摘要
针对传统网站存在的静态验证码易过期、个人验证缺少限制等问题,通过动态验证码、短信验证、语音验证等形式对该网站进行验证登录,并采用对失败登录次数进行限定的方式,有效防止不法分子侵袭,能及时、有效地防御暴力破解攻击。利用SDN技术及BGP Flow Specification策略等核心内容进行自动封堵限速系统的建立。通过对骨干网46个核心路由器的Net Flow信息进行采集,该方式有利于在最短时间内完成对攻击流量进行分析与告警,并利用Syslog方式将告警信息发送给自动封堵限速系统,以此实现自动策略的下发。
The traditional Web static verification code is easy to be expired,personal verification problems is lack of restrictions,the paper applies dynamic authentication code,voice message validation,voice verification to authenticate the Website login,and adopt the way to restrict the number of failed login.The method effectively prevents the lawless elements,can timely and effectively defense brute force attack.It uses SDN technology and BGP Flow Specification strategy to establish automatic blocking speed limit system.Net Flow information of 46 core routers on the backbone network is collected to analyze and alarm attack traffic in very short time.Alarms are sent to the automatic blocking and limiting system in Syslog mode to deliver automatic policies.
作者
赵娟
ZHAO Juan(Vocational Education Center,Shangluo Vocational and Technical College,Shangluo 726000,China)
出处
《微型电脑应用》
2023年第7期128-131,共4页
Microcomputer Applications
关键词
网站
暴力破解攻击
自动封堵限速
攻击告警
website
brute force attacks
automatic blocking speed limit
attack the alarm
