信息,判断是否有可疑进程或错误文件,如果有,则发送修改信息并产生报警信号; The main server receives and records the operation status information sent by the backup server, and judges whether there are suspicious processes or wrong files, and if so, sends modification information and generates an alarm signal;

备份服务器,用于接收用户修改指令,并判断发送端是否是固定主机,如果是,则根据用户修改指令进行修改,记录修改时间及操作类型,并返回确认信息,否则确认为非法访问,并记录非法访问次数及非法访问信息; The backup server is used to receive user modification instructions and determine whether the sending end is a fixed host. If so, modify according to the user modification instructions, record the modification time and operation type, and return confirmation information, otherwise it is confirmed as illegal access and recorded Number of illegal visits and illegal access information;

备份服务器,用于向主服务器发送运行情况信息及接收主服务器发送的修改信息,并判断发送端是否是主服务器,如果是,则根据主服务器发送的修改信息进行文件修改,否则确认为非法访问,并记录非法访问次数及非法访问信息。 The backup server is used to send the operation status information to the main server and receive the modification information sent by the main server, and judge whether the sending end is the main server, if so, modify the file according to the modification information sent by the main server, otherwise it is confirmed as illegal access , and record the number of illegal accesses and illegal access information.

所述的系统中,所述的主机验证信息至少包括:固定主机的MAC地址、IP地址及CPU信息。 In the system, the host verification information at least includes: MAC address, IP address and CPU information of the fixed host.

所述的系统中,当主服务器或备份服务器的非法访问次数大于预设值时,主服务器或备份服务器产生报警信号。 In the system, when the number of illegal accesses of the main server or the backup server is greater than a preset value, the main server or the backup server generates an alarm signal.

所述的系统中,所述的非法访问信息至少包括:主机名称、IP地址及操作类型。 In the system, the illegal access information at least includes: host name, IP address and operation type.

所述的系统中,所述的主服务器连接局域网,备份服务器连接外网,且主服务器与备份服务器采用不同架构及操作系统。 In the system, the main server is connected to the local area network, and the backup server is connected to the external network, and the main server and the backup server adopt different architectures and operating systems.

一种防止服务器数据篡改的方法,适用于防止服务器数据篡改的系统中的固定主机,所述方法包括: A method for preventing tampering of server data, suitable for a fixed host in a system for preventing tampering of server data, the method comprising:

记录登录用户信息及修改操作信息; Record login user information and modify operation information;

发送用户修改指令前验证用户密钥,如果用户密钥正确,则将主机验证信息加入用户修改指令,发送到主服务器及备份服务器,并接收确认信息,如果用户密钥错误,则产生报警信号。 Verify the user key before sending the user modification command. If the user key is correct, add the host verification information to the user modification command, send it to the main server and backup server, and receive confirmation information. If the user key is wrong, an alarm signal will be generated.

所述的方法中,所述的主机验证信息至少包括:固定主机的MAC地址、IP地址及CPU信息。 In the method, the host authentication information at least includes: MAC address, IP address and CPU information of the fixed host.

所述用户密钥可以为多种形式,如Ukey或光盘密钥等。 The user key can be in various forms, such as Ukey or CD key.

一种固定主机设备,包括: A fixed host device comprising:

记录模块,用于记录登录用户信息及修改操作信息; Recording module, used to record login user information and modify operation information;

密钥验证模块,用于发送修改指令前验证用户密钥,如果用户密钥正确,则进入分发模块,否则进入报警模块; The key verification module is used to verify the user key before sending the modification command. If the user key is correct, it will enter the distribution module, otherwise it will enter the alarm module;

分发模块,用于当验证用于密钥正确时,将主机验证信息加入用户修改指令,发送到主服务器及备份服务器,并接收确认信息; The distribution module is used to add the host authentication information to the user modification instruction when the authentication key is correct, send it to the main server and the backup server, and receive the confirmation information;

报警模块,用于当验证用户密钥错误时,产生报警信号。 The alarm module is used to generate an alarm signal when the verification user key is wrong.

所述的设备,其特征在于中,所述的主机验证信息至少包括:固定主机的MAC地址、IP地址及CPU信息。 The device described above is characterized in that, the host authentication information at least includes: MAC address, IP address and CPU information of the fixed host.

一种防止服务器数据篡改的方法,适用于防止服务器数据篡改的系统中的主服务器,包括: A method for preventing tampering of server data, suitable for a master server in a system for preventing tampering of server data, comprising:

接收用户修改指令或备份服务器发送的运行情况信息; Receive user modification instructions or operation status information sent by the backup server;

若为用户修改指令,则判断发送端是否是固定主机,如果是,则根据用户修改指令进行修改,记录修改时间及操作类型,并返回确认信息,否则确认为非法访问,并记录非法访问次数及非法访问信息; If it is a user modification command, judge whether the sending end is a fixed host, if so, modify it according to the user modification command, record the modification time and operation type, and return confirmation information, otherwise it is confirmed as illegal access, and record the number of illegal access and Unlawful access to information;

若为备份服务器发送的运行情况信息,则记录备份服务器运行情况信息,并判断是否有可疑进程或错误文件,如果有,则发送修改信息并产生报警信号。 If it is the running status information sent by the backup server, then record the running status information of the backup server, and judge whether there is a suspicious process or an error file, and if so, send the modification information and generate an alarm signal.

所述的方法中,当非法访问次数大于预设值时,产生报警信号。 In the method, when the number of illegal accesses is greater than a preset value, an alarm signal is generated.

所述的方法中,所述的非法访问信息至少包括:访问主机名称、IP地址及操作类型。 In the method, the illegal access information at least includes: access host name, IP address and operation type.

所述的方法中,所述的运行情况信息至少包括: In the described method, the operation information at least includes:

备份服务器主要文件的MD5信息和运行进程名称及数目。 The MD5 information of the main file of the backup server and the name and number of running processes.

所述的方法中,所述的修改信息为可疑文件对应的主服务器上的文件信息。 In the method, the modification information is file information on the main server corresponding to the suspicious file.

所述方法中判断错误文件的方法可以为,将备份服务器发送的主要文件的MD5值与主服务器中相应文件的MD5值比较,如果相同则文件正确,否则文件错误。若文件正确,则不反馈任何信息,若文件错误,则将备份服务器的文件更改为主服务器的文件。 The method for judging the wrong file in the method can be, compare the MD5 value of the main file sent by the backup server with the MD5 value of the corresponding file in the main server, if they are the same, the file is correct, otherwise the file is wrong. If the file is correct, no information will be fed back. If the file is wrong, the file on the backup server will be changed to the file on the master server.

一种主服务器设备,包括: A master server device comprising:

接收模块,用于接收用户修改指令或备份服务器发送的运行情况信息; The receiving module is used to receive user modification instructions or operation status information sent by the backup server;

固定主机验证模块,用于接收用户修改指令时,判断发送端是否是固定主机,如果是,则根据用户修改指令进行修改,否则确认为非法访问; The fixed host verification module is used to determine whether the sending end is a fixed host when receiving a user modification instruction, and if so, modify it according to the user modification instruction, otherwise it is confirmed as an illegal access;

记录模块,用于记录修改时间及操作类型、非法访问次数及非法访问信息和备份服务器运行情况信息; The recording module is used to record the modification time and operation type, the number of illegal accesses and illegal access information, and the operation status information of the backup server;

检测及修改模块,用于接收备份服务器发送的运行情况信息时,判断是否有可疑进程或错误文件,如果有进入报警模块及发送模块; The detection and modification module is used to determine whether there is a suspicious process or an error file when receiving the operation status information sent by the backup server, and if it enters the alarm module and the sending module;

报警模块,用于产生报警信号; An alarm module, configured to generate an alarm signal;

发送模块,用于向固定主机返回确认信息或向备份服务器发送修改信息。 The sending module is used to return confirmation information to the fixed host or send modification information to the backup server.

所述的设备中,当非法访问次数大于预设值时,报警模块产生报警信号。 In the device, when the number of illegal accesses is greater than a preset value, the alarm module generates an alarm signal.

所述的记录模块还可根据需求进行记录内容的扩展,如记录主服务器向备份服务器发送修改信息的时间及文件内容等。 The recording module can also expand the recording content according to requirements, such as recording the time and file content sent by the primary server to the backup server for modification information.

一种防止服务器数据篡改的方法,适用于防止服务器数据篡改的系统中的备份服务器,包括: A method for preventing tampering of server data, suitable for a backup server in a system for preventing server data tampering, comprising:

接收用户修改指令或向主服务器发送运行情况信息; Receive user modification instructions or send operating status information to the main server;

若接收用户修改指令,则判断发送端是否是固定主机,如果是,则根据用户修改指令进行修改,记录修改时间及操作类型,并返回确认信息,否则确认为非法访问,并记录非法访问次数及非法访问信息; If the user modification instruction is received, it is judged whether the sending end is a fixed host, if yes, it is modified according to the user modification instruction, the modification time and operation type are recorded, and a confirmation message is returned, otherwise it is confirmed as illegal access, and the number of illegal access and the number of illegal access are recorded. Unlawful access to information;

若向主服务器发送运行情况信息,则接收主服务器发送的修改信息,并判断发送端是否是主服务器,如果是,则根据主服务器发送的修改信息进行文件修改,否则确认为非法访问,并记录非法访问次数及非法访问信息。 If the operation status information is sent to the main server, it will receive the modification information sent by the main server, and judge whether the sending end is the main server, if so, modify the file according to the modification information sent by the main server, otherwise it will be confirmed as illegal access, and record Number of illegal visits and information on illegal visits.

所述的方法中,当非法访问次数大于预设值时,产生报警信号。 In the method, when the number of illegal accesses is greater than a preset value, an alarm signal is generated.

所述的方法中,所述的非法访问信息至少包括:访问主机名称、IP地址及操作类型。 In the method, the illegal access information at least includes: access host name, IP address and operation type.

所述的方法中,所述的运行情况信息至少包括:备份服务器主要文件的MD5信息和运行进程名称及数目。 In the method, the running information at least includes: the MD5 information of the main file of the backup server and the name and number of running processes.

一种备份服务器设备,包括: A backup server device comprising:

接收模块,用于接收用户修改指令及主服务器发送的修改信息; The receiving module is used to receive user modification instructions and modification information sent by the main server;

固定主机及主服务器验证模块,用于当接收用户修改指令或主服务器发送的修改信息时,判断发送端是否是固定主机或主服务器,如果是固定主机,则进入修改模块,如果是主服务器,则进入主服务器修改模块,否则确认为非法访问; The fixed host and main server verification module is used to determine whether the sending end is a fixed host or a main server when receiving user modification instructions or modification information sent by the main server. If it is a fixed host, enter the modification module. If it is the main server, Then enter the main server to modify the module, otherwise it is confirmed as illegal access;

记录模块,用于记录修改时间及操作类型及非法访问次数和非法访问信息; Recording module, used to record modification time and operation type, illegal access times and illegal access information;

修改模块,用于根据用户修改指令进行修改,并返回确认信息; The modification module is used to modify according to the user modification instruction and return confirmation information;

安全上报模块,用于向主服务器发送运行情况信息; A security reporting module, used to send operating information to the main server;

主服务器修改模块,用于接收主服务器发送的修改信息,根据主服务器发送的修改信息进行文件修改。 The main server modification module is configured to receive the modification information sent by the main server, and modify the file according to the modification information sent by the main server.

所述的设备中,还包括报警模块,用于当非法访问次数大于预设值时,产生报警信号。 The device also includes an alarm module, which is used to generate an alarm signal when the number of illegal accesses is greater than a preset value.

本发明中,主服务器不直接连接到外网,而是只在局域网中存在,备份服务器同外网连接,并同主要服务器有链接。为了保证服务器的安全,两台服务器采用不同架构的CPU,并且安装不同的操作系统,大大增加了篡改服务器数据的难度,从而提高服务器的安全性。在对服务器内容修改方面也做了严格的限制,只能使用固定的机器进行修改,同时固定主机在使用的时候还会进行外部密钥验证。 In the present invention, the main server is not directly connected to the external network, but only exists in the local area network, and the backup server is connected to the external network and has a link with the main server. In order to ensure the security of the server, the two servers use CPUs with different architectures and install different operating systems, which greatly increases the difficulty of tampering with server data, thereby improving server security. There are also strict restrictions on the modification of server content, and only fixed machines can be used for modification. At the same time, fixed hosts will also perform external key verification when they are in use.

本发明提供了一种防止服务器数据篡改的系统、方法及设备。系统包括固定主机、主服务器及备份服务器,所述的固定主机用于记录登录用户信息及修改操作信息并验证用户密钥,向主服务器及备份服务器发送修改指令;主服务器用于接收固定主机发送的修改指令及备份服务器发送的运行情况信息,当接收到非固定主机或备份服务器发送的信息时,记录非法访问信息并报警;备份服务器用于接收固定主机及主服务器发送的修改指令。所述主服务器连接局域网,所述备份服务器连接外网,且主服务器与备份服务器采用不同架构及操作系统。通过本发明的方法有效防止了服务器内容被篡改,提高了服务器安全性。 The invention provides a system, method and equipment for preventing server data tampering. The system includes a fixed host, a main server and a backup server. The fixed host is used to record login user information and modify operation information and verify user keys, and send modification instructions to the main server and backup server; the main server is used to receive the information sent by the fixed host. When receiving the information sent by the non-fixed host or the backup server, it will record the illegal access information and give an alarm; the backup server is used to receive the modification instructions sent by the fixed host and the main server. The main server is connected to a local area network, and the backup server is connected to an external network, and the main server and the backup server adopt different architectures and operating systems. The method of the invention effectively prevents the content of the server from being tampered with, and improves the security of the server.

附图说明 Description of drawings

为了更清楚地说明本发明或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明中记载的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。 In order to more clearly illustrate the present invention or the technical solutions in the prior art, the accompanying drawings that need to be used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the accompanying drawings in the following description are only the present invention. For some embodiments described in the invention, those skilled in the art can also obtain other drawings based on these drawings without creative work.

图1为一种防止服务器数据篡改的系统示意图; Fig. 1 is a schematic diagram of a system for preventing server data tampering;

图2为一种防止服务器数据篡改的方法中固定主机方法流程图; Fig. 2 is a flow chart of a method for fixing a host in a method for preventing tampering of server data;

图3为一种固定主机设备结构图; Fig. 3 is a structural diagram of a fixed host device;

图4为一种防止服务器数据篡改的方法中主服务器方法流程图; Fig. 4 is a flow chart of the main server method in a method for preventing server data tampering;

图5为一种主服务器设备结构图; Fig. 5 is a kind of master server device structural diagram;

图6为一种防止服务器数据篡改的方法中备份服务器方法流程图; Fig. 6 is a flow chart of a method for backing up a server in a method for preventing tampering of server data;

图7为一种备份服务器设备结构图。 FIG. 7 is a structural diagram of a backup server device.

具体实施方式 Detailed ways

为了使本技术领域的人员更好地理解本发明实施例中的技术方案,并使本发明的上述目的、特征和优点能够更加明显易懂,下面结合附图对本发明中技术方案作进一步详细的说明。 In order to enable those skilled in the art to better understand the technical solutions in the embodiments of the present invention, and to make the above-mentioned purposes, features and advantages of the present invention more obvious and easy to understand, the technical solutions in the present invention will be further detailed below in conjunction with the accompanying drawings illustrate.

本发明提供了一种防止服务器数据篡改的系统、方法及设备,解决了服务器数据被恶意修改,及服务器数据被恶意修改后无法保证数据完整性的问题。 The invention provides a system, method and device for preventing tampering of server data, which solves the problem that server data is maliciously modified and data integrity cannot be guaranteed after server data is maliciously modified.

一种防止服务器数据篡改的系统,如图1所示,包括: A system for preventing tampering of server data, as shown in Figure 1, includes:

固定主机101,用于记录登录用户信息及修改操作信息,发送用户修改指令前验证用户密钥,如果用户密钥正确,则将主机验证信息加入用户修改指令,发送到主服务器及备份服务器,并接收确认信息,如果用户密钥错误,则产生报警信号; Fixed host 101, used to record login user information and modify operation information, verify the user key before sending the user modification command, if the user key is correct, add the host verification information to the user modification command, send it to the main server and the backup server, and Receive confirmation information, if the user key is wrong, an alarm signal will be generated;

主服务器102,用于接收用户修改指令,并判断发送端是否是固定主机,如果是,则根据用户修改指令进行修改,记录修改时间及操作类型,并返回确认信息,否则确认为非法访问,并记录非法访问次数及非法访问信息; The main server 102 is used to receive the user modification instruction, and judge whether the sending end is a fixed host, if so, then modify according to the user modification instruction, record the modification time and operation type, and return confirmation information, otherwise it is confirmed as illegal access, and Record the number of illegal visits and illegal visit information;

主服务器接收并记录备份服务器发送的运行情况信息,判断是否有可疑进程或错误文件,如果有,则发送修改信息并产生报警信号; The main server receives and records the operation status information sent by the backup server, and judges whether there are suspicious processes or wrong files, and if so, sends modification information and generates an alarm signal;

备份服务器103,用于接收用户修改指令,并判断发送端是否是固定主机,如果是,则根据用户修改指令进行修改,记录修改时间及操作类型,并返回确认信息,否则确认为非法访问,并记录非法访问次数及非法访问信息; The backup server 103 is used to receive the user modification instruction, and judge whether the sending end is a fixed host, if so, then modify according to the user modification instruction, record the modification time and operation type, and return confirmation information, otherwise it is confirmed as illegal access, and Record the number of illegal visits and illegal visit information;

备份服务器103向主服务器发送运行情况信息及接收主服务器发送的修改信息,并判断发送端是否是主服务器,如果是,则根据主服务器发送的修改信息进行文件修改,否则确认为非法访问,并记录非法访问次数及非法访问信息。 The backup server 103 sends the operation status information to the main server and receives the modification information sent by the main server, and judges whether the sending end is the main server, if so, then carries out file modification according to the modification information sent by the main server, otherwise it is confirmed as illegal access, and Record the number of illegal visits and illegal visit information.

所述的系统中,所述的主机验证信息至少包括:固定主机的MAC地址、IP地址及CPU信息。 In the system, the host verification information at least includes: MAC address, IP address and CPU information of the fixed host.

所述的系统中,当主服务器或备份服务器的非法访问次数大于预设值时,主服务器或备份服务器产生报警信号。 In the system, when the number of illegal accesses of the main server or the backup server is greater than a preset value, the main server or the backup server generates an alarm signal.

所述的系统中,所述的非法访问信息至少包括:主机名称、IP地址及操作类型。 In the system, the illegal access information at least includes: host name, IP address and operation type.

所述的系统中,所述的主服务器连接局域网,备份服务器连接外网,且主服务器与备份服务器采用不同架构及操作系统。如主服务器采用X86架构window操作系统,备份服务器采用ARM架构Linux操作系统。 In the system, the main server is connected to the local area network, and the backup server is connected to the external network, and the main server and the backup server adopt different architectures and operating systems. For example, the main server adopts the X86 architecture window operating system, and the backup server adopts the ARM architecture Linux operating system.

一种防止服务器数据篡改的方法,适用于防止服务器数据篡改的系统中的固定主机,如图2所示,所述方法包括: A method for preventing tampering of server data, suitable for a fixed host in a system for preventing tampering of server data, as shown in Figure 2, the method comprising:

S201:记录登录用户信息及修改操作信息; S201: Record login user information and modify operation information;

S202:发送用户修改指令前验证用户密钥,如果用户密钥正确,则执行S203,如果用户密钥错误,则执行S205; S202: verify the user key before sending the user modification instruction, if the user key is correct, execute S203, and if the user key is wrong, execute S205;

S203:将主机验证信息加入用户修改指令,发送到主服务器及备份服务器; S203: Add the host verification information to the user modification instruction, and send it to the main server and the backup server;

S204:接收确认信息,结束修改; S204: Receive confirmation information, and end modification;

S205:产生报警信号。 S205: Generate an alarm signal.

所述的方法中,所述的主机验证信息至少包括:固定主机的MAC地址、IP地址及CPU信息。 In the method, the host authentication information at least includes: MAC address, IP address and CPU information of the fixed host.

所述用户密钥可以为多种形式,如Ukey或光盘密钥等。 The user key can be in various forms, such as Ukey or CD key.

一种固定主机设备,如图3所示,包括: A fixed host device, as shown in Figure 3, includes:

记录模块301,用于记录登录用户信息及修改操作信息; A recording module 301, configured to record login user information and modify operation information;

密钥验证模块302,用于发送修改指令前验证用户密钥,如果用户密钥正确,则进入分发模块,否则进入报警模块; The key verification module 302 is used to verify the user key before sending the modification instruction, if the user key is correct, then enter the distribution module, otherwise enter the alarm module;

分发模块303,用于当验证用于密钥正确时,将主机验证信息加入用户修改指令,发送到主服务器及备份服务器,并接收确认信息; The distribution module 303 is used to add the host verification information to the user modification instruction when the verification key is correct, send it to the main server and the backup server, and receive confirmation information;

报警模块304,用于当验证用户密钥错误时,产生报警信号。 The alarm module 304 is configured to generate an alarm signal when the verification user key is wrong.

所述的设备,其特征在于中,所述的主机验证信息至少包括:固定主机的MAC地址、IP地址及CPU信息。 The device described above is characterized in that, the host authentication information at least includes: MAC address, IP address and CPU information of the fixed host.

一种防止服务器数据篡改的方法,适用于防止服务器数据篡改的系统中的主服务器,如图4所示,包括: A method for preventing tampering of server data, suitable for a master server in a system for preventing tampering of server data, as shown in Figure 4, comprising:

S401:接收用户修改指令或备份服务器发送的运行情况信息;若为用户修改指令,则执行S402,若为备份服务器发送的运行情况信息,则执行S405; S401: Receive the user modification instruction or the operation status information sent by the backup server; if it is the user modification instruction, execute S402, and if it is the operation status information sent by the backup server, execute S405;

S402:判断发送端是否是固定主机,如果是,则执行S403,否则确认为非法访问,执行S404; S402: Determine whether the sending end is a fixed host, if so, execute S403, otherwise confirm that it is an illegal access, execute S404;

S403:根据用户修改指令进行修改,记录修改时间及操作类型,并返回确认信息; S403: Modify according to the user modification instruction, record the modification time and operation type, and return confirmation information;

S404:记录非法访问次数及非法访问信息,但不返回任何信息; S404: Record the number of illegal visits and illegal visit information, but do not return any information;

S405:记录备份服务器运行情况信息; S405: Recording information about the operation status of the backup server;

S406:判断是否有可疑进程或错误文件,如果有,则执行S407,如果没有,则不做任何应答; S406: judging whether there is a suspicious process or an error file, if there is, then execute S407, if not, then do not make any response;

S407:发送修改信息并产生报警信号。 S407: Send modification information and generate an alarm signal.

所述的方法中,当非法访问次数大于预设值时,产生报警信号。 In the method, when the number of illegal accesses is greater than a preset value, an alarm signal is generated.

所述的方法中,所述的非法访问信息至少包括:访问主机名称、IP地址及操作类型。 In the method, the illegal access information at least includes: access host name, IP address and operation type.

所述的方法中,所述的运行情况信息至少包括: In the described method, the operation information at least includes:

备份服务器主要文件的MD5信息和运行进程名称及数目。 The MD5 information of the main file of the backup server and the name and number of running processes.

所述的方法中,所述的修改信息为可疑文件对应的主服务器上的文件信息。 In the method, the modification information is file information on the main server corresponding to the suspicious file.

所述方法中判断错误文件的方法可以为,将备份服务器发送的主要文件的MD5值与主服务器中相应文件的MD5值比较,如果相同则文件正确,否则文件错误。若文件正确,则不反馈任何信息,若文件错误,则将备份服务器的文件更改为主服务器的文件。 The method for judging the wrong file in the method can be, compare the MD5 value of the main file sent by the backup server with the MD5 value of the corresponding file in the main server, if they are the same, the file is correct, otherwise the file is wrong. If the file is correct, no information will be fed back. If the file is wrong, the file on the backup server will be changed to the file on the master server.

一种主服务器设备,如图5所示,包括: A main server device, as shown in Figure 5, includes:

接收模块501,用于接收用户修改指令或备份服务器发送的运行情况信息; The receiving module 501 is used to receive the user modification instruction or the operation status information sent by the backup server;

固定主机验证模块502,用于接收用户修改指令时,判断发送端是否是固定主机,如果是,则根据用户修改指令进行修改,否则确认为非法访问; The fixed host authentication module 502 is used to determine whether the sending end is a fixed host when receiving a user modification instruction, and if so, modify it according to the user modification instruction, otherwise it is confirmed as an illegal access;

记录模块503,用于记录修改时间及操作类型、非法访问次数及非法访问信息和备份服务器运行情况信息; Recording module 503, for recording modification time and operation type, illegal access times and illegal access information and backup server operation information;

检测及修改模块504,用于接收备份服务器发送的运行情况信息时,判断是否有可疑进程或错误文件,如果有进入报警模块及发送模块; The detection and modification module 504 is used to determine whether there is a suspicious process or an error file when receiving the operation status information sent by the backup server, and if so, enter the alarm module and the sending module;

报警模块505,用于产生报警信号; An alarm module 505, configured to generate an alarm signal;

发送模块506,用于向固定主机返回确认信息或向备份服务器发送修改信息。 The sending module 506 is configured to return confirmation information to the fixed host or send modification information to the backup server.

所述的设备中,当非法访问次数大于预设值时,报警模块产生报警信号。 In the device, when the number of illegal accesses is greater than a preset value, the alarm module generates an alarm signal.

所述的记录模块还可根据需求进行记录内容的扩展,如记录主服务器向备份服务器发送修改信息的时间及文件内容等。 The recording module can also expand the recording content according to requirements, such as recording the time and file content sent by the primary server to the backup server for modification information.

一种防止服务器数据篡改的方法,适用于防止服务器数据篡改的系统中的备份服务器,如图6所示,包括: A method for preventing tampering of server data is suitable for a backup server in a system for preventing tampering of server data, as shown in Figure 6, comprising:

S601:接收用户修改指令或向主服务器发送运行情况信息;若接收用户修改指令,则执行S602,若向主服务器发送运行情况信息,则执行S605; S601: Receive the user modification instruction or send the operation status information to the main server; if the user modification instruction is received, execute S602, and if send the operation status information to the main server, execute S605;

S602:判断发送端是否是固定主机,如果是,则执行S603,否则确认为非法访问,并执行S604; S602: Determine whether the sending end is a fixed host, if so, execute S603, otherwise confirm that it is an illegal access, and execute S604;

S603:根据用户修改指令进行修改,记录修改时间及操作类型,并返回确认信息; S603: Modify according to the user modification instruction, record the modification time and operation type, and return confirmation information;

S604:记录非法访问次数及非法访问信息,但不返回任何信息; S604: Record the number of illegal visits and illegal visit information, but do not return any information;

S605:接收主服务器发送的修改信息; S605: Receive modification information sent by the main server;

S606:判断发送端是否是主服务器,如果是,则执行S607,否则确认为非法访问,并执行S608; S606: Determine whether the sending end is the main server, if so, execute S607, otherwise confirm that it is illegal access, and execute S608;

S607:根据主服务器发送的修改信息进行文件修改; S607: Modify the file according to the modification information sent by the master server;

S608:记录非法访问次数及非法访问信息,但不返回任何信息。 S608: Record the number of illegal access times and illegal access information, but not return any information.

所述的方法中,当非法访问次数大于预设值时,产生报警信号。 In the method, when the number of illegal accesses is greater than a preset value, an alarm signal is generated.

所述的方法中,所述的非法访问信息至少包括:访问主机名称、IP地址及操作类型。 In the method, the illegal access information at least includes: access host name, IP address and operation type.

所述的方法中,所述的运行情况信息至少包括:备份服务器主要文件的MD5信息和运行进程名称及数目。 In the method, the running information at least includes: the MD5 information of the main file of the backup server and the name and number of running processes.

一种备份服务器设备,如图7所示,包括: A backup server device, as shown in Figure 7, includes:

接收模块701,用于接收用户修改指令及主服务器发送的修改信息; A receiving module 701, configured to receive user modification instructions and modification information sent by the main server;

固定主机及主服务器验证模块702,用于当接收用户修改指令或主服务器发送的修改信息时,判断发送端是否是固定主机或主服务器,如果是固定主机,则进入修改模块704,如果是主服务器,则进入主服务器修改模块406,否则确认为非法访问; The fixed host and main server verification module 702 is used to determine whether the sending end is a fixed host or a main server when receiving a modification instruction from a user or a main server. If it is a fixed host, it enters the modification module 704. server, then enter the main server modification module 406, otherwise it is confirmed as illegal access;

记录模块703,用于记录修改时间及操作类型及非法访问次数和非法访问信息; A recording module 703, configured to record modification time, operation type, illegal access times and illegal access information;

修改模块704,用于根据用户修改指令进行修改,并返回确认信息; A modification module 704, configured to modify according to the user modification instruction, and return confirmation information;

安全上报模块705,用于向主服务器发送运行情况信息; A safety reporting module 705, configured to send operation information to the main server;

主服务器修改模块706,用于接收主服务器发送的修改信息,根据主服务器发送的修改信息进行文件修改。 The main server modification module 706 is configured to receive the modification information sent by the main server, and modify the file according to the modification information sent by the main server.

所述的设备中,还包括报警模块707,用于当非法访问次数大于预设值时,产生报警信号。 The device further includes an alarm module 707, configured to generate an alarm signal when the number of illegal accesses is greater than a preset value.

本发明中,主服务器不直接连接到外网,而是只在局域网中存在,备份服务器同外网连接,并同主要服务器有链接。为了保证服务器的安全,两台服务器采用不同架构的CPU,并且安装不同的操作系统,大大增加了篡改服务器数据的难度,从而提高服务器的安全性。在对服务器内容修改方面也做了严格的限制,只能使用固定的机器进行修改,同时固定主机在使用的时候还会进行外部密钥验证。 In the present invention, the main server is not directly connected to the external network, but only exists in the local area network, and the backup server is connected to the external network and has a link with the main server. In order to ensure the security of the server, the two servers use CPUs with different architectures and install different operating systems, which greatly increases the difficulty of tampering with server data, thereby improving server security. There are also strict restrictions on the modification of server content, and only fixed machines can be used for modification. At the same time, fixed hosts will also perform external key verification when they are in use.

本发明提供了一种防止服务器数据篡改的系统、方法及设备。系统包括固定主机、主服务器及备份服务器,所述的固定主机用于记录登录用户信息及修改操作信息并验证用户密钥,向主服务器及备份服务器发送修改指令;主服务器用于接收固定主机发送的修改指令及备份服务器发送的运行情况信息,当接收到非固定主机或备份服务器发送的信息时,记录非法访问信息并报警;备份服务器用于接收固定主机及主服务器发送的修改指令。所述主服务器连接局域网,所述备份服务器连接外网,且主服务器与备份服务器采用不同架构及操作系统。通过本发明的方法有效防止了服务器内容被篡改,提高了服务器安全性。 The invention provides a system, method and equipment for preventing server data tampering. The system includes a fixed host, a main server and a backup server. The fixed host is used to record login user information and modify operation information and verify user keys, and send modification instructions to the main server and backup server; the main server is used to receive the information sent by the fixed host. When receiving the information sent by the non-fixed host or the backup server, it will record the illegal access information and give an alarm; the backup server is used to receive the modification instructions sent by the fixed host and the main server. The main server is connected to a local area network, and the backup server is connected to an external network, and the main server and the backup server adopt different architectures and operating systems. The method of the invention effectively prevents the content of the server from being tampered with, and improves the security of the server.

虽然通过实施例描绘了本发明,本领域普通技术人员知道,本发明有许多变形和变化而不脱离本发明的精神,希望所附的权利要求包括这些变形和变化而不脱离本发明的精神。 While the invention has been described by way of example, those skilled in the art will appreciate that there are many variations and changes to the invention without departing from the spirit of the invention, and it is intended that the appended claims cover such variations and changes without departing from the spirit of the invention.

Claims (21)

1.一种防止服务器数据篡改的系统,其特征在于,包括: 1. A system for preventing tampering of server data, characterized in that it comprises: 固定主机,用于记录登录用户信息及修改操作信息,发送用户修改指令前验证用户密钥,如果用户密钥正确,则将主机验证信息加入用户修改指令,发送到主服务器及备份服务器,并接收确认信息,如果用户密钥错误,则产生报警信号; Fixed host, used to record login user information and modify operation information, verify the user key before sending the user modification command, if the user key is correct, add the host verification information to the user modification command, send it to the main server and backup server, and receive Confirm the information, if the user key is wrong, an alarm signal will be generated; 主服务器,用于接收用户修改指令,并判断发送端是否是固定主机,如果是,则根据用户修改指令进行修改,记录修改时间及操作类型,并返回确认信息,否则确认为非法访问,并记录非法访问次数及非法访问信息; The main server is used to receive user modification instructions, and judge whether the sending end is a fixed host, if so, modify according to the user modification instructions, record the modification time and operation type, and return confirmation information, otherwise it is confirmed as illegal access, and record Number of illegal visits and illegal access information; 主服务器接收并记录备份服务器发送的运行情况信息,判断是否有可疑进程或错误文件,如果有,则发送修改信息并产生报警信号; The main server receives and records the operation status information sent by the backup server, and judges whether there are suspicious processes or wrong files, and if so, sends modification information and generates an alarm signal; 备份服务器,用于接收用户修改指令,并判断发送端是否是固定主机,如果是,则根据用户修改指令进行修改,记录修改时间及操作类型,并返回确认信息,否则确认为非法访问,并记录非法访问次数及非法访问信息; The backup server is used to receive user modification instructions and determine whether the sending end is a fixed host. If so, modify according to the user modification instructions, record the modification time and operation type, and return confirmation information, otherwise it is confirmed as illegal access and recorded Number of illegal visits and illegal access information; 用于向主服务器发送运行情况信息及接收主服务器发送的修改信息,并判断发送端是否是主服务器,如果是,则根据主服务器发送的修改信息进行文件修改,否则确认为非法访问,并记录非法访问次数及非法访问信息; It is used to send the operation status information to the main server and receive the modification information sent by the main server, and judge whether the sending end is the main server. If so, modify the file according to the modification information sent by the main server. Otherwise, it is confirmed as illegal access and recorded Number of illegal visits and illegal access information; 所述的主服务器连接局域网,备份服务器连接外网,且主服务器与备份服务器采用不同架构及操作系统。 The main server is connected to the local area network, and the backup server is connected to the external network, and the main server and the backup server adopt different architectures and operating systems. 2.如权利要求1所述的系统,其特征在于,所述的主机验证信息至少包括:固定主机的MAC地址、IP地址及CPU信息。 2. The system according to claim 1, wherein the host authentication information at least includes: MAC address, IP address and CPU information of the fixed host. 3.如权利要求1所述的系统,其特征在于,当主服务器或备份服务器的非法访问次数大于预设值时,主服务器或备份服务器产生报警信号。 3. The system according to claim 1, wherein when the number of illegal accesses of the primary server or the backup server is greater than a preset value, the primary server or the backup server generates an alarm signal. 4.如权利要求1所述的系统,其特征在于,所述的非法访问信息至少包括:主机名称、IP地址及操作类型。 4. The system according to claim 1, wherein the illegal access information at least includes: host name, IP address and operation type. 5.一种防止服务器数据篡改的方法,其特征在于,适用于权利要求1所述系统中的固定主机,所述方法包括: 5. A method for preventing tampering of server data, characterized in that it is applicable to the fixed host in the system according to claim 1, said method comprising: 记录登录用户信息及修改操作信息; Record login user information and modify operation information; 发送用户修改指令前验证用户密钥,如果用户密钥正确,则将主机验证信息加入用户修改指令,发送到主服务器及备份服务器,并接收确认信息,如果用户密钥错误,则产生报警信号。 Verify the user key before sending the user modification command. If the user key is correct, add the host verification information to the user modification command, send it to the main server and backup server, and receive confirmation information. If the user key is wrong, an alarm signal will be generated. 6.如权利要求5所述的方法,其特征在于,所述的主机验证信息至少包括:固定主机的MAC地址、IP地址及CPU信息。 6. The method according to claim 5, wherein the host verification information at least includes: MAC address, IP address and CPU information of the fixed host. 7.一种固定主机设备,适用于权利要求1所述的系统,其特征在于,包括: 7. A fixed host device, suitable for the system according to claim 1, characterized in that it comprises: 记录模块,用于记录登录用户信息及修改操作信息; Recording module, used to record login user information and modify operation information; 密钥验证模块,用于发送修改指令前验证用户密钥,如果用户密钥正确,则进入分发模块,否则进入报警模块; The key verification module is used to verify the user key before sending the modification command. If the user key is correct, it will enter the distribution module, otherwise it will enter the alarm module; 分发模块,用于当验证用于密钥正确时,将主机验证信息加入用户修改指令,发送到主服务器及备份服务器,并接收确认信息; The distribution module is used to add the host authentication information to the user modification instruction when the authentication key is correct, send it to the main server and the backup server, and receive the confirmation information; 报警模块,用于当验证用户密钥错误时,产生报警信号。 The alarm module is used to generate an alarm signal when the verification user key is wrong. 8.如权利要求7所述的设备,其特征在于,所述的主机验证信息至少包括:固定主机的MAC地址、IP地址及CPU信息。 8. The device according to claim 7, wherein the host authentication information at least includes: MAC address, IP address and CPU information of the fixed host. 9.一种防止服务器数据篡改的方法,其特征在于,适用于权利要求1所述系统中的主服务器,所述方法包括: 9. A method for preventing tampering of server data, characterized in that it is applicable to the master server in the system according to claim 1, said method comprising: 接收用户修改指令或备份服务器发送的运行情况信息; Receive user modification instructions or operation status information sent by the backup server; 若为用户修改指令,则判断发送端是否是固定主机,如果是,则根据用户修改指令进行修改,记录修改时间及操作类型,并返回确认信息,否则确认为非法访问,并记录非法访问次数及非法访问信息; If it is a user modification command, judge whether the sending end is a fixed host, if so, modify it according to the user modification command, record the modification time and operation type, and return confirmation information, otherwise it is confirmed as illegal access, and record the number of illegal access and Unlawful access to information; 若为备份服务器发送的运行情况信息,则记录备份服务器运行情况信息,并判断是否有可疑进程或错误文件,如果有,则发送修改信息并产生报警信号。 If it is the running status information sent by the backup server, then record the running status information of the backup server, and judge whether there is a suspicious process or an error file, and if so, send the modification information and generate an alarm signal. 10.如权利要求9所述的方法,其特征在于,当非法访问次数大于预设值时,产生报警信号。 10. The method according to claim 9, wherein an alarm signal is generated when the number of illegal accesses is greater than a preset value. 11.如权利要求9所述的方法,其特征在于,所述的非法访问信息至少包括:访问主机名称、IP地址及操作类型。 11. The method according to claim 9, wherein the illegal access information at least includes: access host name, IP address and operation type. 12.如权利要求9所述的方法,其特征在于,所述的运行情况信息至少包括: 12. The method according to claim 9, characterized in that, the operation information at least includes: 备份服务器主要文件的MD5信息和运行进程名称及数目。 The MD5 information of the main file of the backup server and the name and number of running processes. 13.如权利要求9所述的方法,其特征在于,所述的修改信息为可疑文件对应的主服务器上的文件信息。 13. The method according to claim 9, wherein the modification information is file information on the main server corresponding to the suspicious file. 14.一种主服务器设备,其特征在于,适用于权利要求1所述系统,所述设备包括: 14. A master server device, which is suitable for the system according to claim 1, said device comprising: 接收模块,用于接收用户修改指令或备份服务器发送的运行情况信息; The receiving module is used to receive user modification instructions or operation status information sent by the backup server; 固定主机验证模块,用于接收用户修改指令时,判断发送端是否是固定主机,如果是,则根据用户修改指令进行修改,否则确认为非法访问; The fixed host verification module is used to determine whether the sending end is a fixed host when receiving a user modification instruction, and if so, modify it according to the user modification instruction, otherwise it is confirmed as an illegal access; 记录模块,用于记录修改时间及操作类型、非法访问次数及非法访问信息和备份服务器运行情况信息; The recording module is used to record the modification time and operation type, the number of illegal accesses and illegal access information, and the operation status information of the backup server; 检测及修改模块,用于接收备份服务器发送的运行情况信息时,判断是否有可疑进程或错误文件,如果有进入报警模块及发送模块; The detection and modification module is used to determine whether there is a suspicious process or an error file when receiving the operation status information sent by the backup server, and if it enters the alarm module and the sending module; 报警模块,用于产生报警信号; An alarm module, configured to generate an alarm signal; 发送模块,用于向固定主机返回确认信息或向备份服务器发送修改信息。 The sending module is used to return confirmation information to the fixed host or send modification information to the backup server. 15.如权利要求14所述的设备,其特征在于,当非法访问次数大于预设值时,报警模块产生报警信号。 15. The device according to claim 14, wherein the alarm module generates an alarm signal when the number of illegal accesses is greater than a preset value. 16.一种防止服务器数据篡改的方法,其特征在于,适用于权利要求1所述系统中的备份服务器,所述方法包括: 16. A method for preventing tampering of server data, characterized in that it is applicable to the backup server in the system according to claim 1, said method comprising: 接收用户修改指令或向主服务器发送运行情况信息; Receive user modification instructions or send operating status information to the main server; 若接收用户修改指令,则判断发送端是否是固定主机,如果是,则根据用户修改指令进行修改,记录修改时间及操作类型,并返回确认信息,否则确认为非法访问,并记录非法访问次数及非法访问信息; If the user modification instruction is received, it is judged whether the sending end is a fixed host, if yes, it is modified according to the user modification instruction, the modification time and operation type are recorded, and a confirmation message is returned, otherwise it is confirmed as illegal access, and the number of illegal access and the number of illegal access are recorded. Unlawful access to information; 若向主服务器发送运行情况信息,则接收主服务器发送的修改信息,并判断发送端是否是主服务器,如果是,则根据主服务器发送的修改信息进行文件修改,否则确认为非法访问,并记录非法访问次数及非法访问信息。 If the operation status information is sent to the main server, it will receive the modification information sent by the main server, and judge whether the sending end is the main server, if so, modify the file according to the modification information sent by the main server, otherwise it will be confirmed as illegal access, and record Number of illegal visits and information on illegal visits. 17.如权利要求16所述的方法,其特征在于,当非法访问次数大于预设值时,产生报警信号。 17. The method according to claim 16, wherein an alarm signal is generated when the number of illegal accesses is greater than a preset value. 18.如权利要求16所述的方法,其特征在于,所述的非法访问信息至少包括:访问主机名称、IP地址及操作类型。 18. The method according to claim 16, wherein the illegal access information at least includes: access host name, IP address and operation type. 19.如权利要求16所述的方法,其特征在于,所述的运行情况信息至少包括: 19. The method according to claim 16, characterized in that, the operation information at least includes: 备份服务器主要文件的MD5信息和运行进程名称及数目。 The MD5 information of the main file of the backup server and the name and number of running processes. 20.一种备份服务器设备,其特征在于,适用于权利要求1所述的系统,所述设备包括: 20. A backup server device, characterized in that it is suitable for the system according to claim 1, said device comprising: 接收模块,用于接收用户修改指令及主服务器发送的修改信息; The receiving module is used to receive user modification instructions and modification information sent by the main server; 固定主机及主服务器验证模块,用于当接收用户修改指令或主服务器发送的修改信息时,判断发送端是否是固定主机或主服务器,如果是固定主机,则进入修改模块,如果是主服务器,则进入主服务器修改模块,否则确认为非法访问; The fixed host and main server verification module is used to determine whether the sending end is a fixed host or a main server when receiving user modification instructions or modification information sent by the main server. If it is a fixed host, enter the modification module. If it is the main server, Then enter the main server to modify the module, otherwise it is confirmed as illegal access; 记录模块,用于记录修改时间及操作类型及非法访问次数和非法访问信息; Recording module, used to record modification time and operation type, illegal access times and illegal access information; 修改模块,用于根据用户修改指令进行修改,并返回确认信息; The modification module is used to modify according to the user modification instruction and return confirmation information; 安全上报模块,用于向主服务器发送运行情况信息; A security reporting module, used to send operating information to the main server; 主服务器修改模块,用于接收主服务器发送的修改信息,根据主服务器发送的修改信息进行文件修改。 The main server modification module is configured to receive the modification information sent by the main server, and modify the file according to the modification information sent by the main server. 21.如权利要求20所述的设备,其特征在于,还包括报警模块,用于当非法访问次数大于预设值时,产生报警信号。 21. The device according to claim 20, further comprising an alarm module, configured to generate an alarm signal when the number of times of illegal access is greater than a preset value.
CN201110447094.3A 2011-12-28 2011-12-28 The system preventing server data from distorting, method and apparatus Expired - Fee Related CN102801699B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201110447094.3A CN102801699B (en) 2011-12-28 2011-12-28 The system preventing server data from distorting, method and apparatus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201110447094.3A CN102801699B (en) 2011-12-28 2011-12-28 The system preventing server data from distorting, method and apparatus

Publications (2)

Publication Number Publication Date
CN102801699A CN102801699A (en) 2012-11-28
CN102801699B true CN102801699B (en) 2015-07-29

Family

ID=47200665

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201110447094.3A Expired - Fee Related CN102801699B (en) 2011-12-28 2011-12-28 The system preventing server data from distorting, method and apparatus

Country Status (1)

Country Link
CN (1) CN102801699B (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105825124A (en) * 2015-01-06 2016-08-03 中国移动通信集团广西有限公司 Server illegal operation monitoring method and monitoring system
CN106302806B (en) 2016-09-13 2019-10-25 腾讯科技(深圳)有限公司 A kind of method of data synchronization, system, synchronous obtaining method and relevant apparatus
CN106407049B (en) * 2016-10-14 2021-05-28 惠州Tcl移动通信有限公司 Method and system for judging whether chip setting is interfered by mobile terminal
CN111159292A (en) * 2019-12-20 2020-05-15 深圳前海微众银行股份有限公司 Data storage method and device
CN112218173A (en) * 2020-10-13 2021-01-12 广州欢网科技有限责任公司 Smart television user information protection method, device, equipment and storage medium
CN112532590B (en) * 2020-11-06 2022-11-29 北京冠程科技有限公司 Software security boundary system and method
CN116319099A (en) * 2023-05-22 2023-06-23 威海海洋职业学院 Multi-terminal financial data management method and system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1494022A (en) * 2002-10-30 2004-05-05 华为技术有限公司 A Method of Accessing Database Through Protocol Proxy
CN1858738A (en) * 2006-02-15 2006-11-08 华为技术有限公司 Method and device for access data bank
CN101330474A (en) * 2007-06-22 2008-12-24 鸿富锦精密工业(深圳)有限公司 System and method for managing and controlling consumer authority
CN101494651A (en) * 2009-02-11 2009-07-29 江苏敏捷科技股份有限公司 Method for active backup of data

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101894094B (en) * 2009-05-21 2014-10-15 鸿富锦精密工业(深圳)有限公司 Client management system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1494022A (en) * 2002-10-30 2004-05-05 华为技术有限公司 A Method of Accessing Database Through Protocol Proxy
CN1858738A (en) * 2006-02-15 2006-11-08 华为技术有限公司 Method and device for access data bank
CN101330474A (en) * 2007-06-22 2008-12-24 鸿富锦精密工业(深圳)有限公司 System and method for managing and controlling consumer authority
CN101494651A (en) * 2009-02-11 2009-07-29 江苏敏捷科技股份有限公司 Method for active backup of data

Also Published As

Publication number Publication date
CN102801699A (en) 2012-11-28

Similar Documents

Publication Publication Date Title
CN102801699B (en) The system preventing server data from distorting, method and apparatus
CN110263585B (en) Test supervision method, device, equipment and storage medium
CN108429638B (en) Server operation and maintenance method, device and system and electronic equipment
US9998464B2 (en) Storage device security system
CN108322461B (en) Method, system, device, equipment and medium for automatically logging in application program
CN103201746B (en) Techniques for secure managed provisioning at a data storage device
US8473752B2 (en) Apparatus, system, and method for auditing access to secure data
JP2016512411A (en) Automatic detection of unauthorized digital certificates
TW201939337A (en) Behavior recognition, data processing method and apparatus
CN105075223B (en) Tracking application usage in computing environments
CN102739774B (en) Method and system for obtaining evidence under cloud computing environment
EP4462723A2 (en) System and methods for tamper proof interaction recording and timestamping
CN110324416B (en) Download path tracking method, device, server, terminal and medium
US20140096260A1 (en) Systems and methods to provide secure storage
CN108027856B (en) Use the Trusted Platform Module to build real-time indicators of attack information
US20180063166A1 (en) Rootkit detection system and method
CN115664772A (en) Access request processing method and device, computer equipment and storage medium
JP2008257279A (en) Integrity enhancement method for file system
WO2016068996A1 (en) Security record transfer in a computing system
US11928691B2 (en) Method and system for managing warranty claims associated with information handling systems
CN103368926A (en) Method for preventing file tampering and device for preventing file manipulation
CN119396421B (en) Trusted DCS system trusted function installation method and related device
CN112948771B (en) Authority verification method and device, readable storage medium and electronic equipment
CN113572716B (en) Equipment detection method and system
JP6253168B2 (en) Improved tamper resistance of aggregated data

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C53 Correction of patent of invention or patent application
CB02 Change of applicant information

Address after: 100080 Haidian District City, Zhongguancun, the main street, No. 1 Hailong building, room 1415, room 14

Applicant after: Beijing Antiy Electronic Equipment Co.,Ltd.

Address before: 100084, 2B-521, bright city, No. 1, Nongda South Road, Beijing, Haidian District

Applicant before: Beijing Antiy Electronic Equipment Co.,Ltd.

C14 Grant of patent or utility model
GR01 Patent grant
CP03 Change of name, title or address

Address after: 100080 Beijing city Haidian District minzhuang Road No. 3, Tsinghua Science Park Building 1 Yuquan Huigu a

Patentee after: BEIJING ANTIY NETWORK TECHNOLOGY Co.,Ltd.

Address before: 100080 Haidian District City, Zhongguancun, the main street, No. 1 Hailong building, room 1415, room 14

Patentee before: Beijing Antiy Electronic Equipment Co.,Ltd.

CP03 Change of name, title or address
PE01 Entry into force of the registration of the contract for pledge of patent right

Denomination of invention: System, method and equipment for preventing data tampering of server

Effective date of registration: 20170821

Granted publication date: 20150729

Pledgee: CITIC Bank Harbin branch

Pledgor: BEIJING ANTIY NETWORK TECHNOLOGY Co.,Ltd.

Registration number: 2017990000776

PE01 Entry into force of the registration of the contract for pledge of patent right
PC01 Cancellation of the registration of the contract for pledge of patent right

Date of cancellation: 20180817

Granted publication date: 20150729

Pledgee: CITIC Bank Harbin branch

Pledgor: BEIJING ANTIY NETWORK TECHNOLOGY Co.,Ltd.

Registration number: 2017990000776

PC01 Cancellation of the registration of the contract for pledge of patent right
PE01 Entry into force of the registration of the contract for pledge of patent right

Denomination of invention: System, method and equipment for preventing data tampering of server

Effective date of registration: 20180817

Granted publication date: 20150729

Pledgee: CITIC Bank Harbin branch

Pledgor: BEIJING ANTIY NETWORK TECHNOLOGY Co.,Ltd.

Registration number: 2018990000700

PE01 Entry into force of the registration of the contract for pledge of patent right
PC01 Cancellation of the registration of the contract for pledge of patent right

Date of cancellation: 20191021

Granted publication date: 20150729

Pledgee: CITIC Bank Harbin branch

Pledgor: BEIJING ANTIY NETWORK TECHNOLOGY Co.,Ltd.

Registration number: 2018990000700

PC01 Cancellation of the registration of the contract for pledge of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20150729

CF01 Termination of patent right due to non-payment of annual fee