Global ETD Search

141	Malicious trafic observation using a framework to parallelize and compose midpoint inspection devices / Observation du trafic malveillant en utilisant un cadriciel permettant la composition d'inspecteurs de point d'interconnexion Alberdi, Ion 09 April 2010 (has links) Notre thèse stipule qu'au vu de l'ampleur des agissements malveillants dans l'Internet, les logiciels d'extrémité doivent être surveillés. Pour limiter le nombre de points de surveillance, nous proposons de surveiller les logiciels depuis un point d'interconnexion. Nous avons dans ce but conçu Luth, un outil permettant de composer et de paralléliser un ensemble d'inspecteurs de points d'interconnexion (appelés MI) qui implémentent des mini IDS, IPS ou pare-feux, tout en vérifiant la correction et l'optimalité de ces derniers, à l'aide d'un langage de configuration et des algorithmes associés. Nous utilisons ensuite cet outil pour surveiller des logiciels d'extrémité permettant l'observation de trafic malveillant. Premièrement, après avoir démontré la nécessité de surveiller des pots de miels collecteurs de logiciels malveillants en concevant une attaque originale, nous montrons comment nous configurons Luth pour bloquer les attaques précédemment créées tout en laissant passer les attaques émulées par le pot de miel. Dans un second temps, nous utilisons Luth pour implémenter un bac-à-sable permettant d'analyser dynamiquement et aussi sûrement que voulu, les communications réseaux des logiciels malveillants. Nous montrons comment les informations obtenues par cette analyse permettent de regrouper ces logiciels et ainsi de limiter le nombre de binaires à analyser manuellement. Ensuite nous montrons comment nous générons automatiquement des signatures permettant la détection de ces virus depuis un point d'interconnexion / Our Ph.D states that given the magnitude of malicious behavior in the Internet, end-host software must be monitored. To limit the number of monitoring points, we propose to monitor the software from an interconnection point, i.e. a midpoint. We have designed for this purpose Luth, a tool to compose and parallelize a set of midpoint inspectors (MI) that implement mini IDS, IPS or firewall-s, while checking the correction and optimality of the resulting inspection tree, using a configuration language, its interpreter and associated algorithms. We then configure this tool to monitor some end-host software used to observe malicious traffic. First, we demonstrate why malware downloading honeypots must be monitored by designing an original attack. Then, we show how we configure Luth to block these attacks while accepting the intrusions emulated by the honeypot. In a second step, we use Luth to implement a sandbox that analyzes dynamically and as safely as wanted malware's network communications. We show how the information obtained by this analysis enables us to cluster the analyzed malware and therefore limit the number of malware to analyze manually. Finally, we show how we automatically generate signatures from this analysis to detect those malware from a midpoint device Virus informatiques Reseaux d'ordinateurs-mesures de surete Coupe-feu (securite informatique) Vulnérabilité Botnet Pare-feu Attaques Malware Botnet Vulnerabilities Attacks Internet Firewall
142	Project X : All-in-one WAF testing tool Anantaprayoon, Amata January 2020 (has links) Web Application Firewall (WAF) is used to protect the Web application (web app). One of the advantages of having WAF is, it can detect possible attacks even if there is no validation implemented on the web app. But how can WAF protect the web app if WAF itself is vulnerable? In general, four testing methods are used to test WAF such as fuzzing, payload execution, bypassing, and footprinting. There are several open-source WAF testing tools but it appears that it only offers one or two testing methods. That means a tester is required to have multiple tools and learn how each tool works to be able to test WAF using all testing methods. This project aims to solve this difficulty by developing a WAF testing tool called ProjectX that offers all testing methods. ProjectX has been tested on a testing environment and the results show that it fulfilled its requirements. Moreover, ProjectX is available on Github for any developer who want to improve or add more functionality to it. Web application vulnerability OWASP top ten Web Application Firewall WAF WAF testing WAF testing tool Modsecurity AWS WAF XSS SQLI Computer Sciences Datavetenskap (datalogi)
143	Improving the Cyber defence of an organisation based on IP Geolocation and security appliances / Förbättra en organisations cyberförsvar baserad på IP Geolocation och säkerhetssystem Opasinov, Aleksandar, Eftekhari, Sina January 2020 (has links) As advancement and usage of data communication has increased exponentially on a global scale, with a devastating exposure to attacks and varying security threats to home offices as well as to large enterprises, there is always a need for enhanced network protection. The IT department of the company OneDefence, located in western Sweden, was chosen for the thesis and based on the stated information from the organisation, aims were set on how to improve their network defence capabilities. The aim of this thesis is to list ten countries posing the most serious IT threats, and to limit the attack surface of OneDefence’s IT network as much as possible while still providing the necessary services to users abroad. After researching the countries, a prototype was set up to mimic OneDefence’s topology of interest and test attacks were conducted as detailed in the Methodology chapter. The results of the investigations showed the countries posing most serious cyber threats included China, Russia and North Korea among others which were statistically calculated based on the total number of recognised cyberwarfare attacks. The results obtained from the different DoS attacks in the prototype showed that an IPS should be at the heart of an organisation's network defence for combating these intrusions, as well as potentially other types. With the help of a prototype built based on the organisation's topology, several attacks were somewhat successfully mitigated with the equipment used on hand, with only a low percentage of packets allowed to pass through the security unit. Lastly, to explore further enhancements of defence capabilities of OneDefence, a comparison between different products and devices were performed. This resulted in products from the Fortinet brand such as FortiGate NGFW and UTM capabilities as they are offering several advantages compared to competitors. / Då stora framsteg och användning av datakommunikation har ökat exponentiellt på en global skala, med en förödande exponering av attacker och säkerhetshot mot hemanvändare såväl som stora företag, finns detalltid ett behov av förbättrad nätverksskydd. IT-avdelningen hos företaget OneDefence, valdes för att utföra examensprojektet och baserade sig på organisationens angivna information för att förbättra deras nätverksförsvar. Syftet med denna rapport är att sammanställa en lista på tio länder som utgör de allvarligaste IT-hoten i världen, samt begränsa attackytan för organisationens nätverk så mycket som möjligt medan man behåller alla nödvändiga tjänster till användare utomlands. Efter att ha undersökt länderna, anordnades en prototyp för att efterlikna delar av OneDefences topologi av intresse och testattacker utfördes enligt metodologikapitlet. Resultaten av utredningarna visade att från de länder som utfört de allra allvarliga cyberhoten inkluderade bland annat Kina, Ryssland och Nordkorea, som har beräknats statistiskt baserat på antalet igenkända cyberwarfare attacker. Resultaten från de olika DoS-attackerna visade att en IPS bör vara kärnan i en organisations nätverksförsvar för att kunna bekämpa dessa intrång, samt potentiellt andra typer. Med hjälp av den prototyp som byggdes baserad på organisationens topologi, blockerades flera attacker rätt framgångsrikt, med en låg procentandel av paketen som gick genom säkerhetsenheten. Slutligen utforskades ytterligare förbättringar av försvarsförmågan hos organisationen genom att jämföra olika produkter och enheter. Detta resulterade i produkter från Fortinet-varumärket såsom FortiGate NGFW med UTM förmåga, då de erbjuder flera fördelar jämfört med konkurrenter. Cybersecurity Cisco ASA Firewall IP Geolocation Malware Cyber Attacks IPS IT-säkerhet Cisco ASA Brandvägg IP Geolocation Malware Cyberattacker IPS Information Systems
144	Realizace internetové brány na Linuxu s pokročilým filtrováním / Establishment of the Linux internet gateway using advanced filtering Matocha, Tomáš January 2009 (has links) The thesis Establishment of the Linux internet gateway using advanced filtering focuses on~the installation of~the Linux operating system on~the older computers, that functions as a gateway to connect clients in the internal network to the Internet. The thesis describes creation an advanced filter with using iptables. Shows some types of security against attacks from the Internet. The other chapters are discussed, advanced traffic control mechanism (such as a TC and a qdisc). The system queue, it is highly beneficial where it is necessary to hierarchically divide traffic between users. It describes types of queue and assembled configurations for clients in the internal network. Next chapter describes the DNS server caching-only type and application denyhosts, which increases the overall security system. Have your own DNS server is certified, especially if we want to reduce the data traffic. Last chapter describes the RADIUS server and its implementation using Apache and MySQL database. Furthermore, the configuration options are described and the examples of the particular configurations are provided. Finally, it presented a system for authentication through the RADIUS server. The thesis seeks to provide a~complex view of security and filtering.
145	Metody zajištění IP PBX proti útokům / Securing IP PBX against attacks Hynek, Luboš January 2013 (has links) This master project focuses on the possibilities of protecting the most common free software PBX Asterisk, FreeSWITCH and YATE. In practice, it was verified the behavior of PBX in the attacks and suggested protection against them on one of the most popular distributions of Linux server on CentOS. Tool was created to simulate several types of attacks targeting denial of service. Both protective options PBX themselves and operating system capabilities are used in this work. Comparison was also the possibility of protection of individual PBX with each other. It also includes a brief description of the protocol, topology attacks and recommendation for the operation of softswitches.
146	Ochrana proti distribuovaným útokům hrubou silou / Distributed Brute Force Attacks Protection Richter, Jan January 2010 (has links) This project deals with analysis of brute force attacks focused on breaking authentication of common services (especially ssh) of Linux and xBSD operating systems. It also examines real attacks, actual tools and ways of detection of theese attacks. Finaly there are designed new mechanisms of coordination and evaluation of distributed brute force attacks in distributed environment. These mechanisms are then implemented in distributed system called DBFAP.
147	Differenzierte Bereitstellung von Internetdiensten in öffentlichen Bereichen der Universität Breiler, Andre 26 January 2001 (has links) Die vorliegende Arbeit entwickelt und implementiert ein System für die Bereitstellung von Internet-Diensten an öffentlichen Orten. Besonderer Wert wurde auf eine einfache Handhabung für den Nutzer, eine breite Unterstützung von Klienten und ein breites Spektrum möglicher Privilegien (von der vollen Internetkonnektivität bis zu einer Art Infoterminalstatus) gelegt. info:eu-repo/classification/ddc/004 ddc:004 ARP Firewall HTTP SNMP Anmelde-Server DHCP Internetkonnektivität NAT öffentliche Orte Portmanager-System VLAN
148	Dokumentation Netzwerk Chemnitzer Linux-Tag 2004 Kratzert, Sebastian, Möller, Manuel 26 May 2004 (has links) Während sich der Chemnitzer Linux-Tag über die vergangenen fünf Jahre mit jedem Mal in der Zahl der Aussteller, Helfer und Gäste steigerte, wuchs auch in jedem Jahr das Tagungsnetzwerk. Den Informatikern wird häufig nachgesagt, daß sie wenig dokumentieren würden. Dieses Vorurteil traf auch für das Netzwerk der vergangenen Chemnitzer Linux-Tage zu. Unter anderem, um diesem Mißstand abzuhelfen, haben wir uns bemüht, möglichst detailliert Informationen über Konzept, eingesetzte Technologieen und konkrete Konfiguration des Tagungsnetzwerks des Chemnitzer Linux-Tags 2004 zusammenzutragen. info:eu-repo/classification/ddc/004 ddc:004 Cisco IOS Cisco Systems Inc. Debian GNU/LINUX Firewall Netzwerk Netzwerktopologie Routing VLAN WLAN
149	Mitteilungen des URZ 2/2007 Clauß, Matthias, Müller, Thomas, Richter, Frank, Riedel, Wolfgang 10 May 2007 (has links) Informationen des Universitätsrechenzentrums:TUCSAN Globale Zertifikate für komfortable Sicherheit Neue Infrastruktur für Ihre E-Mails Entgelte für Softwarelizenzen Software-Bedarf in den Pools, Wintersemester 2007/08 Kurzinformationen: Google Mini sucht und findet für uns; Firewallschutz am XWiN-Anschluss; Modifizierte Finanzierungsbeteiligungen beim Campusnetzausbau; Scientific Linux 5 vor dem Einsatz in der Uni; Support von Scientific Linux 3 endet am 31.10.200; Pilotnutzung Windows Vista Software-News: Neue Software-Handbücher; jBEAM; SPSS/Amos; Rahmenvertrag Adept Scientific E-Mail TUC, Entgelte, Sicherheit TUCSAN Windows Vista info:eu-repo/classification/ddc/004 ddc:004 Computer; Zertifikat
150	Enterprise transition to Software-defined networking in a Wide Area Network : Best practices for a smooth transition to SD-WAN / Företagsövergång till mjukvarudefinierat nätverk i ett Wide Area Network : Bästa praxis för en smidig övergång till SD-WAN Yassin, Ahmed, Yalcin, Fatih January 2019 (has links) Software defined wide area networks (SD-WAN) is a relatively new concept for enterprises to structure their networks throughout sites. This thesis was to find best practices for enterprises wanting to transition their current infrastructure to SD-WAN with multiple factors considered. To accomplish this, results gathered from literature reviews, lab testing and interviews with employees from two different enterprises was made. What was accomplished from the literature review was an overview from Equity Office’s transition to SD-WAN which gave a positive result, as well as a cost of ownership tests with Talari SD-WAN units by NSS Labs. Lab testing with Talari SD-WAN units and a cloud site from Amazon Web Services resulted in improvements in performance and stability compared to a local traditional setup to the cloud site, especially on multiple simultaneous connections. Lastly, results from interviews provided deep insight on how the enterprises planned the transition, what results were expected as well as gained profits in forms of cost and effectivity. A definitive best practice which every enterprise should follow could not be made. Instead, best practices were found by factoring in different criteria that are unique for different enterprises. For future work, narrowing down to one methodology with more resources, could help in obtaining more realistic and accurate results. / Mjukvarudefinierade wide area networks (SD-WAN) är ett relativt nytt koncept för företag att strukturera sina nätverk genom sina kontor. Projektets mål var att hitta bästa praxis för företag som vill övergå från sin nuvarande infrastruktur till SD-WAN med hänsyn till flera faktorer. För att uppnå detta samlades resultat in från litteraturstudier, tester med laboration och intervjuer med anställda från två olika företag. Det som uppnåddes från litteraturstudien var en översikt över Equity Offices övergång till SD-WAN vilket gav ett positivt resultat, samt en överblick av tester på ägandekostnader med Talari SD-WAN enheter som utfördes av NSS Labs. Tester med Talari SD-WAN enheter och en molnuppsättning på Amazon Web Services resulterade i förbättringar i prestanda och stabilitet jämfört med en lokal traditionell uppsättning till molnet, särskilt vid parallella anslutningar. Slutligen gav resultaten från intervjuer en djup inblick i hur företagen planerade övergången, vilka resultat som förväntades samt vinster i form av kostnad och effektivitet. En slutgiltig bästa praxis som varje företag bör följa kunde inte bestämmas. Istället hittades bästa praxis genom att ta hänsyn till olika kriterier som är unika för olika företag. För framtida arbeten kan man smala ner arbetet till en typ av metodik med mer resurser, för att hjälpa till med att få mer realistiska och korrekta resultat. SD-WAN Amazon Web Services MPLS Firewall best practices SD-WAN Amazon Web Services MPLS brandvägg bästa praxis Computer Engineering Datorteknik

Search results