[go: up one dir, main page]

TWI815523B - Remote login method - Google Patents

Remote login method Download PDF

Info

Publication number
TWI815523B
TWI815523B TW111124133A TW111124133A TWI815523B TW I815523 B TWI815523 B TW I815523B TW 111124133 A TW111124133 A TW 111124133A TW 111124133 A TW111124133 A TW 111124133A TW I815523 B TWI815523 B TW I815523B
Authority
TW
Taiwan
Prior art keywords
login
control unit
management control
baseboard management
time
Prior art date
Application number
TW111124133A
Other languages
Chinese (zh)
Other versions
TW202402018A (en
Inventor
施雅文
Original Assignee
神雲科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 神雲科技股份有限公司 filed Critical 神雲科技股份有限公司
Priority to TW111124133A priority Critical patent/TWI815523B/en
Application granted granted Critical
Publication of TWI815523B publication Critical patent/TWI815523B/en
Publication of TW202402018A publication Critical patent/TW202402018A/en

Links

Images

Landscapes

  • Information Transfer Between Computers (AREA)
  • Coloring Foods And Improving Nutritive Qualities (AREA)

Abstract

A remote login method, executed by a baseboard management control unit of a computer device, comprising the following steps: (A) receiving a login request; (B) determining whether the login is successful according to the login request; (C) When it is determined that step (B) is positive, the baseboard management control unit resets a number of failed logins and a cumulative time of failed logins; (D) when it is determined that step (B) is negative, the baseboard management control unit determines whether the number of failed logins is greater than or equal to a preset value; (E) when it is determined that step (D) is negative, the baseboard management control unit updates the number of failed logins and the accumulated time of failed logins; (F) when it is determined that step (D) is positive, the baseboard management control unit determines whether the accumulated time of failed logins is less than or equal to t preset time; (G) when it is determined that step (F) is negative, the baseboard management control unit resets the number of failed logins and the accumulated time of failed logins; and (H) when it is determined that step (F) is positive, the baseboard management control unit locks the remote login.

Description

遠端登入方法Remote login method

本發明是有關於一種登入方法,特別是指一種遠端登入方法。The present invention relates to a login method, in particular to a remote login method.

現有的資訊科技人員經常透過網路以遠端的方式來管理及控制伺服器,但由於伺服器連接網路,伺服器也暴露在駭客攻擊的範圍下,其中駭客最常以分散式阻斷服務攻擊(distributed denial-of-service attack, DDoS攻擊),通過大量合法或偽造的請求占用大量的網路及系統資源,使目標伺服器的網路或系統資源耗盡,服務暫時中斷或停止,導致伺服器的使用者無法存取。Existing information technology personnel often manage and control servers remotely through the Internet. However, because the servers are connected to the Internet, the servers are also exposed to hacker attacks. Among them, hackers most often use distributed blocking. Distributed denial-of-service attack (DDoS attack) uses a large number of legitimate or forged requests to occupy a large amount of network and system resources, causing the target server's network or system resources to be exhausted, and the service to be temporarily interrupted or stopped. , rendering the server inaccessible to users.

由於伺服器中的基板管理控制器(Baseboard Management Controller, BMC)的對談(session) 沒有阻擋外部多個裝置同時對BMC進行存取(access)功能,因此BMC有潛在被DDoS攻擊的疑慮。Since the session of the Baseboard Management Controller (BMC) in the server does not prevent multiple external devices from accessing the BMC at the same time, the BMC is potentially vulnerable to DDoS attacks.

根據支付卡產業聯盟(Payment Card Industry ,PCI)/產品安全標準(PIN Transaction Security, PTS)第5版的B10規範中,規定在一小時內最多只能取得120次的ISO format 0加密後的PIN BLOCK,以避免駭客藉由攔截大量的PIN BLOCK封包(固定金鑰加密後的封包),從中解析出金鑰資訊來獲得使用者的PIN CODE(未加密的明碼資料)內容。According to the Payment Card Industry Alliance (PCI)/Product Security Standard (PIN Transaction Security, PTS) version 5 B10 specification, it is stipulated that only 120 ISO format 0 encrypted PINs can be obtained within an hour. BLOCK to prevent hackers from intercepting a large number of PIN BLOCK packets (packets encrypted with a fixed key) and parsing the key information to obtain the user's PIN CODE (unencrypted clear data) content.

目前BMC是參考B10規範中的做法,每次登入失敗則必須等待一段時間,降低網路攻擊的次數。詳細而言,現有的做法為每次遠端登入失敗後必須等待30秒鐘,如此一小時最多只會被登入120次。Currently, BMC refers to the practice in the B10 specification. Each time a login fails, you must wait for a period of time to reduce the number of network attacks. Specifically, the current practice is to wait for 30 seconds after each remote login failure, so that a maximum of 120 logins can occur in an hour.

然而,每次登入失敗後皆需等待30秒鐘非常的不方便。However, it is very inconvenient to have to wait 30 seconds after each failed login.

因此,本發明的目的,即在提供一種重複登入不需要等待且能防止駭客攻擊的遠端登入方法。Therefore, the purpose of the present invention is to provide a remote login method that does not require waiting for repeated login and can prevent hacker attacks.

於是,本發明遠端登入方法,由一電腦裝置執行,該電腦裝置包括一通訊單元、一儲存單元及一電連接該通訊單元及該儲存單元的基板管理控制單元,該通訊單元經由一通訊網路連接一使用端,該儲存單元儲存有一帳號密碼資料、一登入失敗次數,及一登入失敗累計時間,該方法包含一步驟(A)、一步驟(B)、一步驟(C)、一步驟(D)、一步驟(E)、一步驟(F)、一步驟(G),及一步驟(H)。Therefore, the remote login method of the present invention is executed by a computer device. The computer device includes a communication unit, a storage unit and a base management control unit electrically connected to the communication unit and the storage unit. The communication unit passes through a communication network. Connected to a client, the storage unit stores an account and password information, a number of failed logins, and a cumulative failed login time. The method includes one step (A), one step (B), one step (C), and one step ( D), one step (E), one step (F), one step (G), and one step (H).

在該步驟(A)中,該基板管理控制單元經由該通訊單元接收一來自該使用端且包括一帳號密碼資訊的登入請求。In the step (A), the baseboard management control unit receives a login request from the client including an account and password information through the communication unit.

在該步驟(B)中,該基板管理控制單元根據該登入請求的該帳號密碼資訊及該帳號密碼資料判定是否登入成功。In step (B), the baseboard management control unit determines whether the login is successful based on the account password information and the account password data of the login request.

在該步驟(C)中,當判定出登入成功時,該基板管理控制單元重置該登入失敗次數及該登入失敗累計時間。In step (C), when it is determined that login is successful, the baseboard management control unit resets the number of login failures and the accumulated login failure time.

在該步驟(D)中,當判定出登入失敗時,該基板管理控制單元判定該登入失敗次數是否大於等於一預設值。In step (D), when it is determined that login fails, the baseboard management control unit determines whether the number of failed logins is greater than or equal to a preset value.

在該步驟(E)中,當判定出該登入失敗次數小於該預設值時,該基板管理控制單元更新該登入失敗次數及該登入失敗累計時間。In step (E), when it is determined that the number of failed logins is less than the preset value, the baseboard management control unit updates the number of failed logins and the accumulated time of failed logins.

在該步驟(F)中,當判定出該登入失敗次數大於等於該預設值時,該基板管理控制單元判定該登入失敗累計時間是否小於等於一預設時間。In step (F), when it is determined that the number of failed logins is greater than or equal to the preset value, the baseboard management control unit determines whether the accumulated time of failed logins is less than or equal to a preset time.

在該步驟(G)中,當判定出該登入失敗累計時間大於該預設時間時,該基板管理控制單元重置該登入失敗次數及該登入失敗累計時間。In step (G), when it is determined that the cumulative login failure time is greater than the preset time, the baseboard management control unit resets the login failure count and the login failure cumulative time.

在該步驟(H)中,當判定出該登入失敗累計時間小於等於該預設時間時,該基板管理控制單元將遠端登入上鎖。In this step (H), when it is determined that the accumulated login failure time is less than or equal to the preset time, the baseboard management control unit locks the remote login.

本發明的功效在於:藉由該基板管理控制單元在判定出該登入失敗次數大於等於該預設值且該登入失敗累計時間小於等於該預設時間前,不需要等待時間能連續登入,並在判定出該登入失敗次數大於等於該預設值且該登入失敗累計時間小於等於該預設時間後,將遠端登入上鎖,符合B10規範,以防止駭客攻擊。The effect of the present invention is: before the baseboard management control unit determines that the number of failed logins is greater than or equal to the preset value and the accumulated time of failed logins is less than or equal to the preset time, it can log in continuously without waiting time, and After it is determined that the number of failed logins is greater than or equal to the preset value and the accumulated time of failed logins is less than or equal to the preset time, the remote login is locked, complying with the B10 specification to prevent hacker attacks.

在本發明被詳細描述的前,應當注意在以下的說明內容中,類似的元件是以相同的編號來表示。Before the present invention is described in detail, it should be noted that similar elements are represented by the same numbers in the following description.

參閱圖1,說明用來實施本發明遠端登入方法的一實施例的一電腦裝置11,包括一儲存單元111、一通訊單元112,及一電連接該儲存單元111及該通訊單元112的基板管理控制單元113,該通訊單元112由一通訊網路12一使用端13。該儲存單元111儲存有一帳號密碼資料、一登入失敗次數、一登入失敗累計時間,及一狀態旗標,該登入失敗次數初始為0,該登入失敗累計時間初始為0,該狀態旗標的一旗標值是一指示出遠端登入上鎖的第一預定值,及一異於該第一預定值並指示出遠端登入未上鎖的第二預定值的其中一者。該電腦裝置11例如為一伺服器,該基板管理控制單元113例如為基板管理控制器,該通訊網路12例如為網際網路(internet),該使用端13例如為一個人電腦或一筆記型電腦,但不以此為限。Referring to Figure 1, a computer device 11 used to implement an embodiment of the remote login method of the present invention is illustrated, including a storage unit 111, a communication unit 112, and a substrate electrically connected to the storage unit 111 and the communication unit 112. Management control unit 113, the communication unit 112 consists of a communication network 12 and a client 13. The storage unit 111 stores an account password information, a number of failed logins, a cumulative time of failed logins, and a status flag. The number of failed logins is initially 0, the cumulative time of failed logins is initially 0, and a flag of the status flag. The flag value is one of a first predetermined value indicating that remote login is locked, and a second predetermined value that is different from the first predetermined value and indicates that remote login is unlocked. The computer device 11 is, for example, a server, the baseboard management control unit 113 is, for example, a baseboard management controller, the communication network 12 is, for example, the Internet, and the client 13 is, for example, a personal computer or a laptop. But it is not limited to this.

參閱圖1、2,本發明遠端登入方法的該實施例,以下將說明該實施例所包含之步驟。Referring to Figures 1 and 2, this embodiment of the remote login method of the present invention is shown. The steps included in this embodiment will be described below.

在步驟201中,該基板管理控制單元113經由該通訊單元112接收一來自該使用端13且包括一帳號密碼資訊的登入請求。In step 201 , the baseboard management control unit 113 receives a login request from the client 13 including an account and password information via the communication unit 112 .

在步驟202中,該基板管理控制單元113判定遠端登入是否上鎖。當該基板管理控制單元113判定出遠端登入上鎖時,流程進行步驟203;而當該基板管理控制單元113判定出遠端登入未上鎖時,則流程進行步驟206。In step 202, the baseboard management control unit 113 determines whether the remote login is locked. When the baseboard management control unit 113 determines that the remote login is locked, the process proceeds to step 203; and when the baseboard management control unit 113 determines that the remote login is not locked, the process proceeds to step 206.

值得注意的是,在本實施例中,該基板管理控制單元113判定該狀態旗標的該旗標值是否為該第一預定值,以判定遠端登入是否上鎖,但不以此為限。It is worth noting that in this embodiment, the baseboard management control unit 113 determines whether the flag value of the status flag is the first predetermined value to determine whether remote login is locked, but is not limited to this.

在步驟203中,該基板管理控制單元113判定是否接收到一相關於本地登入產生的解鎖指令。當該基板管理控制單元113判定出未接收到該解鎖指令時,流程進行步驟204;而當該基板管理控制單元113判定出接收到該解鎖指令時,則流程進行步驟205。In step 203, the baseboard management control unit 113 determines whether an unlocking instruction related to local login is received. When the substrate management control unit 113 determines that the unlocking instruction is not received, the process proceeds to step 204; and when the substrate management control unit 113 determines that the unlocking instruction is received, the process proceeds to step 205.

值得注意的是,在本實施例中,使用者必須在本地端登入成功後才能產生該解鎖指令,但不以此為限。It is worth noting that in this embodiment, the user must successfully log in locally before generating the unlocking command, but this is not a limitation.

在步驟204中,該基板管理控制單元113經由該通訊單元112傳送一指示出需要本地登入以進行解鎖的警告訊息至該使用端12,並重複執行步驟201。In step 204, the baseboard management control unit 113 sends a warning message indicating that local login is required for unlocking to the client 12 via the communication unit 112, and repeats step 201.

要特別注意的是,在其他實施方式中,可不包含步驟204,即在步驟203判定出未接收到該解鎖指令後,可直接重複執行步驟201,但不以此為限。It should be noted that in other implementations, step 204 may not be included. That is, after step 203 determines that the unlocking instruction is not received, step 201 may be directly repeated, but is not limited to this.

在步驟205中,該基板管理控制單元113將該狀態旗標的該旗標值更新為該第二預定值。In step 205, the substrate management control unit 113 updates the flag value of the status flag to the second predetermined value.

在步驟206中,該基板管理控制單元113根據該登入請求的該帳號密碼資訊及該帳號密碼資料判定是否登入成功。當該基板管理控制單元113判定出登入成功時,流程進行步驟207;而當該基板管理控制單元113判定出登入不成功時,則流程進行步驟208。In step 206, the substrate management control unit 113 determines whether the login is successful based on the account password information and the account password data of the login request. When the substrate management control unit 113 determines that the login is successful, the process proceeds to step 207; and when the substrate management control unit 113 determines that the login is unsuccessful, the process proceeds to step 208.

在步驟207中,該基板管理控制單元113重置該登入失敗次數及該登入失敗累計時間,即該基板管理控制單元113將該登入失敗次數及該登入失敗累計時間重置為初始值,並重複步驟201。In step 207, the baseboard management control unit 113 resets the number of login failures and the accumulated time of login failures, that is, the baseboard management control unit 113 resets the number of failed logins and the accumulated time of login failures to their initial values, and repeats Step 201.

要特別注意的是,當該基板管理控制單元113判定出登入成功時,該基板管理控制單元的智慧型平台管理介面(Intelligent Platform Management Interface, IPMI)基於區域網串行(Serial Over LAN, SOL)功能,將串行埠(serial port) 轉到區域網路埠(LAN port),該使用端13能透過區域網路操控該電腦裝置11。It should be noted that when the baseboard management control unit 113 determines that the login is successful, the Intelligent Platform Management Interface (IPMI) of the baseboard management control unit is based on Serial Over LAN (SOL). The function is to transfer the serial port to the LAN port, so that the client 13 can control the computer device 11 through the LAN.

在步驟208中,該基板管理控制單元113判定該登入失敗次數是否大於等於一預設值。當該基板管理控制單元113判定出小於該預設值時,流程進行步驟209;而當該基板管理控制單元113判定出大於等於該預設值時,則流程進行步驟210。In step 208, the baseboard management control unit 113 determines whether the number of login failures is greater than or equal to a preset value. When the substrate management control unit 113 determines that it is less than the preset value, the process proceeds to step 209; and when the substrate management control unit 113 determines that it is greater than or equal to the preset value, the process proceeds to step 210.

值得注意的是,在本實施例中,該預設值為120,但不以此為限。It is worth noting that in this embodiment, the default value is 120, but it is not limited to this.

在步驟209中,該基板管理控制單元113更新該登入失敗次數及該登入失敗累計時間,並重複執行步驟201。In step 209, the baseboard management control unit 113 updates the number of failed logins and the accumulated time of failed logins, and repeats step 201.

值得注意的是,在本實施例中,該基板管理控制單元113將該登入失敗累計時間加上一相關於進行單次登入的單次統計時間,以更新該登入失敗累計時間,並將該登入失敗次數加一,以更新該登入失敗次數,其中該單次統計時間為一相關於在該登入失敗次數減一時執行步驟208的第一時間點到一相關於在該登入失敗次數時執行步驟208的第二時間點,其中若為第一次執行流程至步驟209時,由於沒有更新過該登入失敗累計時間,因此該登入失敗累計時間為初始值。換句話說,該登入失敗累計時間指的是多次執行步驟208的第一時間點到第二時間點之累計時間。當208步驟為否時,流程進行209步驟,亦即此時使用者持續登入並持續累積上一次執行步驟208的第一時間點到本次執行步驟208的第二時間點之累計時間。It is worth noting that, in this embodiment, the baseboard management control unit 113 adds a single statistical time related to a single login to the accumulated failed login time to update the accumulated failed login time, and adds the accumulated login time to the accumulated failed login time. The number of failed logins is increased by one to update the number of failed logins, where the single statistical time is from one relative to the first time point when step 208 is executed when the number of failed logins is reduced by one to one relevant to execution of step 208 when the number of failed logins is reduced by one. At the second time point, if it is the first time the process is executed to step 209, since the accumulated login failure time has not been updated, the accumulated login failure time is the initial value. In other words, the accumulated login failure time refers to the accumulated time from the first time point to the second time point when step 208 is performed multiple times. When step 208 is No, the process proceeds to step 209, that is, the user continues to log in and continues to accumulate the accumulated time from the first time point of the last execution of step 208 to the second time point of this execution of step 208.

要再注意的是,在其他實施方式中,該單次統計時間亦可為每次執行步驟201到步驟208的時間,不以此為限。It should be noted that in other implementations, the single statistical time can also be the time of each execution of step 201 to step 208, but is not limited to this.

在步驟210中,該基板管理控制單元113判定該登入失敗累計時間是否小於等於一預設時間。當該基板管理控制單元113判定出該登入失敗累計時間大於該預設時間時,流程進行步驟207;而當該基板管理控制單元113判定出該登入失敗累計時間小於等於該預設時間時,則流程進行步驟211。In step 210, the baseboard management control unit 113 determines whether the accumulated login failure time is less than or equal to a preset time. When the baseboard management control unit 113 determines that the accumulated failed login time is greater than the preset time, the process proceeds to step 207; and when the baseboard management control unit 113 determines that the accumulated failed login time is less than or equal to the preset time, then The process proceeds to step 211.

值得注意的是,在本實施例中,該預設時間為3600秒,但不以此為限。It is worth noting that in this embodiment, the preset time is 3600 seconds, but it is not limited to this.

值得一提的是,在步驟208中,當該基板管理控制單元113判定出小於該預設值時,表示可登入次數還沒到達臨界值,若再重新登入,流程可以從步驟201直接執行到步驟206。此外,在步驟210中,當該基板管理控制單元113判定出該登入失敗累計時間大於該預設時間時,表示到達重置該登入失敗次數及該登入失敗累計時間的時間,故在進行步驟207重置該登入失敗次數及該登入失敗累計時間後,若再重新登入,流程亦可以從步驟201直接執行到步驟206。It is worth mentioning that in step 208, when the substrate management control unit 113 determines that it is less than the preset value, it means that the number of times that can be logged in has not reached the critical value. If you log in again, the process can be directly executed from step 201 to Step 206. In addition, in step 210, when the baseboard management control unit 113 determines that the accumulated login failure time is greater than the preset time, it means that the time to reset the number of login failures and the accumulated login failure time is reached, so step 207 is performed. After resetting the number of failed logins and the accumulated time of failed logins, if you log in again, the process can also be directly executed from step 201 to step 206.

在步驟211中,該基板管理控制單元113將遠端登入上鎖,並執行步驟207。In step 211, the baseboard management control unit 113 locks the remote login and executes step 207.

值得注意的是,在本實施例中,該基板管理控制單元113更新該狀態旗標的該旗標值為該第一預定值,以將遠端登入上鎖,但不以此為限。It is worth noting that in this embodiment, the baseboard management control unit 113 updates the flag value of the status flag to the first predetermined value to lock the remote login, but is not limited to this.

綜上所述,本發明遠端登入方法,藉由該基板管理控制單元113在判定出該登入失敗次數大於等於該預設值且該登入失敗累計時間小於等於該預設時間前,不需要等待時間能連續登入,並在判定出該登入失敗次數大於等於該預設值且該登入失敗累計時間小於等於該預設時間後,將遠端登入上鎖,符合B10規範,以防止駭客攻擊,故確實能達成本發明的目的。To sum up, in the remote login method of the present invention, the baseboard management control unit 113 does not need to wait before determining that the number of failed logins is greater than or equal to the preset value and the accumulated time of failed logins is less than or equal to the preset time. You can log in continuously over time, and after it is determined that the number of failed logins is greater than or equal to the preset value and the cumulative time of failed logins is less than or equal to the preset time, the remote login will be locked, complying with the B10 specification to prevent hacker attacks. Therefore, the purpose of the present invention can indeed be achieved.

惟以上所述者,僅為本發明的實施例而已,當不能以此限定本發明實施的範圍,凡是依本發明申請專利範圍及專利說明書內容所作的簡單的等效變化與修飾,皆仍屬本發明專利涵蓋的範圍內。However, the above are only examples of the present invention. They cannot be used to limit the scope of the present invention. All simple equivalent changes and modifications made based on the patent scope of the present invention and the contents of the patent specification are still within the scope of the present invention. within the scope covered by the patent of this invention.

11:電腦裝置 111:儲存單元 112:通訊單元 113:基板管理控制單元 12:通訊網路 13:使用端 201~211:步驟11:Computer device 111:Storage unit 112: Communication unit 113:Baseboard management control unit 12:Communication network 13:User end 201~211: Steps

本發明的其他的特徵及功效,將於參照圖式的實施方式中清楚地呈現,其中: 圖1是一方塊圖,說明用來實施本發明遠端登入方法的一實施例的電腦裝置;及 圖2是一流程圖,說明本發明遠端登入方法的該實施例。 Other features and effects of the present invention will be clearly presented in the embodiments with reference to the drawings, in which: Figure 1 is a block diagram illustrating a computer device used to implement an embodiment of the remote login method of the present invention; and FIG. 2 is a flow chart illustrating the embodiment of the remote login method of the present invention.

201~211:步驟 201~211: Steps

Claims (10)

一種遠端登入方法,由一電腦裝置執行,該電腦裝置包括一通訊單元、一儲存單元及一電連接該通訊單元及該儲存單元的基板管理控制單元,該通訊單元經由一通訊網路連接一使用端,該儲存單元儲存有一帳號密碼資料、一登入失敗次數,及一登入失敗累計時間,該方法包含以下步驟: (A)該基板管理控制單元經由該通訊單元接收一來自該使用端且包括一帳號密碼資訊的登入請求; (B)該基板管理控制單元根據該登入請求的該帳號密碼資訊及該帳號密碼資料判定是否登入成功; (C)當判定出登入成功時,該基板管理控制單元重置該登入失敗次數及該登入失敗累計時間; (D)當判定出登入失敗時,該基板管理控制單元判定該登入失敗次數是否大於等於一預設值; (E)當判定出該登入失敗次數小於該預設值時,該基板管理控制單元更新該登入失敗次數及該登入失敗累計時間; (F)當判定出該登入失敗次數大於等於該預設值時,該基板管理控制單元判定該登入失敗累計時間是否小於等於一預設時間; (G)當判定出該登入失敗累計時間大於該預設時間時,該基板管理控制單元重置該登入失敗次數及該登入失敗累計時間;及 (H)當判定出該登入失敗累計時間小於等於該預設時間時,該基板管理控制單元將遠端登入上鎖。 A remote login method is executed by a computer device. The computer device includes a communication unit, a storage unit and a base management control unit electrically connected to the communication unit and the storage unit. The communication unit is connected to a user through a communication network. At the end, the storage unit stores an account password information, a number of failed logins, and a cumulative failed login time. The method includes the following steps: (A) The baseboard management control unit receives a login request from the client including an account and password information through the communication unit; (B) The baseboard management control unit determines whether the login is successful based on the account password information and the account password information of the login request; (C) When it is determined that the login is successful, the baseboard management control unit resets the number of login failures and the accumulated login failure time; (D) When a login failure is determined, the baseboard management control unit determines whether the number of login failures is greater than or equal to a preset value; (E) When it is determined that the number of login failures is less than the preset value, the baseboard management control unit updates the number of login failures and the accumulated login failure time; (F) When it is determined that the number of failed logins is greater than or equal to the preset value, the baseboard management control unit determines whether the accumulated time of failed logins is less than or equal to a preset time; (G) When it is determined that the accumulated login failure time is greater than the preset time, the baseboard management control unit resets the number of login failures and the accumulated login failure time; and (H) When it is determined that the accumulated login failure time is less than or equal to the preset time, the baseboard management control unit locks the remote login. 如請求項1所述的遠端登入方法,在步驟(A)及步驟(B)之間還包含以下步驟: (I)該基板管理控制單元判定遠端登入是否上鎖; 其中,當該基板管理控制單元判定出遠端登入未上鎖時,進行步驟(B)。 The remote login method described in request item 1 also includes the following steps between step (A) and step (B): (I) The baseboard management control unit determines whether remote login is locked; Wherein, when the baseboard management control unit determines that the remote login is not locked, step (B) is performed. 如請求項2所述的遠端登入方法,該儲存單元還儲存有一狀態旗標,該狀態旗標的一旗標值是一指示出遠端登入上鎖的第一預定值,及一異於該第一預定值並指示出遠端登入未上鎖的第二預定值的其中一者,其中,在步驟(I)中,該基板管理控制單元判定該狀態旗標的該旗標值是否為該第一預定值,以判定遠端登入是否上鎖。According to the remote login method of claim 2, the storage unit also stores a status flag, a flag value of the status flag is a first predetermined value indicating that the remote login is locked, and a flag value different from the The first predetermined value indicates one of the second predetermined values of remote login unlocking, wherein, in step (1), the baseboard management control unit determines whether the flag value of the status flag is the first predetermined value. A predetermined value to determine whether the remote login is locked. 如請求項3所述的遠端登入方法,其中,在步驟(H)中,該基板管理控制單元更新該狀態旗標的該旗標值為該第一預定值,以將遠端登入上鎖。The remote login method according to claim 3, wherein in step (H), the baseboard management control unit updates the flag value of the status flag to the first predetermined value to lock the remote login. 如請求項3所述的遠端登入方法,在步驟(I)之後還包含以下步驟: (J)當判定出該狀態旗標的該旗標值為該第一預定值時,該基板管理控制單元判定是否接收到一相關於本地登入產生的解鎖指令;及 (K)當判定出接收到該解鎖指令時,該基板管理控制單元將該狀態旗標的該旗標值更新為該第二預定值。 The remote login method as described in request item 3 also includes the following steps after step (I): (J) When it is determined that the flag value of the status flag is the first predetermined value, the baseboard management control unit determines whether an unlocking instruction related to local login is received; and (K) When it is determined that the unlocking instruction is received, the baseboard management control unit updates the flag value of the status flag to the second predetermined value. 如請求項5所述的遠端登入方法,在步驟(K)之後還包含以下步驟: (L)當判定出未接收到該解鎖指令時,該基板管理控制單元經由該通訊單元傳送一指示出需要本地登入以進行解鎖的警告訊息至該使用端。 The remote login method as described in request item 5 also includes the following steps after step (K): (L) When it is determined that the unlocking command has not been received, the baseboard management control unit sends a warning message indicating that local login is required for unlocking to the client via the communication unit. 如請求項1所述的遠端登入方法,在步驟(H)之後還包含以下步驟: (M)該基板管理控制單元重置該登入失敗次數及該登入失敗累計時間。 The remote login method as described in request item 1 also includes the following steps after step (H): (M) The baseboard management control unit resets the number of login failures and the accumulated login failure time. 如請求項1所述的遠端登入方法,其中,在步驟(E)中,該基板管理控制單元將該登入失敗累計時間加上一相關於進行單次登入的單次統計時間,以更新該登入失敗累計時間,並將該登入失敗次數加一,以更新該登入失敗次數。The remote login method as described in claim 1, wherein in step (E), the baseboard management control unit adds a single statistical time related to a single login to the accumulated login failure time to update the The accumulated time of failed logins, and the number of failed logins is added by one to update the number of failed logins. 如請求項8所述的遠端登入方法,其中,在步驟(E)中,該單次統計時間為一相關於在該登入失敗次數減一時執行步驟(D)的第一時間點到一相關於在該登入失敗次數時執行步驟(D)的第二時間點。The remote login method as described in request item 8, wherein in step (E), the single statistical time is a correlation between the first time point when step (D) is performed when the number of failed logins is reduced by one to a correlation Perform step (D) at the second time point when the number of failed logins is reached. 如請求項1所述的遠端登入方法,其中,在步驟(D)中,該預設值為120,在步驟(F)中,該預設時間為3600秒。The remote login method as described in claim 1, wherein in step (D), the preset value is 120, and in step (F), the preset time is 3600 seconds.
TW111124133A 2022-06-28 2022-06-28 Remote login method TWI815523B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW111124133A TWI815523B (en) 2022-06-28 2022-06-28 Remote login method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW111124133A TWI815523B (en) 2022-06-28 2022-06-28 Remote login method

Publications (2)

Publication Number Publication Date
TWI815523B true TWI815523B (en) 2023-09-11
TW202402018A TW202402018A (en) 2024-01-01

Family

ID=88966056

Family Applications (1)

Application Number Title Priority Date Filing Date
TW111124133A TWI815523B (en) 2022-06-28 2022-06-28 Remote login method

Country Status (1)

Country Link
TW (1) TWI815523B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8843645B2 (en) * 2010-06-24 2014-09-23 Citrix Systems, Inc. Systems and methods for detecting incomplete requests, TCP timeouts and application timeouts

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8843645B2 (en) * 2010-06-24 2014-09-23 Citrix Systems, Inc. Systems and methods for detecting incomplete requests, TCP timeouts and application timeouts

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
網路文獻 老貓 iqmore 設定 Windows 10 密碼錯太多次就鎖住帳號,遠端桌面也適用 生活體驗 (Life Experience) 寵物體驗 (Pet Experience) WINDOWS 10 作業系統密技 (WINDOWS 10 TIPS AND TRICKS) 20200328 https://iqmore.tw/windows-10-password-account-lockout-policy *

Also Published As

Publication number Publication date
TW202402018A (en) 2024-01-01

Similar Documents

Publication Publication Date Title
US7024695B1 (en) Method and apparatus for secure remote system management
CN108370381B (en) System and method for detecting advanced attackers using client-side honey tokens
US7469337B2 (en) System and method for computer storage security
US8375425B2 (en) Password expiration based on vulnerability detection
EP2579502B1 (en) Authentication method, system, server, and client
JP7185077B2 (en) Methods and Measurable SLA Security and Compliance Platforms to Prevent Root Level Access Attacks
JP4911018B2 (en) Filtering apparatus, filtering method, and program causing computer to execute the method
EP2056546A1 (en) Proxy Authentication Server
US20140059664A1 (en) Hardware-Based Credential Distribution
CN101753374A (en) Server-to-server integrity checking
US20080130899A1 (en) Access authentication system, access authentication method, and program storing medium storing programs thereof
US10841088B2 (en) Secure credential generation and validation
US8892602B2 (en) Secure configuration of authentication servers
CN101675640A (en) Self-initiated end-to-end monitoring of authentication gateways
JP2002342279A (en) Filtering device, filtering method, and program for causing computer to execute this method
US8234694B2 (en) Method and apparatus for re-establishing communication between a client and a server
CN107317816A (en) A kind of method for network access control differentiated based on client application
US7549159B2 (en) System, apparatuses, methods and computer-readable media for determining the security status of a computer before establishing connection thereto
US20050262569A1 (en) System, apparatuses, methods and computer-readable media for determining security status of computer before establishing connection thereto first group of embodiments-claim set II
US7634655B2 (en) Efficient hash table protection for data transport protocols
TWI815523B (en) Remote login method
KR20200098181A (en) Network security system by integrated security network card
US11310265B2 (en) Detecting MAC/IP spoofing attacks on networks
JP2003258795A (en) Computer aggregate operation method, its execution system, and its processing program
JP2004005377A (en) Method for preventing recurrence of multiplex system outage