|
|
DNSSEC Online Web Map
Scherfel, Peter ; Grégr, Matěj (referee) ; Matoušek, Petr (advisor)
This master's thesis is focusedurity extension DNSSEC of DNS system. It will go trough the basics of securing DNS by DNSSEC and possibilities of collecting information about the state of DNSSEC in present. Its main goal is to design application, which will be monito- ring security state of TLD and SLD domains. Implemented system is gathering information from public Whois database. Gathered information are transformed to geographical coor- dinates by Google Maps API. All gathered information are stored in database and placed on geographical map of the world by Google Maps Api.
|
|
|
Secured access for web applications
Humpolík, Jan ; Pelka, Tomáš (referee) ; Doležel, Radek (advisor)
This thesis mainly concerns often neglected security part of each web application, but also secure access users themselves. Describes theoretically and practically modern security technology, on a web application being tested and shows a possible way of defense. Gives instructions for installing its own web server.
|
|
|
New scenarios with Wireshark in communication technologies
Šíma, Jan ; Dvořák, Jan (referee) ; Jeřábek, Jan (advisor)
The aim of this thesis is to design and create scenarios that will be used by students as a basis for laboratory exercises in a course that focuses on communication technologies. These scenarios also need to be accompanied by a theoretical introduction that will introduce the topic under discussion to the students. The created scenarios contain additional tasks that are intended for individual work of students. For the teachers there are prepared separate files summarising the correct solution of these tasks. This thesis starts with a theoretical description of used network protocols. First the TCP/IP model is described and then the protocols that belong to this model. The main ones are those that occur in multiple created scenarios, such as TCP, UDP or DNS. The programs and applications that are used in the scenarios are also described. The main program is Wireshark and also the application called Klient DNS. This is followed by a chapter that deals with the drafting of each scenario. The drafts outline what the scenarios goals are. The drafts also list the protocols, programs, and utilities that are used in the exercise. The first scenario contains tasks based on Network Address Translation and its interaction with other protocols, such as the previously mentioned TCP, UDP, and also ICMP and FTP protocols. The second created scenario is dealing and analyzing protocols that try to secure the translation of domain names. Specifically, the DNSSEC extension and also the DoH protocol. The third scenario is focusing more in detail at the function of recursive servers in DNS and DNSSEC communication. The last created scenario explains the planning and allocation of the address space, where again the NAT topic is encountered and the function of routing tables is also explained here.
|
|
|
New functions of client application for DNS protocol for lectures
Ramosová, Patrícia ; Komosný, Dan (referee) ; Jeřábek, Jan (advisor)
The aim of this Master thesis entitled New functions of client application for DNS protocol for lectures is to gain understanding of domain name translation protocols, examine the existing clientDNS application, its source codes and compare it with similar existing tools, such as DNS Benchmark, Nslookup and Dig. Based on the performed analysis, new functionality was designed and various errors that the original application contained were identified. After implementing the proposed features and minor improvements, the new version of the DNS client app has been properly tested. The main innovations of the application consist of new modules for DNS over TLS and Link-Local Multicast Name Resolution protocols, and a new module for Mass testing of DNS servers and domain names. Minor improvements consist mainly of a new graphical interface adapted for small and large screens, multi-thread architecture, automatic translation and much more.
|
|
|
Monitoring of SLD DNS servers
Šťastný, Petr ; Peterka, Jiří (advisor) ; Lukeš, Dan (referee)
This publication directly follows the bachelor thesis. It contains necessary theory of HTTP, SMTP and some other protocols and services. This knowledge is then used to draw a methodology to build additional tests to verify availability and functionality of basic Internet services of a domain name. This methodology is then implemented as an application that uses distributed processing to analyse a large number of domains. Obtained results are then compiled into statistical outputs. One chapter is also devoted to overview of the attacks on DNS and security options of DNS servers and domain records.
|
|
|
Online DNSSEC Records Validation
Bachtík, Martin ; Čejka, Rudolf (referee) ; Lampa, Petr (advisor)
Master's Thesis is studying an extension that secures the domain name system by introducing the verifiability of authenticity of data, known as DNSSEC. Productive output is proposal of application and its subsequent implementation that at each stage of browse the namespace to the selected domain name checks the appropriatenesses of this extension and in detail reports the trusted chain.
|
|
|
Extending Security Of Package Manager With Dns
Sehnoutka, Martin
This paper describes a method of public key verification based on DNS, that can be used to further increase security of package managers. On top of this method, an extended version is proposed, that can also protect repository metadata. An implementation for the RPM ecosystem is proposed corresponding to the theoretical background.
|
|
|
Laboratory scenarios describing DNS system
Sakala, Peter ; Langhammer, Lukáš (referee) ; Jeřábek, Jan (advisor)
The master’s thesis deals with Domain Name System (DNS) and its practical use. It describes hierarchy of domain names, resource record types, protocol used, as well as DNSSEC extension. The most utilized implementations of authoritative and recursive DNS servers are presented. Virtualization, containers and other tools with potential use in labs are described. Two lab scenarios in virtualized environment with instructions for students were designed and developed in this thesis.
|
|
|
Automatic verification of software packages with help of DNS
Sehnoutka, Martin ; Dvořák, Jan (referee) ; Jeřábek, Jan (advisor)
Tato diplomová práce se zabývá problémem bezpečné distribuce software. Je navrženo zlepšení s pomocí doménového systému, který je použit pro uložení verifikačních klíčů, potřebných pro ověření integrity balíků stáhnutých pomocí správce balíků. Navíc je navržena rozšířená verze, které se zabývá zabezpečením metadat repositářů. Obě verze jsou implementovány v jazyce Python a integrovány do správce balíků dnf. Tato implementace je otestována ve virtuálním prostředí, diskutována a zhodnocena z hlediska způsobené zátěže.
|
|
|
Client side DNSSEC deployment
Nekuža, Karel ; Smékal, David (referee) ; Martinásek, Zdeněk (advisor)
Diplomová práce se zabývá problémem přístupu koncového uživatele k odpovědím ověřeným pomocí protokolu DNSSEC. Práce posuzuje možnosti nasazení a nastavování resolveru za účelem zlepšení bezpečnosti pro koncové uživatele. V práci je navrhnuto řešení problému pro operační systém Fedora Workstation. Navrhnuté řešení je realizováno a porovnáno s již existujícím řesením.
|
guest ::
