Evaluation of the CSF Firewall / Utvärdering av CSF brandväggen

Mudhar, Ahmad

January 2013

The subject of web server security is vast, and it is becoming bigger as time passes by. Every year, researches, both private and public, are adding to the number of possible threats to the security of web servers, and coming up with possible solutions to them. A number of these solutions are considered to be expensive, complex, and incredibly time-consuming, while not able to create the perfect web to challenge any breach to the server security. In the study that follows, an attempt will be made to check whether a particular firewall can ensure a strong security measure and deal with some security breaches or severe threat to an existing web server. The research conducted has been done with the CSF Firewall, which provides a suit of scripts that ensure a portal’s security through a number of channels. The experiments conducted under the research provided extremely valuable insights about the application in hand, and the number of ways the CSF Firewall can help in safety of a portal against Secured Shell (SSH) attacks, dedicated to break the security of it, in its initial stages. It further goes to show how simple it is to actually detect the prospective attacks, and subsequently stop the Denial of Service (DoS) attacks, as well as the port scans made to the server, with the intent of breaching the security, by finding out an open port. By blocking the IP Addresses of the attackers dedicated to such an act, preventing them from creating nuisance, the CSF Firewall has been able to keep alien intrusions away from the server. It also aids in creating a secure zone for the server, to continue smoothly, while alerting the server administrators of the same, and gives them an opportunity to check those threatening IPs, and the time of attack, makes sure that the server administrators stay alert in the future, and is able to keep an eye on such attacks. In doing this, the experiment adds valuable data in the effective nature of the CSF Firewall.

CSF Firewall

Iptables

Firewall

Web server Security

SPI

Configserver Security & Firewall

SYN-flood

DoS attack

Port Scan

Exploit checks

Firewall notifications

SSH attacks

Computer Sciences

Datavetenskap (datalogi)

Potlačení DoS útoků s využitím strojového učení / Mitigation of DoS Attacks Using Machine Learning

Goldschmidt, Patrik

January 2021

Útoky typu odoprenia služby (DDoS) sú v dnešných počítačových sieťach stále frekventovanejším bezpečnostným incidentom. Táto práca sa zameriava na detekciu týchto útokov a poskytnutie relevantných informácii za účelom ich mitigácie v reálnom čase. Spomínaná funkcionalita je dosiahnutá s využitím techník prúdového dolovania z dát a strojového učenia. Výsledkom práce je sada nástrojov zastrešujúca celý proces strojového učenia - od vlastnej extrakcie príznakov cez predspracovanie dát až po export natrénovaného modelu pripraveného na nasadenie v produkcii. Experimentálne výsledky vyhodnotené na viacerých reálnych a syntetických dátových sadách poukazujú na presnosť systému väčšiu ako 99% s možnosťou spoľahlivej detekcie prebiehajúceho útoku do 4 sekúnd od jeho začiatku.

Penetration testing of Sesame Smart door lock / Penetrationstest av Sesame Smart dörrlås

Liu, Shuyuan

January 2023

The Internet of things (IoT) device has been widely used in various fields, and its market is expanding rapidly. However, the growing usage of IoT devices also brings more security concerns. The smart door lock is one of the smart home IoT devices that need to be designed securely. This thesis work aims to evaluate and investigate the security aspect of the newest smart door lock. This thesis first provides an introduction and background of penetration testing and creates the threat model. Based on the threat model, some testings are conducted, including state consistency, Man-In-The-Middle (MITM) attack, replay attack, reverse engineering, GPS spoofing, Denial of service (DoS) attack. The result indicates that penetration tests reveal some security problems on the tested device, especially in the access log, traffic between application and server, and the ability of resistance disruption on the WiFi access point. / IoT-enheten har använts i stor utsträckning inom olika områden och dess marknad expanderar snabbt. Den ökande användningen av IoT-enheter medför dock också fler säkerhetsproblem. Det smarta dörrlåset är en av de smarta hem IoT-enheterna som måste utformas säkert. Detta examensarbete syftar till att utvärdera och undersöka säkerhetsaspekten av det nyaste smarta dörrlåset. Denna avhandling ger först en introduktion och bakgrund av penetrationstestning och skapar hotmodellen. Baserat på hotmodellen genomförs vissa tester, inklusive tillståndskonsistens, MITM attack, replay attack, reverse engineering, GPS spoofing, DoS attack. Resultatet indikerar att penetrationstester avslöjar vissa sårbarheter på den testade enheten, särskilt i åtkomstloggen, trafik mellan applikation och server och förmågan till motståndsavbrott på WiFi-åtkomstpunkten.

IoT

Smart door lock

State consistency

MITM attack

Replay attack

Reverse engineering

GPS spoofing

DoS attack

IoT

smart dörrlås

tillståndskonsistens

MITM-attack

Replay-attack

Reverse engineering

GPS-spoofing

DoS attack

Computer Sciences

Datavetenskap (datalogi)

Computer Engineering

Datorteknik

Computer and Information Sciences

Data- och informationsvetenskap