Proxy firewall / Proxy firewall

Kugler, Zdeněk

January 2009

This diploma thesis deals with the topic of proxy servers and firewalls and considers other associated technologies and network techniques. It systematically describes the general issues of firewalls, with a special focus on proxy firewalls and their safety. Additional systems mentioned in this document are intrusion detection systems (IDS), antivirus systems and content control filters – as these are also connected with safety of networks, servers and workstations or with limiting various Internet sources. IDS systems can be typically supplemented with various additional applications or tools that enrich them and increase their potential – including graphic additions. This part is remembered too. Some systems can communicate with each other, which is successfully utilised (FW & IDS co-operation, for example). The purpose of the first large chapter is to present firewall technologies, to list firewall types, their basic functionality and to present the final comparison. It marginally mentions firewall applications in practice. Chapter two explains the theory of network address translation (NAT), deals with its functionality, safety and with limiting the NAT mechanism. Chapter three brings a comprehensive presentation of proxy servers. It explains their principle from the point of view of functionality and the specification of application areas. The chapter is complete with a clear list of proxy server types and their descriptions. The last chapter named Linux Proxy Firewall is the key part of the work. It deals generally with the Linux platform, the Debian GNU/Linux distribution, principles of safety policy, network configuration, network server safety, Linux firewalls (Netfilter framework, Iptables tool) and with the Squid proxy server. The following subchapters respect the previous structure: they describe the theories of intrusion detection systems, antivirus checks and content filtering based on different methods. All this is presented similarly to the previous chapters. A proxy firewall solution built on the Linux operating system has been proposed in the practical part. The Debian GNU/Linux distribution has been chosen, being very suitable for server use due to its features. This environment is also used for additional safety software contained in the proxy firewall: antivirus protection, content filtering and an intrusion detection system. The priority is the most comprehensive computer network security, which requires detection abilities with the broadest possible coverage in the area of network safety. The purpose of this diploma thesis is not only to describe the principle of operation of proxy servers and to compare them with other types and other systems, but it also brings my own proposed free solution, which increases network safety and has the ambition of comparing it with clearly commercial products available on the market.

Ovládání elektronických systémů přes webové rozhraní / Control of electronic systems via web interface

Dufek, Ladislav

January 2011

This master thesis goes into problematics of design of an electronic device control system and its realization. First of all its overall conception is specified and potential hardware platforms are analyzed afterwards. Based on this analysis the system’s final conception is drawn up, the device’s circuit layout is created and finally a functional prototype is manufactured. The later part of this thesis describes the software accessories and tools. The principles of a chosen operating system, management application and webbased interface are described along with the problems of authentization to solve. The proposed solutions for the authentization-specific tasks gave rise to the final implementation of the authentization methods and techniques.

Sběr dat o síťové komunikaci ze zařízení síťové infrastruktury / Acquisition of communication statistical data from network infrastructure devices

Gargulák, Lukáš

January 2012

The diploma thesis describes theory that is needed for application development for acquisition of communication statistical data from network infrastructure devices. Aplication is called SDSKSI. The project compares protocols suitable for this purpose. Finally SNMP protocol was chosen because it is the most common in network devices. SNMP is described in detail. Each SNMP operation has its own practical demonstration. In the project there is also described MIB database and data types of MIB objects. Application is able to create network topology. Then administrator of network can imagine how the network looks like. For each device that support SNMP protocol are periodically collected and stored statistical data which can be exported to the file. For application development were chosen programming languages according to several criteria. Content of the laboratory exercise is presented. At the end of the project there are some system solutions for collecting statistical data. Diploma thesis contents two attachments. The first is containing the full text of laboratory task. The second is DVD disc. Disc is containing ready to boot aplication SDSKSI.

Doc-Overdue – An Automated Configuration File State Finder for Debian Systems / Doc-Overdue – En Automatiserad Upphittare av Konfigurationsfiltillstånd på Debian-system

Björkdahl, Tobias

January 2022

Configuration files are a vital part of any server setup. Knowing what configuration files have been manipulated is vital in knowing what services are running and how they are configured on a system. Changes made to these configuration files must be manually documented or collected using some automated documentation tool. Both these methods rely on being implemented early for the changes to be sufficiently documented. If a system didn’t implement these methods of documentation then there is no absolute way of knowing what changes have been made to that system without doing a manual search through potentially hundreds of files to find changes. Finding all changes made to a system lacking documentation is a time-consuming and arduous task. What if the search for changes could be automated once the documentation is long overdue? This thesis aims to create an implementation that finds changes made to configuration files on a Debian system as well as Linux distributions based on Debian such as Ubuntu. The resulting implementation created is called Doc-Overdue. Doc-Overdue consists of a script written in Python and utilizes the Debian Package Management System to find reference files to compare to the configuration files on the system. The script also runs tests to aid in finding new and/or modified configuration files without a reference file available. The results are presented in a formatted comprehensive report automatically created by Doc-Overdue. The report will include change reports created by the Diff-utility that makes it easy to find exactly what changes have been made to each changed configuration file. This approach finds changes made to systems without the need for any prior documentation of the system. The implementation was tested with a custom-made script that made modifications to configuration files for Doc-Overdue to find. The test showed Doc-Overdue to have an accuracy of 87.5% in finding changed configuration files on the system. This result shows that this approach for finding configuration file changes has a lot of promise. The thesis ends with a discussion and a list of potential future work that could hopefully lead to further improvements in the field of configuration detection.

Configuration files

config

Debian

Ubuntu

detection

Linux

python

configuration file detection

Information Systems

Univerzální linuxový server pro malé a střední firmy umožňující jednoduchý dohled nad sítí / Universal linux server for small and medium companies enabling simple network control

Juřena, Stanislav

January 2008

The main object of this thesis was to design a computer network for small and medium companies which will be made among others from network server providing simple network control. The next task was to provide internet connection to subscribers of local area network, their security and access to common services. There had been discussed the choice of distribution of Linux operation system with regarding to demanded services, stability and long lasting operation in theoretical part. One part of the work is a theoretic preliminary to separate services, to the purpose of their using and to their weaknesses. The practical part deals with an installation and configuration of Debian operating system, launching the base services and the setting of selected monitoring programs.

Automatické testování detektoru úniku plynu / Automatic testing of gas leak detector

Skryja, Petr

January 2018

This work deals with the automatic testing of an ultrasonic gas leak detector, which has to be tested during normal changes in the development phase. The reader will be acquainted with the basic principles of gas detection, design of the test product, software architecture its implementation. The following is a presentation of the application and instructions for writing tests. In this work, the Beaglebone Black development board with the Debian operating system is used as the core of the entire test product.

Technologie jednotné podpory multimediálních služeb v heterogenních sítích / Technology for comprehensive support of multimedia services in heterogeneous networks

Dosoudil, Petr

January 2014

The theses explains the Evolution Packet System (EPS) and subsystem IP Multimedia Subsystem (IMS). It also informs how these systems cooperate and through which interfaces the main data and signals between these two technologies are transfered. The thesis includes practical section, in which installation and configuration of sections of the IMS system including its "core", and application and medial server. For verification of the functionality of the system, two dissimilar clients are installed, and emulator WAN is applied for simulation of Internet. The product of the theses is the design of the laboratory exercise drafted in such a way that it can be solved by students less knowledgeable of the issues.

Dokumentation Netzwerk Chemnitzer Linux-Tag 2004

Kratzert, Sebastian, Möller, Manuel

26 May 2004

Während sich der Chemnitzer Linux-Tag über die vergangenen fünf Jahre mit jedem Mal in der Zahl der Aussteller, Helfer und Gäste steigerte, wuchs auch in jedem Jahr das Tagungsnetzwerk. Den Informatikern wird häufig nachgesagt, daß sie wenig dokumentieren würden. Dieses Vorurteil traf auch für das Netzwerk der vergangenen Chemnitzer Linux-Tage zu. Unter anderem, um diesem Mißstand abzuhelfen, haben wir uns bemüht, möglichst detailliert Informationen über Konzept, eingesetzte Technologieen und konkrete Konfiguration des Tagungsnetzwerks des Chemnitzer Linux-Tags 2004 zusammenzutragen.

info:eu-repo/classification/ddc/004

ddc:004

Cisco IOS

Cisco Systems Inc.

Debian GNU/LINUX

Firewall

Netzwerk

Netzwerktopologie

Routing

VLAN

WLAN

Japanese Translation of Technical Terms in Debian

Gustafsson, Andreas

January 2022

The notion that consistency is important when translating technical terms is nothing new in itself. Despite this, it is not uncommon to see the very same technical terms being translated into a multitude of words, even when various efforts to unify the process have been proposed. This diversity in the translation of technical terms has previously been shown to occur in the medical field by analyzing equipment manuals. However, there is a lack of research on how technical term translation fares in other fields. To narrow this identified gap, quantitative overviews of the translations from the widely respected operating system Debian are presented. The first overview is a list of the 354 most frequently appearing English technical terms. This was created by looking at the existing textual data of the system quantitatively, together with a judgment-based term selection process with the help of domain experts. The second overview is an analysis of how the 10 most frequently used identified technical terms are translated into Japanese. This is done by Catford’s probabilistic notion of textual equivalence, which shows the different translation alternatives found in the data and the probability of their appearance. The results of this study indicate that there is a varying degree of unification within the translation of technical terms. The synthesized data of the study can be used by the translation community to deepen educated decisions on the translation of technical terms within the field of information technology.

technical term translation

Debian

quantitative translation

Japanese translation

information technology translation

Specific Languages

Studier av enskilda språk