Enterprise intranet attack defense system

The invention provides an enterprise intranet attack defense system. The enterprise intranet attack defense system comprises a software login module, a virtual node scanning module, a honeypot control module, a defense starting module, a honey bait management module, a honeypot scanning module, a scanning sensing module, an attack mode report generation module and a display terminal. According to the method, the defense mode is started when the honeypot is attacked, a real server is simulated, the vigilance of an attacker is reduced, the IP address of the next honeypot is provided through data transmission, the attacker is attracted to enter the next honeypot, the attack behavior of the attacker is fully analyzed, and a good reference is provided for defense adjustment of an enterprise intranet. 本发明提供一种企业内网攻击防御系统。一种企业内网攻击防御系统，包括：软件登陆模块、虚拟节点扫描模块、蜜罐控制模块、防御启动模块、蜜饵管理模块、蜜罐扫描模块、扫描感知模块、攻击方式报告生成模块和显示终端。本发明通过在蜜罐被攻击时启动防御模式，模拟真实服务器，降低攻击者的警惕性，并且通过数据传输提供下一个蜜罐的IP地址，引诱攻击者进入下一个蜜罐，对攻击者的攻击行为进行充分分析，为企业内网的防御调整提供良好的参考。