明辉站/杀毒教程/内容

vnc登陆口令猜解研究

杀毒教程2023-05-21 阅读
[摘要]vnc所有帐号登陆的时候:  1.加入ip到一个列表(黑名单), 并记录时间, 在这个时间上+10s钟作为下一次连接拒绝时间。   2.登陆次数限制, 如果失败超过5次, 则加入黑名党, 再等10s后才能登陆。     请 ...  vnc所有帐号登陆的时候:   1.加入ip到一个列表(黑...

vnc所有帐号登陆的时候:  1.加入ip到一个列表(黑名单), 并记录时间, 在这个时间上+10s钟作为下一次连接拒绝时间。   2.登陆次数限制, 如果失败超过5次, 则加入黑名党, 再等10s后才能登陆。     请 ...

  vnc所有帐号登陆的时候:

  1.加入ip到一个列表(黑名单), 并记录时间, 在这个时间上+10s钟作为下一次连接拒绝时间。

  2.登陆次数限制, 如果失败超过5次, 则加入黑名党, 再等10s后才能登陆。

  

  请看下面代码:

  void

  vncServer::AddAuthHostsBlacklist(const char *machine)

  {

  omni_mutex_lock l(m_clientsLock);

  // -=- Is the specified host blacklisted?

  vncServer::BlacklistEntry *current = m_blacklist;

  // Get the current time as a 64-bit value

  SYSTEMTIME      systime;

  FILETIME      ftime;

  LARGE_INTEGER     now;

  GetSystemTime(&systime);

  SystemTimeToFileTime(&systime, &ftime);

  now.LowPart=ftime.dwLowDateTime;now.HighPart=ftime.dwHighDateTime;

  now.QuadPart /= 10000000; // Convert it into seconds

  while (current)

  {

  // Is this the entry we're interested in?

  if (_stricmp(current->_machineName, machine) == 0)

  {

  // If the host is already blocked then ignore

  if (current->_blocked)

  return;

  // Set the RefTime & failureCount

  current->_lastRefTime.QuadPart = now.QuadPart + 10;

  current->_failureCount++;

  if (current->_failureCount > 5)

  current->_blocked = TRUE;

  判定函数代码:

  while (current)

  {

  // Has the blacklist entry timed out?

  if ((now.QuadPart - current->_lastRefTime.QuadPart) > 0) {////当前时间超过隔离时间?即如果10s钟后

  // Yes. Is it a "blocked" entry?

  if (current->_blocked)

  {

  // Yes, so unblock it & re-set the reference time

  current->_blocked = FALSE;   ///超过10s, 解除黑名单

  current->_lastRefTime.QuadPart = now.QuadPart + 10;

  } else

  {

  // No, so remove it

  if (previous)

  previous->_next = current->_next;

  else

  m_blacklist = current->_next;

  vncServer::BlacklistEntry *next = current->_next;

  free(current->_machineName);

  delete current;

  current = next;

  continue;

  }

  

  }

  

  // Is this the entry we're interested in?

  if ((_stricmp(current->_machineName, hostname) == 0) &&/////比较是否再黑名单里面

  (current->_blocked))

  {

  // Machine is blocked, so just reject it

  vnclog.Print(LL_CONNERR, VNCLOG("client %s rejected due to blacklist entry\n"), hostname);

  

  return vncServer::aqrReject;

  }

  

  previous = current;

  current = current->_next;

  }

  

  // Has a hostname been specified?

  if (hostname == 0) {

  vnclog.Print(LL_INTWARN, VNCLOG("verify failed - null hostname\n"));

  return vncServer::aqrReject;

  }

  

  ==================

  以上原因决定了vnc弱口令扫描的特点:

  1.密码最多只能超过5次出错, 然后就会被锁定, 需要10s钟解锁。

  2.出错超过5次后每猜解一个密码, 都会被锁定, 所以后面的密码猜解非常慢(每一个隔10s)。


上面是电脑上网安全的一些基础常识,学习了安全知识,几乎可以让你免费电脑中毒的烦扰。

……

相关阅读