vnc登陆口令猜解研究pc软件 文章资讯 手机软件

您当前的位置→图文中心安全防范vnc登陆口令猜解研究

vnc登陆口令猜解研究


2009/6/30  编辑:佚名 来源:本站整理

vnc所有帐号登陆的时候:  1.加入ip到一个列表(黑名单), 并记录时间, 就在这个时间上+10s钟作为下一次连载拒绝时间。   2.登陆次数限制, 如果失败超过5次, 则加入黑名党, 再等10s后才能登陆。     请 ...

  vnc所有帐号登陆的时候:
  1.加入ip到一个列表(黑名单), 并记录时间, 在这个时间上+10s钟作为下一次连接拒绝时间。
  2.登陆次数限制, 如果失败超过5次, 则加入黑名党, 再等10s后才能登陆。
  
  请看下面代码:
  void
  vncServer::AddAuthHostsBlacklist(const char *machine)
  {
  omni_mutex_lock l(m_clientsLock);
  // -=- Is the specified host blacklisted?
  vncServer::BlacklistEntry *current = m_blacklist;
  // Get the current time as a 64-bit value
  SYSTEMTIME      systime;
  FILETIME      ftime;
  LARGE_INTEGER     now;
  GetSystemTime(&systime);
  SystemTimeToFileTime(&systime, &ftime);
  now.LowPart=ftime.dwLowDateTime;now.HighPart=ftime.dwHighDateTime;
  now.QuadPart /= 10000000; // Convert it into seconds
  while (current)
  {
  // Is this the entry we're interested in?
  if (_stricmp(current->_machineName, machine) == 0)
  {
  // If the host is already blocked then ignore
  if (current->_blocked)
  return;
  // Set the RefTime & failureCount
  current->_lastRefTime.QuadPart = now.QuadPart + 10;
  current->_failureCount++;
  if (current->_failureCount > 5)
  current->_blocked = TRUE;
  判定函数代码:
  while (current)
  {
  // Has the blacklist entry timed out?
  if ((now.QuadPart - current->_lastRefTime.QuadPart) > 0) {////当前时间超过隔离时间?即如果10s钟后
  // Yes. Is it a "blocked" entry?
  if (current->_blocked)
  {
  // Yes, so unblock it & re-set the reference time
  current->_blocked = FALSE;   ///超过10s, 解除黑名单
  current->_lastRefTime.QuadPart = now.QuadPart + 10;
  } else
  {
  // No, so remove it
  if (previous)
  previous->_next = current->_next;
  else
  m_blacklist = current->_next;
  vncServer::BlacklistEntry *next = current->_next;
  free(current->_machineName);
  delete current;
  current = next;
  continue;
  }
  
  }
  
  // Is this the entry we're interested in?
  if ((_stricmp(current->_machineName, hostname) == 0) &&/////比较是否再黑名单里面
  (current->_blocked))
  {
  // Machine is blocked, so just reject it
  vnclog.Print(LL_CONNERR, VNCLOG("client %s rejected due to blacklist entry\n"), hostname);
  
  return vncServer::aqrReject;
  }
  
  previous = current;
  current = current->_next;
  }
  
  // Has a hostname been specified?
  if (hostname == 0) {
  vnclog.Print(LL_INTWARN, VNCLOG("verify failed - null hostname\n"));
  return vncServer::aqrReject;
  }
  
  ==================
  上面原因决定了vnc弱口令扫描的特点:
  1.密码最多只能超过5次出错, 之后就一定会被锁定, 有请求需要10s钟解锁。
  2.出错超过5次后每猜解一个密码, 都会被锁定, 所以后面的密码猜解非常慢(每一个隔10s)。

相关文章
  • vnc登陆口令猜解研究
  • 全球10大IT中心排行榜(Vnunet 2009)
  • 发表评论
    阅读排行
    相关热门
    网站帮助 - 广告合作 - 下载声明 - 网站地图