摘要
为了定位Web服务器并对其流量行为进行分析,提出了一个以网络边界路由器提供的流记录为分析数据源,定位网内HTTP80端口服务主机的算法.算法实现在了CERNET南京主节点所覆盖的网络.对算法的检测结果用传统的扫描定位方式进行了检验,结果表明:本算法只须探测全网3%左右的IP地址空间,便可成功定位超过98%的HTTP80服务器.根据算法执行过程中获得的信息,还可以检测分析网络中的一些安全隐患,包括定位使用Web服务器缺省首页的主机和存在80端口滥用情况的主机等.该算法还具有较好的通用性,调整有关检测条件后可以用于包括DNS在内的其他服务器的角色定位.
In order to locate web servers in a network and analyze their traffic behavior,a HTTP server of port 80 locating algorithm was proposed with the help of IP flow information provided by the boundary routers of the same network.The algorithm was implemented on CERNET(China Education and Research Network)Nanjing Node.The result shows that only about 3%IP space should be detected,where over 98% of HTTP80 servers can be located.During the process,some other information can be used for locating potential safety hazards also,such as the misuse of a web server′s default page and port 80 abuses.The idea of the algorithm can also be used for locating other kinds of server,such as DNS server.
作者
丁伟
洪沿
夏震
Ding Wei Hong Yan Xia Zhen(School of Computer Science and Engineering, Southeast University, Nanjing 211189, China)
出处
《华中科技大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2016年第11期34-38,共5页
Journal of Huazhong University of Science and Technology(Natural Science Edition)
基金
国家自然科学基金资助项目(61602114)