|
|
Penetration tests and network device vulnerability scanning
Gregr, Filip ; Martinásek, Zdeněk (referee) ; Hajný, Jan (advisor)
This thesis is dealing with penetration tests and network device vulnerability assessment. Theoretical part includes analysis of this issue and description of general methodology of performing penetration tests. Thesis provides basic overview of requirements of international norms ISO 27000 and PCI DSS. In another part the software for Nessus vulnerability scanning and Linux Kali distrubution is introduced. Practical part of thesis includes several aims. The first is a comparsion of five vulnerability scanners in a created test network. Chosen tools for this purpose are Nessus, OpenVAS, Retina Community, Nexpose Community and GFI LanGuard. Network scan is performed with each of~these tools. Penetration test using the tools available in Kali Linux is then executed in this network. Procedure of exploiting two selected vulnerabilities is created as a laboratory exercise. The last aim of thesis is testing the web server protection against flood attacks SYN flood, UDP flood and slow attack Slowloris. Scripts for flooding were written in Python language.
|
|
|
Cybersecurity game in OpenStack platform
Huška, Luděk ; Lieskovan, Tomáš (referee) ; Stodůlka, Tomáš (advisor)
The bachelor thesis is about creation of the cybernetic game on the OpenStack platform. The work starts with an explanation of necessary knowledge like: Informational cybernetic and computer security, security threats, and testing of the overall security. In the practical part, there is created a cyber game that focus on exploitation and basic security vulnerabilities. The next part involves analysis ongoing complexity of hardware resources like RAM, CPU, disc, etc. In the end, there is a guideline for a lab exercise, which is made for students and professors or teachers both separated.
|
|
|
Cybersecurity game in OpenStack platform
Huška, Luděk ; Lieskovan, Tomáš (referee) ; Stodůlka, Tomáš (advisor)
The bachelor thesis is about creation of the cybernetic game on the OpenStack platform. The work starts with an explanation of necessary knowledge like: Informational cybernetic and computer security, security threats, and testing of the overall security. In the practical part, there is created a cyber game that focus on exploitation and basic security vulnerabilities. The next part involves analysis ongoing complexity of hardware resources like RAM, CPU, disc, etc. In the end, there is a guideline for a lab exercise, which is made for students and professors or teachers both separated.
|
|
|
Penetration tests and network device vulnerability scanning
Gregr, Filip ; Martinásek, Zdeněk (referee) ; Hajný, Jan (advisor)
This thesis is dealing with penetration tests and network device vulnerability assessment. Theoretical part includes analysis of this issue and description of general methodology of performing penetration tests. Thesis provides basic overview of requirements of international norms ISO 27000 and PCI DSS. In another part the software for Nessus vulnerability scanning and Linux Kali distrubution is introduced. Practical part of thesis includes several aims. The first is a comparsion of five vulnerability scanners in a created test network. Chosen tools for this purpose are Nessus, OpenVAS, Retina Community, Nexpose Community and GFI LanGuard. Network scan is performed with each of~these tools. Penetration test using the tools available in Kali Linux is then executed in this network. Procedure of exploiting two selected vulnerabilities is created as a laboratory exercise. The last aim of thesis is testing the web server protection against flood attacks SYN flood, UDP flood and slow attack Slowloris. Scripts for flooding were written in Python language.
|
|
|
Návrh na zvýšení infromační bezpečnosti v IS menší organizace na základě výsledků penetračních testů
Mazal, Jakub
Mazal, J. Proposal to increase information security IS in small organization based on the results of penetration tests. Brno: Mendel University, 2013. This thesis deals with the system of information safety and security of the computer network in a small business. Furthermore, the work deals with penetration tests and instruments that are used for penetration testing. With the tests carried out in a specific organization is evaluated safety and eventually steps are designed to increase information security in a particular organization.
|
guest ::
