Analysis method based on OPC dynamic port allocation

The invention relates to an analysis method based on OPC dynamic port allocation. The analysis method comprises the following steps: S1, obtaining equipment information of an OPC client and an OPC server of a current industrial control system; determining IP addresses of the two devices, and obtaining data packets of the OPC client and the OPC server; s2, determining a specific session position from the network data packet obtained in the step S1 according to a dynamic port negotiation process of an RPC protocol; and S3, performing dynamic port analysis on an interface method in the DCOM according to the session information obtained in the step S2. According to the invention, the port opening is minimized, and the network firewall with better security performance is realized. 本申请涉及一种基于OPC动态端口分配的分析方法，包括如下步骤：步骤S1：获取当前工业控制系统的OPC客户端和OPC服务端的设备信息；确定两个设备的IP地址，获取OPC客户端和OPC服务端的数据包；步骤S2：从步骤S1获取的网络数据包，根据RPC协议的动态端口协商过程确定具体的会话位置；步骤S3：按步骤S2得到的会话信息，对于DCOM中的接口方法进行动态端口分析。本发明最小化端口开放，实现具有更优安全性能的网络防火墙。