Global ETD Search

51	Výkonnostní a bezpečnostní testy síťových aplikací / Performance and security testing of network applications Matej, Michal January 2013 (has links) The aim of this Master's thesis is to design and to implement the security test in considering a resistance of the device under test to the effects of the distributed denial of service attack DDoS SYN Flood. After processing the test results is developed a protocol about security test of the device under test. In this thesis are tested two devices, namely CISCO ASA5510 firewall and a server with the specified name Server. The theoretical part of the thesis discusses the primary types of network attacks such as reconnaissance, gain access and denial of service attacks. Explained the concept of DoS and its principle, further types of DoS attacks and distributed denial of service attacks DDoS.
52	Testování odolnosti sítí a ochrana před útoky odepření služeb / Network protection testing and DoS attacks protection Hanzal, Jan January 2014 (has links) The aim of this Master thesis is a testing of Cisco ASA\,5510 firewall with affect of Denial of Service attacks. Part of the thesis is a teoretical description some of the attacks and practical tests. Practical part covers basic testing of Cisco ASA with Spirent Avalanche 3100B. Number of TCP connections per second and firewalls throughput on 7th layer of ISO/OSI model were tested. Also the effect of Denial of Service attacks on the throughput. In a next part there is described one possible way how to generate Denial of Service attacks from a Linux server to the firewall. Python scripts were used for generation DoS packets. With those scripts it is possible to generate five types of attacks.
53	Návrh infrastruktury ICS pro průmyslový podnik / Design of ICS Infrastructure for Industrial Compan Sidor, Peter January 2017 (has links) This thesis deals with the issues of industrial communication, that is necessary to take account before making a final draft of industrial infrastructure and the overall design of a network infrastructure for a particular object. The first part of this thesis describes ICS system, parts of ICS and principle of operation. The thesis also focuses on the current trends in industrial networks, systems communication, security requirements of physical layer and the main differences from commercial infrastructures. The second part of the thesis describes the design of infrastructure for the foundry object. The final draft resolves the location of the switchboards, the specification of the used elements, the security, the cost of the solution and the final solution in practice.
54	Firewall mit nutzerindividuellen Regeln Jehmlich, Heiko 03 November 2003 (has links) Konzeption und Umsetzung einer Firewall mit nutzerindividuell einstellbaren Regeln mit IPTables unter Linux. Erfassung des Netztraffics aller Nutzer und Vorbereitung zur dynamischen Bandbreitenbeschränkung des Netztraffics der einzelnen Nutzer. info:eu-repo/classification/ddc/004 ddc:004 Firewall IPTables Traffic
55	Návrh univerzitního firewallu na platformě Cisco Burian, Jan January 2017 (has links) The diploma thesis focuses on design of university firewall on Cisco platform. The design deals with important functionalities, which are used in the current solution. These include routing, network address translation, access control lists, VPN. The thesis furher deals with dynamic insertion rules, which are generated based on traffic analysis by Flowmon probe and its ADS module. The new design is implemented in a testing environment and its funcionality is verified. The thesis will serve like feasibility study for final implementation in the production MENDELU network.
56	Virtual Firewalling For Migrating Virtual Machines In Cloud Computing Anwar, Mahwish January 2013 (has links) Context. Cloud Computing (CC) uses virtualization to provide computing resources on demand via Internet. Small and large organizations benefit from CC because of reduced operating costs and increase in business agility. The migrating Virtual Machine (VM) is vulnerable from attacks such as fake migration initiations, service interruptions, manipulation of data or other network attacks. During live migration any security lax in VM firewall policy can put the VM data, OS and the applications on it at risk. A malicious VM can pose threat to other VMs in its host and consequently for VMs in LAN. Hardware firewalls only protect VM before and after migration. Plus, they are blind to virtual traffic. Hence, virtual firewalls (VFs) are used to secure VMs. Mostly; they are deployed at Virtual Machine Monitor-level (VMM) under Cloud provider’s control. Source VMM-level VF provides security to VM before the migration incurs and the destination VMM-level VF starts securing VM after migration is completed. It thus, becomes possible for attacker to use the intermediate migrating window to launch attacks on VM. Considering the potential of VFs there should be a great value in using open source VFs at VM-level for protecting VMs during migration, thereby, reducing the attacker’s slot to gain access to VM. It would enable hardened security for overall VM migration. Objectives. The aim is to investigate VM-level firewalling using open source firewall as a complementary security layer to VMM-level firewalling, to secure migrating VM in the CC domain. The first objective is to identify how virtual firewalls secure migrating VM in CC and to propose VM-level open-source virtual firewalling for protecting VM during migration. Later the VF is implemented to validate and evaluate its intactness or activeness during migration in real Cloud data center. Methods. In the literary review 9 electronic libraries are used, which include IEEE Xplore, ACM Digital Library, SCOPUS, Engineering Village and Web of Knowledge. Studies are selected after querying libraries for 2 key terms ‘virtual machine’ and ‘migration’ (along with other variations/synonyms), in the abstract. Relevant papers on the subject are read and analyzed. Finally, the information gaps are identified. Using a lacuna the experimental solution is designed. To test the potential of VF at VM-level for migrating VM’s security the experimental validation is performed using stratification samples of firewall rules. The VF evaluation is done using continuous ICMP echo packet transmission. The packets are analyzed to determine firewall behavior during migration. To evaluate the validity, the VM migration is performed 8 times in City Network data center. Results. The literary review identified the widespread use of VMM-level firewalling for migrating VM’s security in CC. The VM-level VFs were not researched nor evaluated for intactness during migration. The experiment performed at City Network demonstrated that the VM-level VF secures VM during migration (on average) for 96% of migration time, thereby reducing attack window for attacker during VM mobility. According to the results the average total migration time (TMT) was 16.6 s and average downtime (DT) of firewall was as low as 0.47 s, which means that VF at VM-level protects VM during entire migration span except when VM’s down (4% of migration time). Conclusions. The research concludes that VM-level firewalling using open source VF as an additional security layer in CC for VM migrations is feasible to employ and will enhance the migrating machine’s security by providing hardened firewall service during migration process, thus, reducing the potential attack window. VMM-level VF provides security in post and pre migration phase. Using VM-level VF as a complementary measure to VMM-level VF enables additional protection for VM migration process, thereby reducing the chances for attacker to attack VM during transition. / <p>Email: mahwish.anwar@gmail.com Twitter: Mah__Wish</p><p>ORCID ID: 0000-0001-7486-5216</p> virtual machine migration firewall Computer Sciences Datavetenskap (datalogi)
57	Red Door: Firewall Based Access Control in ROS Shen, Ziyi 12 1900 (has links) ROS is a set of computer operating system framework designed for robot software development, and Red Door, a lightweight software firewall that serves the ROS, is intended to strengthen its security. ROS has many flaws in security, such as clear text transmission of data, no authentication mechanism, etc. Red Door can achieve identity verification and access control policy with a small performance loss, all without modifying the ROS source code, to ensure the availability and authentication of ROS applications to the greatest extent. Firewall Computer Science
58	Sistema de localização de serviços para domínios de segurança locais e remotos. / Service location system for local and remote security domains. Sakuragui, Rony Rogério Martins 29 September 2006 (has links) Um dos grandes avanços na área da computação nas últimas décadas refere-se aos sistemas distribuídos. O uso de tais sistemas tem crescido vertiginosamente nos últimos anos. Com o surgimento e uso de tecnologias de redes sem-fio, os sistemas ganharam mobilidade e dinamismo. Pessoas podem entrar ou sair de seus locais de trabalho, de entretenimento ou mesmo de suas casas com seus computadores móveis; redes podem ser formadas ou extintas conforme a dinâmica de um grupo de pessoas; e novos serviços podem ser disponibilizados ou interrompidos. Em sistemas como tais, um sistema de localização de serviços automático é fundamental para acompanhar as contínuas modificações na rede. A localização de serviços permite que, em uma rede de endereçamento estático ou dinâmico, dispositivos e serviços possam ser encontrados de modo completamente automático. A presente dissertação propõe um sistema de localização lógica (endereçamento) de serviços e dispositivos em uma rede local ou geograficamente distribuída, indo ao encontro às necessidades de controle de sistemas distribuídos dinâmicos, contribuindo ao mesmo tempo com questões de usabilidade e configuração automática de redes. O sistema, também, busca resolver questões relacionadas ao uso dos serviços entre redes protegidas por firewalls ou que utilizam configurações de NAT. / In the last decades, one of the most important progresses in computation is related to the distributed systems. The usage of these systems has increased a lot, in the last years. Due the emergence of wireless technologies, systems have acquired mobility and dynamism. People can enter or leave places, such as home, workplaces and entertainment spots, caring their mobile computers; networks can be formed or extinguished in accordance with the people dynamism; and new services can be available or interrupted. At these systems, a service location system is needed to keep track of the unceasing modifications in the network. The service location enables that services and devices can be found, at dynamic or static networks. This master thesis proposes a system for location of the logical addresses of services and devices at local or wide area networks. This work contributes to issues related to distributed systems control, usability and automatic network configuration. This system also solves questions related to service usage between networks using firewalls or NAT. Besides that, other points related to network interconnections in distributed systems, for example, using the Internet, are raised and solved. Ad-Hoc networks Automated configuration Configuração automática Firewall Firewall Localização de serviços NAT NAT traversal Redes Ad-Hoc Service discovery
59	Sistema de localização de serviços para domínios de segurança locais e remotos. / Service location system for local and remote security domains. Rony Rogério Martins Sakuragui 29 September 2006 (has links) Um dos grandes avanços na área da computação nas últimas décadas refere-se aos sistemas distribuídos. O uso de tais sistemas tem crescido vertiginosamente nos últimos anos. Com o surgimento e uso de tecnologias de redes sem-fio, os sistemas ganharam mobilidade e dinamismo. Pessoas podem entrar ou sair de seus locais de trabalho, de entretenimento ou mesmo de suas casas com seus computadores móveis; redes podem ser formadas ou extintas conforme a dinâmica de um grupo de pessoas; e novos serviços podem ser disponibilizados ou interrompidos. Em sistemas como tais, um sistema de localização de serviços automático é fundamental para acompanhar as contínuas modificações na rede. A localização de serviços permite que, em uma rede de endereçamento estático ou dinâmico, dispositivos e serviços possam ser encontrados de modo completamente automático. A presente dissertação propõe um sistema de localização lógica (endereçamento) de serviços e dispositivos em uma rede local ou geograficamente distribuída, indo ao encontro às necessidades de controle de sistemas distribuídos dinâmicos, contribuindo ao mesmo tempo com questões de usabilidade e configuração automática de redes. O sistema, também, busca resolver questões relacionadas ao uso dos serviços entre redes protegidas por firewalls ou que utilizam configurações de NAT. / In the last decades, one of the most important progresses in computation is related to the distributed systems. The usage of these systems has increased a lot, in the last years. Due the emergence of wireless technologies, systems have acquired mobility and dynamism. People can enter or leave places, such as home, workplaces and entertainment spots, caring their mobile computers; networks can be formed or extinguished in accordance with the people dynamism; and new services can be available or interrupted. At these systems, a service location system is needed to keep track of the unceasing modifications in the network. The service location enables that services and devices can be found, at dynamic or static networks. This master thesis proposes a system for location of the logical addresses of services and devices at local or wide area networks. This work contributes to issues related to distributed systems control, usability and automatic network configuration. This system also solves questions related to service usage between networks using firewalls or NAT. Besides that, other points related to network interconnections in distributed systems, for example, using the Internet, are raised and solved. Configuração automática Firewall Localização de serviços NAT Redes Ad-Hoc Ad-Hoc networks Automated configuration Firewall NAT traversal Service discovery
60	Diseño de arquitectura de seguridad perimetral para una empresa dedicada a la actividad inmobiliaria Montes Larios, Jose Manuel, Iturrizaga Hernández, Manuel Antonio January 2015 (has links) Debido a que el uso de Internet se encuentra en aumento, cada vez más compañías permiten a sus socios y proveedores acceder a sus sistemas de información. Por lo tanto, es fundamental saber qué recursos de la compañía necesitan protección para así controlar el acceso al sistema y los derechos de los usuarios del sistema de información. A su vez día a día se descubren nuevas vulnerabilidades, nuevos tipos de ataques y nuevos parches que aplicar los sistemas institucionales, convirtiendo la operación de la seguridad en una tarea sumamente compleja y demandante. El presente documento es sobre el desarrollo de la seguridad perimetral en la empresa Los Portales, vale indicar que dicha empresa es una de las más renombradas a nivel de la actividad inmobiliaria en el Perú, por ende se está considerando las amenazas de seguridad desde perspectivas diferentes para permitir de esta forma conocer algunos riesgos que puedan afectar a la institución, así como determinar el nivel de madurez de la seguridad informática, a su vez se demostrara a detalle el diseño e implementación de la solución así como el alcance económico. Because Internet use is increasing, more and more companies allow their partners and suppliers access to their information systems. Therefore, it is essential to know what company resources need protection so as to control system access and the rights of users of the information system. In turn every day new vulnerabilities, new types of attacks and new patches to apply institutional systems, making the security operation in an extremely complex and demanding task are discovered. This thesis is on the development of perimeter security at Los Portales, it indicate that the company is one of the most renowned level of real estate activity in Peru, thus being considered security threats from different perspectives to meet thus enable some risks that may affect the institution, and to determine the maturity level of computer security, in turn demonstrate in detail the design and implementation of the solution as well as the economic scope. Seguridad Perimetral Amenazas de seguridad Seguridad informática Firewall Ataques Vulnerabilidades Perimeter security Security threats Security Firewall Attacks Vulnerability

Search results