Výkonnostní a bezpečnostní testy síťových aplikací / Performance and security testing of network applications

Matej, Michal

January 2013

The aim of this Master's thesis is to design and to implement the security test in considering a resistance of the device under test to the effects of the distributed denial of service attack DDoS SYN Flood. After processing the test results is developed a protocol about security test of the device under test. In this thesis are tested two devices, namely CISCO ASA5510 firewall and a server with the specified name Server. The theoretical part of the thesis discusses the primary types of network attacks such as reconnaissance, gain access and denial of service attacks. Explained the concept of DoS and its principle, further types of DoS attacks and distributed denial of service attacks DDoS.

Testování odolnosti sítí a ochrana před útoky odepření služeb / Network protection testing and DoS attacks protection

Hanzal, Jan

January 2014

The aim of this Master thesis is a testing of Cisco ASA\,5510 firewall with affect of Denial of Service attacks. Part of the thesis is a teoretical description some of the attacks and practical tests. Practical part covers basic testing of Cisco ASA with Spirent Avalanche 3100B. Number of TCP connections per second and firewalls throughput on 7th layer of ISO/OSI model were tested. Also the effect of Denial of Service attacks on the throughput. In a next part there is described one possible way how to generate Denial of Service attacks from a Linux server to the firewall. Python scripts were used for generation DoS packets. With those scripts it is possible to generate five types of attacks.