Felsökning av nätverksenheter : En metod för effektivare felsökning av Cisco Nexus 3000 switch / Network device troubleshooting : A method for more efficient troubleshooting of Cisco Nexus 3000 switch

Khajo, Aboud, Razai, Mattias

January 2024

Denna rapport syftar till att hitta en metod för effektivare felsökning av Cisco Nexus 3000 switchar. Företag utvecklas ständigt och behovet av flera nätverksenheter ökar, dock har metoder för felsökningen av nätverksenheter inte standardiserats. Den gamla metoden genom kommandorad där enskilda nätverksenheter granskas en i taget är inte längre lämplig i dagens IT-företag när antalet nätverksenheter uppgår till flera tiotusen. Rapporten görs i samarbete med IT-företaget Conscia.  Metoden baseras på en simulering och en testuppkoppling med hjälp av nätverkshanteringsprotokollet NETCONF genom Python-biblioteket Ncclient. Resultatet bestod av flera parametrar och faktorer som kan indikera en förändring i nätverksenheten. Detta har resulterat i en metod som ger information om olika parametervärden och faktorer, vilket ger nätverksadministratören en klarare bild kring switchens tillstånd. Metoden har lett till effektivare felsökning av Cisco Nexus 3000 vid inträffandet av nätverksincidenter. / This report aims to find a method for more efficient troubleshooting of Cisco Nexus 3000 switches. Companies are constantly developing and the need for multiple network devices is increasing, however, methods for troubleshooting network devices have not been standardized. The old method through the command line interface where individual network devices are reviewed one at a time is no longer suitable in today's IT companies when the number of network devices amounts to several tens of thousands. The report is made in collaboration with the IT company Conscia. The method is based on a simulation and a test connection using the network management protocol NETCONF through the Python library Ncclient. The result consisted of several parameters and factors that may indicate a change in the network device. This has resulted in a method that provides information on various parameter values and factors, which gives the network administrator a clearer picture of the state of the switch. The method has led to more efficient troubleshooting of the Cisco Nexus 3000 when network incidents occur.

Cisco Nexus 3000

Ncclient

NETCONF

Secure Shell

XML and YANG.

Cisco Nexus 3000

Ncclient

NETCONF

Secure Shell

XML och YANG.

Communication Systems

Kommunikationssystem

Identification of Users via SSH Timing Attack

Flucke, Thomas J

01 July 2020

Secure Shell, a tool to securely access and run programs on a remote machine, is an important tool for both system administrators and developers alike. The technology landscape is becoming increasingly distributed and reliant on tools such as Secure Shell to protect information as a user works on a system remotely. While Secure Shell accounts for the abuses the security of older tools such as telnet overlook, it still has fundamental vulnerabilities which leak information about both the user and their activities through timing attacks. The OpenSSH client, the implementation included in all Linux, Mac, and Windows computers, sends each keystroke entered to the server as soon as it becomes available. As a result, an attacker can observe the network patterns to know when a user presses a key and draw conclusions based on that information such as what a user is typing or who they are. In this thesis, we demonstrate that such an attack allows a malicious observer to identify a user with a concerning level of accuracy without having direct access to either the client or server systems. Using machine learning classifiers, we identify individual users in a crowd based solely on the size and timing of packets traveling across the network. We find that our classifiers were able to identify users with 20\% accuracy using as little as one hour of network traffic. Two of them promise to scale well to the number of users.

Secure Shell

Timing Attack

Machine Learning

Networks

Security

Digital Communications and Networking

Mitteilungen des URZ 2/1998

Huebner, U., Grunewald,, Heide,, Huettmann,, Trapp,

05 August 1998

Perspektiven im Netzbereich C.A.N. - Chemnitzer AbsolventenNetz Grafische Benutzeroberfl¨achen im Netz (VNC) PGP 5.x und GNUPG Neuigkeiten bei der Secure Shell (SSH) Vim 5.x Richtlinien zur Sicherheit im Campusnetz Ein Jahr Einsatz von Windows NT im URZ

Netztechnologien

Chemnitzer Absolventennetz

Grafische Benutzeroberflaechen

computergestuetzte Lehre

kryptografische Werkzeuge

Sicherheit im Campusnetz

Einsatz Windows NT

VNC (Virtual Network Computing)

Secure Shell (SSH)

PGP 5.x / GNUPG

Editor vim 5.x

ddc:050

ddc:004

Netze

Mitteilungen des URZ 1/2/1996

Riedel, Ursula, Richter, Frank, Huebner, Uwe, Wunderlich, Jan, Trapp, Holger, Clauss, Matthias, Baensch, Karsten, Plichta, Christa, Riedel, Wolfgang, Dippmann, D., Winkler, Jürgen

20 August 1996

Neuer WWW-Server Metacomputing - neue Aufgabenverteilung im Netz Harvest Secure Shell Nutzung der WS-Pools SW-Umgebung Parsytec URZ auf der CeBit Software-News Dienste des URZ - Ueberblick

WWW-Server, Parallelrechner

ddc:Workstation-Pool

ddc:Metacomputing

info:eu-repo/classification/ddc/Harvest

ddc:Harvest

ddc:Secure Shell

ddc:Software-News

info:eu-repo/classification/ddc/004

ddc:004

info:eu-repo/classification/ddc/050

ddc:050

Metacomputing; Parallelrechner; Server

Mitteilungen des URZ 2/1998

Huebner, U., Grunewald, Heide, Huettmann, Trapp

05 August 1998

Perspektiven im Netzbereich C.A.N. - Chemnitzer AbsolventenNetz Grafische Benutzeroberfl¨achen im Netz (VNC) PGP 5.x und GNUPG Neuigkeiten bei der Secure Shell (SSH) Vim 5.x Richtlinien zur Sicherheit im Campusnetz Ein Jahr Einsatz von Windows NT im URZ

info:eu-repo/classification/ddc/050

ddc:050

info:eu-repo/classification/ddc/004

ddc:004

Netze