Network device detection and failure discover technology, which is a technology capable of effectively discovering a latent defect and a hidden backdoor of a network device running currently, has become one of the hotspots of researches on network security, and it is of important practical significance to analyze and reach a safety technology for network device detection that detects a defect and a backdoor.
Network device detection is a technology for testing system performance remotely or locally, and fundamentals of network device detection include that possible defects of a target network device are detected one by one by sending, to a target router, a switch or a firewall, various packets constructed in a simulated manner, so as to evaluate the system reliability of objects including the router, the switch and the firewall and so on. People are able to discover an open port in a network and a host, a provided server, some system information, incorrect configuration, a known loophole, an unknown loophole, a back door and so on by means of a detection technology based on a packet. Therefore, the network device detection technology is an extremely effective automatic test technology that can discover a hidden trouble of a apparatus during a purchase of a user, a test, and operation of a current network, thereby providing powerful technical support for user procurement and evaluation of the reliability of a network device.
At present, only one kind of detection software or several kinds of fixed detection software are installed in most scanning clients of a majority of network devices or clients for network device detection, thus no detection software is able to scan and test defects of all network devices. In the meanwhile, most test cases, especially test cases of new technical standards, need to be added by a user manually, which increases the difficulty and cost of maintenance and development while cases and packet libraries can be hardly supplement completely.
Besides, an existing network scanning technology without a single and clear objective fails to discover a loophole of a router, a switch or a firewall effectively and is not associated with such a service as a routing protocol, Multi-Protocol Label Switching (MPLS), Internet Protocol Security (IPsec) not provided by the existing network scanning technology but existing in a network, thus a loophole and a defect of the service cannot be discovered in a purposeful way.