Global ETD Search

11	DNS prestanda / DNS performance Bentahar, Younes January 2013 (has links) Use of computers and computer networks is nowadays a part of everyday life. You do not use them only at home when you sit at you computer, but you can use them all the time everywhere. This can involve everything from surf to any website when you are at home, to checking your email on your mobile when you are on your way to work. Most people do not think about how it really works when they try to access a web page by typing the address into their browser, but something that most people probably notice is how long it can sometimes take to access a web page. All items which are directly connected to the IP network have a unique IP address that is used to make it possible to communicate. The IP address is either a period separated sequence of digits representing 32 bits or a colon separated sequence of digits representing 128 bits, depending on whether the address is an IPv4 or IPv6 address. Such numeric sequences are often difficult for us humans to remember therefore, the domain name system (DNS) was constructed. DNS makes it possible for us to write addresses in a textual format to access an item stored in a device connected to the network. DNS can be seen as a directory for the network and can be compared to a telephone directory, where if you know the name of a person can find his or her phone number. This thesis will describe how the various address translations are done by using DNS. It will also examine how much impact DNS has on the experienced delay from the time you type a web page address in the address bar of your browser to the actual time you reach the website. A survey of DNS performance will be presented to investigate how much delay can be reduced by using one of Sweden's two most well-known public DNS servers (Google Public DNS and OpenDNS) instead of the normal default DNS server provided by one's Internet service provider (ISP). The survey will also show how the DNS lookup waiting time changes at different times of day and different days of the week. The purpose of this work is to provide a basic explanation of what DNS is and increase the understanding of how an everyday user in a simple way can make their network usage more effective by getting their DNS lookups to occur faster. The conclusion from this thesis is that the alternative DNS server, Google Public DNS has the fastest DNS lookup time for this particular computer which the measurement was carried on. But this tells us nothing about whether the case for any other network users because the observed DNS performance has a large extent dependent on the ISP you are connected to, and what place you are at. / Dator- och nätverksanvändandet är idag en del av vardagen. Användandet sker inte enbart när man sitter hemma, utan det kan ske hela tiden och överallt. Det kan handla om allt från att surfa in på någon webbsida när man är hemma, till att kolla sin e-post i mobilen när man är på väg till jobbet. De flesta funderar inte på hur det egentligen går till när man försöker ansluta till en webbsida genom att skriva in adressen i webbläsaren. Däremot något som de flesta nog lagt märke till är hur lång tid det ibland kan ta att komma åt någon webbsida. Alla objekt som är direkt uppkopplade till IP-nätverket, har en unik IP-adress som används för att kunna kommunicera med varandra. IP-adressen är antingen en punktskild sifferföljd som består av 32 bitar eller en semikolonskild sifferföljd som består av 128 bitar, beroende på om det är IPv4 eller IPv6. Denna sifferföljd är ofta svår för oss människor att komma ihåg och av den orsaken konstruerades domännamnsystemet (DNS) som tillåter oss att genom adresser i textformat komma åt det sökta objektet på nätverket. DNS kan ses som ett uppslagsverk för nätverket och kan liknas vid en telefonkatalog, där om man vet namnet på en person kan hitta dennes telefonnummer. I detta examensarbete kommer det att beskrivas hur olika adressöversättningar sker med hjälp av DNS. Det kommer även utredas hur stor påverkan DNS har på den upplevda fördröjningen från det att man skrivit in webbsidans adress i adressfältet i webbläsaren tills det att man faktiskt kommer fram till webbsidan. En undersökning av DNS prestandan kommer att presenteras som utreder hur mycket tid man kan tjäna på att använda någon av Sveriges två mest kända alternativa DNS-servrar (Google Public DNS och OpenDNS) istället för den normalt förinställda DNS-servern som fås av ens internetleverantör (ISP). Undersökningen kommer även visa hur DNS uppslagningarnas väntetid förändras vid olika tidpunkter på dygnet samt vid olika veckodagar. Syftet med detta arbete är att ge en grundläggande förklaring av vad DNS är för något samt att öka förståelsen för hur en vardaglig nätverksanvändare på ett enkelt sätt kan effektivisera sitt nätverksanvändande genom att få sina DNS uppslagningar att gå fortare. Slutsatsen från denna avhandling är att den alternativa DNS-servern Google Public DNS har snabbast DNS uppslagningstid för just denna dator som mätningarna genomförts på. Men detta säger oss ingenting om huruvida fallet är för andra nätverksanvändare eftersom den observerade DNS prestandan är till stor grad beroende av den ISP man är ansluten till samt vilken plats man befinner sig på. DNS DNSSEC performance measurements Google Public DNS OpenDNS DNS DNSSEC prestanda mätningar Google Public DNS OpenDNS Communication Systems Kommunikationssystem
12	DNSSEC en säkerhetsförbättring av DNS : en studie om Svenska kommuners syn på DNSSEC Telling, Henric, Gunnarsson, Anders January 2010 (has links) Syftet med uppsatsen är att undersöka varför få svenska kommunerna valt att installera DNSSEC på sina domäner. DNS är en av de viktigaste protokollen på Internet och behövs för att sammanlänka IP-adresser med mer lättförståeliga adresser för oss människor. DNS skapades utan att tänka på säkerheten, för att kunna göra DNS säkrare utvecklades ett säkerhetstillägg till DNS detta fick namnet DNSSEC.Vi har använt oss av litteraturstudie, experiment och intervjuer för att skapa en djupare kunskap och förståelse om hur DNS och DNSSEC fungerar samt besvara varför få kommuner har valt att installera DNSSEC.Under vår litteraturstudie läste vi om flera sårbarheter i DNS och hur dessa kan utnyttjas för att utsätta en organisation för attacker såsom cacheförgiftning och MITM. Vi testade dessa sårbarheter och bekräftade det. Efter installationen av DNSSEC kunde inte angreppen längre genomföras i vår testmiljö.Under intervjuerna kom vi fram till att den vanligaste orsaken att kommuner inte väljer att installera DNSSEC är okunskap om tillvägagångsättet för en installation och att de tycker deras nuvarande DNS fungerar bra, det blir då ingen prioriterad fråga. Kommunerna som installerat DNSSEC är nöjda med sin installation och bara en kommun har upplevt problem vid införandet.För att vi ska kunna fortsätta utveckla Internet är en kontroll av säkerheten en nödvändighet och då är DNSSEC en vägvisare. Kommunerna borde föregå med gott exempel och vara bland de första som inför DNSSEC så besökarna till deras hemsidor kan känna sig säkra att informationen på deras sidor är korrekt. / The purpose of this paper is to investigate why few Swedish municipalities have chosen to install DNSSEC on their domains. DNS is one of the most important protocols on the Internet and used to link IP-addresses to understandable addresses for users. DNS was created without thinking about security, to make DNS more secure a security extension was developed to DNS, named DNSSEC.We have used literature review, experiments and interviews to create a deeper knowledge and understanding about DNS and DNSSEC, how it works and why few municipalities have chosen to install DNSSEC.In the literature we read about several vulnerabilities in DNS and it can easily be exposed to attacks such as cache poisoning and MITM. We tested these vulnerabilities and confirmed them. After installation of DNSSEC we could not expose our implemented DNS anymore in our test environment.During the interviews, we concluded that the most common reason why municipalities do not choose to install DNSSEC is ignorance of an installation and they think that their current DNS works well and it does not become a priority. The municipalities that have installed DNSSEC are satisfied with its installation and only one municipality has experienced difficulties during the implementation.In order for us to continue developing the Internet a control of security is a necessity and DNSSEC is a good example. Local authorities should lead by good example and be among the first to implement DNSSEC, so users of their websites can be assured that the information on their pages is accurate. DNS DNSSEC IP Security Cache MITM Internet .SE ARP Intrusion Windows Server DoS. DNS DNSSEC IP Säkerhet Cache MITM Internet .SE ARP Intrång Windows Server DoS.
13	Proposition de nouveaux mécanismes de protection contre l'usurpation d'identité pour les fournisseurs de services Internet / Proposal for new protections against identity theft for ISPs Biri, Aroua 25 February 2011 (has links) De plus en plus d’organisations sont informatisées et plus une organisation est grande, plus elle peut être la cible d’attaques via Internet. On note également que les internautes utilisent de plus en plus Internet pour faire des achats sur des sites de commerce électronique, pour se connecter à l’administration en ligne, pour voter de manière électronique, etc. Par ailleurs, certains d’entre eux ont de plus en plus d'équipements électroniques qui peuvent être raccordés à Internet et ce dans divers sites (domicile, voiture, lieu de travail, etc.). Ces équipements forment ce qu’on appelle un réseau personnel qui permet la mise en place de nouvelles applications centrées sur l’internaute. Les fournisseurs de services Internet peuvent ainsi étoffer leurs offres de services en présentant une offre de sécurisation de ce genre de réseau. Selon le rapport du cabinet « Arbor Networks » intitulé « Worldwide Infrastructure Security Report », les menaces identifiées comme les plus sévères sont relatives aux attaques de déni de service distribué. Ce type d’attaque a pour but de rendre indisponible un service en empêchant les utilisateurs légitimes de l'utiliser. Il utilise la technique de l’usurpation d’identité qui consiste en la création de paquets (de type IP, ARP, etc.) avec une adresse source forgée et ce dans le but d’usurper un système informatique ou d’usurper l’identité de l’émetteur. La technique de l’usurpation d’identité permet ainsi de rendre un service indisponible, d’écouter, de corrompre, de bloquer le trafic des internautes ou de nuire au bon fonctionnement des protocoles de routage et des réseaux personnels des clients. De plus, la technique de l’usurpation d’identité est également utilisée pour des activités interdites par la loi « Hadopi » en rigueur en France comme le téléchargement illégal. De ce fait, les fournisseurs de services Internet se doivent de prémunir leurs clients des attaques basées sur la technique de l’usurpation d’identité. Ces dits fournisseurs comptent sur les protocoles de routage qu’ils déroulent pour participer au bon acheminement des données de leurs clients. Cependant, le protocole intra-domaine OSPF et le protocole inter-domaine BGP sont vulnérables aux attaques utilisant la technique de l’usurpation d’identité qui peuvent conduire à l’acheminement des paquets vers des destinataires non légitimes ou au déni de service. Nous proposons donc deux mécanismes dédiés respectivement au protocole intra-domaine OSPF et au protocole inter-domaine BGP. D’une part, afin de protéger les routeurs OSPF contre les attaques utilisant la technique d’usurpation d’identité, nous avons préconisé le stockage de l’identité et du matériel cryptographique dans un coffre-fort électronique que sont les cartes à puce. Les cartes déroulent ensuite un algorithme de dérivation de clés avec les cartes des routeurs voisins ainsi qu’avec celle du routeur désigné. Les clés dérivées entre les cartes à puce servent à signer les messages OSPF et à authentifier le niveau MAC. Nous avons décrit par la suite la plateforme du démonstrateur et les scénarios de tests adoptés pour évaluer les performances de notre prototype et les comparer avec ceux du logiciel Quagga sur la base de trois critères : le temps requis pour traiter une annonce d'état de liens, le temps de convergence ainsi que le temps de re-calcul d’une table de routage après un changement. Ces temps augmentent peu avec l’introduction de la carte à puce implémentant les fonctions de sécurité proposées. Ainsi, cette solution permet de renforcer la sécurité du protocole OSPF avec un impact raisonnable sur les performances. D’autre part, afin de protéger les routeurs BGP contre les attaques utilisant la technique d’usurpation d’identité, nous avons préconisé la « clustérisation » des domaines Internet et la sécurisation des liens entre les clusters ainsi qu’au sein de chacun d’eux grâce aux paradigmes de « web of trust » et de la cryptographie sans certificats […] / More and more organizations are computerized and more an organization is great, plus it can be the target of Internet attacks. Moreover, some of them have a growing number of electronic equipments that can be connected to the Internet from various locations (home, car, workplace, etc.). These devices form a so-called personal area network that allows the development of new applications centered on users. The ISPs can then expand their service offerings by providing a secure supply of such networks. According to the report of the firm “Arbor Networks”, entitled "Worldwide Infrastructure Security Report ", the most severe threats are related to distributed denial of service. This type of attack aims to make available a service by preventing legitimate users from using it. It uses the technique of identity theft that involves the creation of packages (like IP, ARP, etc.) with a forged source address and that in order to usurp the Identity of the issuer or of the computer system. Thus, the technique of identity theft allows to render a service unavailable, to listen, to corrupt, to block traffic from Internet users or to undermine the legitimate operation of routing protocols and personal networks. Moreover, the technique of identity theft is also used for prohibited activities by "HADOPI" law in France and related to illegal downloading issues. Thus, the ISPs have a duty to protect their customers from attacks based on the technique of identity theft. The mechanisms of protection against spoofing attacks for access networks are crucial for customer adoption of new applications offered by Internet service providers. This part of the doctoral thesis is part of the European project “MAGNET Beyond" whose vision is to put into practice the concept of personal networks, with the ultimate objective to design, develop, prototype and validate the concept. In the context of user equipment’s access to the network of an Internet services provider from a public place, we proposed a cross-layer protocol based on the principles of information theory. This protocol fixes the security hole not addressed by other proposals that is the attack of identity theft that occurs at the beginning of communication and thus protects users against the middle man attacks. We proposed that the person who wants to have secure access to the Internet must be on a specific circle has been called "RED POINT" so that the attacker is not able to be on the same circle at the same time. The proposed cross-layer protocol can be divided into three phases: the phase of checking the position of the user, the extraction phase of the shared secret of the physical layer and the phase of the derivation of the shared key at the MAC layer. We subsequently validated our solution through a formal tool AVISPA and presented the results of its implementation. In a private context, communication between devices convey users' personal data which may be confidential, so we must prevent equipment not belonging to the legitimate user to access its network. Thus, we proposed two mechanisms of protection against attacks based on spoofing so that illegitimate equipment is unable to impersonate legitimate equipment. The first phase will be dedicated to personal networks and the second will be dedicated to the particular case of medical networks. Regarding the mechanism dedicated to personal networks, we have proposed the use of a protocol based on out-of-band channel in order to provide certificates to user equipments. We derive bilateral key for personal network’s equipments of the same site and between equipments at remote sites. Concerning the particular case of medical networks, we proposed to cover their deployment phases and their operational phases. This proposal was submitted to the IEEE 802.15.6 working group that conducts research for the standardization of medical networks […] Usurpation d'identité Fournisseurs de services Internet Protocoles de routage DNSSEC Mécanismes d'appairage Cryptographie Hotspots Canaux hors bande Identity theft ISP Routing protocols DNSSEC Peering mechanisms Cryptography Hotspots Out-of-band channels
14	Nasazení DNSSEC na klientské straně / Client side DNSSEC deployment Nekuža, Karel January 2018 (has links) Diplomová práce se zabývá problémem přístupu koncového uživatele k odpovědím ověřeným pomocí protokolu DNSSEC. Práce posuzuje možnosti nasazení a nastavování resolveru za účelem zlepšení bezpečnosti pro koncové uživatele. V práci je navrhnuto řešení problému pro operační systém Fedora Workstation. Navrhnuté řešení je realizováno a porovnáno s již existujícím řesením.
15	Automatické ověřování softwarových balíků za pomocí DNS / Automatic verification of software packages with help of DNS Sehnoutka, Martin January 2018 (has links) Tato diplomová práce se zabývá problémem bezpečné distribuce software. Je navrženo zlepšení s pomocí doménového systému, který je použit pro uložení verifikačních klíčů, potřebných pro ověření integrity balíků stáhnutých pomocí správce balíků. Navíc je navržena rozšířená verze, které se zabývá zabezpečením metadat repositářů. Obě verze jsou implementovány v jazyce Python a integrovány do správce balíků dnf. Tato implementace je otestována ve virtuálním prostředí, diskutována a zhodnocena z hlediska způsobené zátěže.
16	Library and Tools for Server-Side DNSSEC Implementation / Library and Tools for Server-Side DNSSEC Implementation Včelák, Jan January 2014 (has links) Tato práce se zabývá analýzou současných open source řešení pro zabezpečení DNS zón pomocí technologie DNSSEC. Na základě provedené rešerše je navržena a implementována nová knihovna pro použití na autoritativních DNS serverech. Cílem knihovny je zachovat výhody stávajících řešení a vyřešit jejich nedostatky. Součástí návrhu je i sada nástrojů pro správu politiky a klíčů. Funkčnost vytvořené knihovny je ukázána na jejím použití v serveru Knot DNS.
17	Email attacks : Investigation about the vulnerability of the Swedish organizations against email threats. Kour, Jawdat, Ahmed, Hasan January 2020 (has links) Email is an essential form of communication for organizations. Nevertheless, with so much popularity came many challenges. These emails usually carry sensitive data that might cause significant harm if they get compromised. Besides, spam and phishing emails that continually reach the employees’ inbox masquerading as a trusted entity due to the lack of authentication mechanisms are also considered a significant threat for organizations today. Such threats are phishing using email domain forgery attack, redirecting emails to a mail server that is under the attacker’s control, and connection eavesdropping. The research aimed to investigate the vulnerability of approximately 2000 organizations within Sweden against those attacks. Toward that end, the quantity and quality of the following email security mechanisms SPF, DKIM, DMARC, STARTTLS, DNSSEC, and DANE were examined through a case study. Also, the adoption of these mechanisms was investigated, whether it varies based on different factors such as organization size, sector, and location. The research findings indicated that the average adoption rate by the tested organizations was approximately 50%. Furthermore, the result demonstrated that there were no differences in the adopted mechanisms based on the studied factors that the results were quite similar among the tested groups. It concluded that there is a lack of protection mechanisms, which made the majority of the tested organizations vulnerable to different types of email attacks. Email security SPF DKIM DMARC DNSSEC STARTTLS DANE Computer Sciences Datavetenskap (datalogi)
18	Minimal Trusted Computing Base for Critical Infrastructure Protection Velagapalli, Arun 17 August 2013 (has links) Critical infrastructures like oil & gas, power grids, water treatment facilities, domain name system (DNS) etc., are attractive targets for attackers — both due to the potential impact of attacks on such systems, and due to the enormous attack surface exposed by such systems. Unwarranted functionality in the form of accidental bugs or maliciously inserted hidden functionality in any component of a system could potentially be exploited by attackers to launch attacks on the system. As it is far from practical to root out undesired functionality in every component of a complex system, it is essential to develop security measures for protecting CI systems that rely only on the integrity of a small number of carefully constructed components, identified as the trusted computing base (TCB) for the system. The broad aim of this dissertation is to characterize elements of the TCB for critical infrastructure systems, and outline strategies to leverage the TCB to secure CI systems. A unified provider-middleman-consumer (PMC) view of systems was adopted to characterize systems as being constituted by providers of data, untrusted middlemen, and consumers of data. As the goal of proposed approach is to eliminate the need to trust most components of a system to be secured, most components of the system are considered to fall under the category of “untrusted middlemen.” From this perspective, the TCB for the system is a minimal set of trusted functionality required to verify that the tasks performed by the middle-men will not result in violation of the desired assurances. Specific systems that were investigated in this dissertation work to characterize the minimal TCB included the domain name system (DNS), dynamic DNS, and Supervisory Control and Data Acquisition (SCADA) systems that monitor/control various CI systems. For such systems, this dissertation provides a comprehensive functional specification of the TCB, and outlines security protocols that leverage the trust in TCB functionality to realize the desired assurances regarding the system. Critical Infrastructure Security DNS DNSSEC SCADA security Data Dissemination Systems Trusted Computing base TCG Trusted Module
19	A new Internet Naming System Pfeifer, Gert 02 October 2009 (has links) (PDF) In this thesis I describe my research activities and results of the last 4 years. I also provide an outlook and guidelines on how to proceed with our project, that we named SEDNS - Security-Enhanced Domain Name System. This project’s ambitions are to complement DNS, the Domain Name System, in a way that allows us to keep using it in the future. The main reason for this strategy is, that it has proven to be difficult to change any part of the Internet infrastructure, such as parts of the protocols stack or well established Internet authorities, like ICANN or IANA. The main problems of DNS are twofold. (1) The DNS protocol does not contain any measures to prevent data from being tampered with. (2) Furthermore, it is difficult to configure DNS correctly since most of the configuration is done within the DNS data itself, e.g., delegating authority. It is well known that DNS problems lead to reduced availability of Internet-based services in many different ways. In this thesis, I present four main results. All of them contribute to improvements and deeper understanding of DNS’ dependability issues. First, I discuss, how well established cryptographic tools can be used to enhance DNS’ security without getting into the same problems that prevent DNSSEC from being globally deployed. These problems are explained as well. This is an important topic for the Internet and DNS community, since at the moment most of the protocol improvements are connected to DNSSEC. Second, I thoroughly discuss the technique that was used in the recent years to overcome any problems related to client-server architectures, i.e., peer-to-peer systems. Such solutions have been proposed to improve DNS’ availability and reduce configuration effort. I show, that those systems do not keep up with the expectations, neither as client side tools nor as server infrastructure replacement. To reach this conclusion, a novel DHT scheme has been developed. The evaluation of it is shown as well. Third, results of our DNS data mining show that it is useful to improve the quality of DNS data and therefore, to protect clients from malicious or erroneous information. And fourth, an outlook is presented, which combines all the results of the first three points to suggest an architecture that indeed can improve our supply with DNS data, omitting the shortcomings of the classical client-server-architecture and its peer-to-peer replacements. Note, that although the development of future DNS standards and protocols is subject to political struggle, e.g., on whether or not an international organization should maintain the root zone instead of the USA, this thesis focuses only on technical aspects. / In dieser Dissertation beschreibe ich meine Forschungsaktivitäten und Ergebnisse der letzten 4 Jahre. Ich gebe auch einen Ausblick und Hinweise, wie unser Project, das wir SEDNS - Security-Enhanced Domain Name System genannt haben, fortgesetzt werden sollte. Die Ambitionen dieses Projektes sind, DNS, das Domain Name System, zu in einer Art und Weise zu erweitern, die es uns erlauben soll, dieses System auch in der Zukunft weiter zu benutzen. Der Hauptgrund für diese Strategie ist, dass es sich in der Vergangenheit als schwierig erwiesen hat, Teile der Internet-Infrastruktur, wie zum Beispiel Teile des Protokollstapels oder gut etablierte Internet-Behörden wie ICANN oder IANA, zu ändern bzw. auszutauschen. Daher wollen wir nicht versuchen, DNS komplett zu ersetzen. DNS hat zwei Hauptprobleme: (1) Das DNS Protokoll bietet keinerlei Möglichkeiten, Daten vor Verfälschung zu schützen, und (2) es ist schwierig, DNS korrekt zu konfigurieren, weil ein Großteil der Konfiguration direkt innerhalb der DNS Daten selbst stattfindet, wie zum Beispiel die Delegation von Verantwortungsbereichen, und diese oft nicht global konsistent und korrekt sind. Diese Probleme sind umso bedeutender, weil es allgemein bekannt ist, dass DNS Probleme auf verschiedene Art und Weisen zu reduzierter Verfügbarkeit von wichtigen Internet-basierten Diensten führen. In dieser Arbeit präsentiere ich vier Hauptergebnisse. Zuerst diskutiere ich, wie gut etablierte kryptographische Werkzeuge benutzt werden können um die Sicherheit von DNS zu verbessern, ohne dabei auf dieselben Probleme zu stoßen, die DNSSEC davon abhalten, weltweit benutzt zu werden. Diese Probleme werden dabei erläutert. Es handelt sich dabei um ein wichtiges Thema für die Internet- und DNS-Community, weil im Moment die meisten Weiterentwicklungen des DNS Protokolls mit DNSSEC zusammenhängen. Als zweites diskutiere ich im Detail die Technik, die in den vergangenen Jahren benutzt wurde um Probleme beliebiger Client-Server Anwendungen zu überwinden: Peer-to-Peer Systeme. Derartige Lösungen wurden vorgeschlagen, um DNS' Verfügbarkeit zu verbessern und Konfigurationsaufwand zu reduzieren. Ich zeige allerdings, dass solche Lösungen nicht die in sie gesetzten Erwartungen erfüllen, weder als Client-seitige Tools noch als Ersatz für die Server-Infrastruktur. Um diesen Schluss zu ziehen, wurde ein neues, auf die Bedürfnisse von DNS zugeschnittenes DHT Schema entwickelt und evaluiert im Vergleich zu DNS und existierenden Systemen. Als drittes werden DNS Data Mining Ergebnisse präsentiert, die zeigen, wie sinnvoll es ist, die Qualität der DNS Daten zu verbessern, und somit Clients vor bösartigen oder fehlerhaften Informationen zu schützen. Als viertes wird ein Ausblick präsentiert, der die Ergebnisse der vorherigen drei Punkte kombiniert und eine Architektur vorschlägt, die unsere Versorgung mit DNS Daten tatsächlich verbessern kann und die Nachteile der klassischen Client-Server-Architektur und ihrer Peer-to-Peer Nachfolger vermeidet. Zu beachten ist, dass obwohl die Entwicklung zukünftiger DNS Standards und Protokolle Gegenstand politischer Konflikte ist, z.B. darüber ob anstelle der USA eine internationale Organisation die Root-Zone verwalten sollte, diese Arbeit nur auf die technischen Aspekte ausgerichtet ist. DNS Peer-to-Peer Internet Map-Reduce Peer-to-Peer DNS DNSSEC Namensdienst Domain ddc:004 rvk:ST 200
20	Klient protokolu DNS s grafickým rozhraním vhodný pro demonstrativní účely / DNS protocol client with a graphical interface suitable for lecturing Sousedík, Tomáš January 2014 (has links) This thesis describes DNS protocol and messages it uses to obtain desired information. The protocol is described from its creation and occasions that caused the creation of the protocol. Later on are discussed multicast capabilities of name resolution this section is focused on mDNS and LLMNR. In the second part is detailed description of the structure of the messages and their useage. In the last part is described the design of the application, which was based on the specifications listed in RFCs. One chapter is devoted to a detailed description of the application and its individual parts. A large part is devoted to the testing. There are also described problems that occurred during application development and their solutions.

Search results