My master thesis estimates physical location of potential operating system attacker. It deals with basic methods of attack against operating system: spam and viruses, searching the Internet, port scanning and operating system detection. The thesis disserts about a port scanner Nmap, a port scanning detector Scanlogd and about a system log watch Swatch. The thesis deals with geolocation methods of potential operating system attacker. These geolocation methods are divided into an active and a passive types. The active methods measure delay in the Internet. The passive methods query the database. I mentioned a freely accessible Whois database and MaxMind databases. There is a program developed and practically tested. The program simulates an attacker beginning an attack by scanning ports of target machine. The program works with dataset of real IP addresses. The program also detects the attack against operating system. The real and evaluated location of an attacker is got and then shown in a map. At the end there is a review of results and data comparison with colleagues.
| Identifer | oai:union.ndltd.org:nusl.cz/oai:invenio.nusl.cz:220320 |
| Date | January 2013 |
| Creators | Pokorný, Josef |
| Contributors | Burda, Karel, Komosný, Dan |
| Publisher | Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií |
| Source Sets | Czech ETDs |
| Language | Czech |
| Detected Language | English |
| Type | info:eu-repo/semantics/masterThesis |
| Rights | info:eu-repo/semantics/restrictedAccess |
Page generated in 0.0021 seconds