|
|
Implementation of a MitM probe on the platform RPi
Nekula, Štěpán ; Holop, Patrik (referee) ; Tamaškovič, Marek (advisor)
Cílem této práce je implementovat síťovou sondu pro monitorování šifrovaného síťového provozu. Navržená síťová sonda využívá útoku Man-in-the-Middle (MitM) pro zachycení a získání přístupu k šifrovaným datům. Základem sondy je platforma Raspberry Pi, na které běží software SSLproxy, jež zprostředkovává zachycování a dešifrování dat ze sítě. Tyto data jsou následně prohledávány pomocí detekčního systému hrozeb Suricata. Výkon sondy byl testován detekcí simulovaných útoků, jako je šíření nebezpečných souborů a síťové útoky. Tato práce poskytuje nástroj pro další výzkum v oblasti monitorování šifrovaných sítí a detekci hrozeb v šifrované komunikaci.
|
|
|
Distributed system for suppression of DoS attacks
Beneš, Dalibor ; Žádník, Martin (referee) ; Šišmiš, Lukáš (advisor)
Ochrana před distribuovanými útoky odepření služby (DDoS) patří mezi klíčové oblastí síťové bezpečnosti. Jednou z možných forem ochrany je využití zařízení DCPro DDoS Protector vyvíjeného sdružením CESNET. Sdružení CESNET provozuje také systémy pro monitorování a analýzu síťového provozu IPFIXcol2 a NEMEA, a dále poskytuje možnost využít protokol pro monitorování sítě sFlow. Cílem této práce je navrhnout a uskutečnit integraci těchto systémů a vytvořit tak efektivní systém potlačení útoků odepření služby. Při vypracování tohoto cíle byl kladen důraz na efektivní využití stávajích řešení, znovupoužitelnost a možnosti budoucího rozšíření celé distribuované architektury.
|
|
|
Optimization of NetFlow Data Search Using nfdump
Kubovič, Martin ; Žádník, Martin (referee) ; Bartoš, Václav (advisor)
This bachelor thesis deals with optimization of NetFlow data search using the nfdump tool. This thesis describes NetFlow protocol and tool nfdump and proposes the solution using data structure Bloom filter. The main goal was to optimize data storage and processing in order to be able to search the huge amounts of collected data and get results very quickly. The outcome of this thesis is the optimized tool that network administrators can use to search these data and significantly accelerate monitoring and analyzing network.
|
|
|
Web Portal for Network Traffic Reporting
Zapletal, Petr ; Straka, Martin (referee) ; Tobola, Jiří (advisor)
This thesis deals with the design and implementation of web portal with reports about network traffic. This system is designed for easy network monitoring with transparent charts a tables. To obtain statistics from network traffic, NetFlow technology, which is the key part of system, is used. Portal is platform independent and is built around HTML and PHP technologies. Portal also allows export proccessed data through periodic email service or files in PDF format.
|
|
|
Information Fusion for Classification of Network Devices
Sedláček, Ondřej ; Tisovčík, Peter (referee) ; Žádník, Martin (advisor)
This work is focused on solving information fusion when dealing with multiple data sources in computer network monitoring. A solution built on the concept of classification rules configured by experts is presented. Configuration is simplified using a designated configuration language interpreted by the solution. The classification rules enable coverage of diverse types of data. The result is given as a label from specified taxonomy. Using a taxonomy maintains the different levels of detail between the data sources, even in the output label. The solution also uses the Dempster-Schafer theory for merging labels from different sources into a single output label. Results of experiments show that information fusion in this context does increase the accuracy of device classification. A process of rule optimization was developed based on testing and experiments with a dataset from a real network. The accuracy was increased by 19 % compared to the original solution using this process.
|
|
|
Monitoring of Ethernet network
Herman, Vít ; Hošek, Jiří (referee) ; Jeřábek, Jan (advisor)
The bachelor thesis deals witch possibility of monitoring active items of Cisco Company, VLAN networks built between them and utilization of particular lines. All the information about items is stored in MIB database. Designed and then implemented system uses pooling MIB database using SNMP protocol, to obtain required information. For application SNMP protocol, programming language Perl is used. Obtained and processed data are stored in MySQL database. Designed system is not dependent either on any platform or this implementation. All the technologies and tools used described in the thesis. In the thesis there is described and shown, how is possible pooling items including results of pooling.
|
|
|
SNMP Agent for IoT Devices
Polishchuk, Kateryna ; Grégr, Matěj (referee) ; Matoušek, Petr (advisor)
The aim of this work is to create a SNMP agent for monitoring IoT devices. Because most IoT devices do not support SNMP, we want to implement a SNMP agent that will collect device information and write the collected data to the values of the variables in the MIB. The procedure will be demonstrated on D-Link devices, as a door sensor and signaling device that communicate with the adapter via the Z-Wave radio signal.
|
|
|
System for monitoring of devices connected to the computer network
Macků, Jan ; Petyovský, Petr (referee) ; Macho, Tomáš (advisor)
The bachelor thesis deals with the design and implementation of the web application for monitoring of the network devices. The thesis describes the design and functionality of the web interface that is used for fast and simple monitoring of the connected devices in computer network. The work also addresses the security of the web interface and the design of database structures. Further, the work describes briefly the characteristics of SNMP protocol and other important tools for obtaining the monitored data. The API of the web application is described in detail, including hints for building stand alone applications based on it. Work also contains a brief user guide for end users.
|
|
|
Xtend Monitoring and Analysis Tool
Kocman, Tomáš ; Veselý, Vladimír (referee) ; Ščuglík, František (advisor)
This thesis is focused on the monitoring and analysis of data transfer between applications on the network and creating custom monitoring tool that would meet the requirements of the application server Xtend of company Xura, Inc. The introductory chapters describe theoretical background of data capture and analysis, and application server Xtend with the services it provides. The thesis is mainly focused on the implementation of a system that cooperates with the server Xtend and its output can be further processed and interpreted.
|
|
|
Monitoring of services within active network elements by Mikrotik
Kamenář, Filip ; Slavíček, Karel (referee) ; Grenar, David (advisor)
This bachelor thesis deals with the monitoring of the VPN services on the networking elements Mikrotik. The theoretical part includes the description of RouterOS system, management options and networking devices used. The thesis consists of the description of the VPN services and analysis of PPTP, SSTP, L2TP and OpenVPN protocols, which are implemented in the practical part of this work. The theory also contains the description of monitoring devices included in the RouterOS system. In comparison, external tools are enlisted. Chosen monitoring tools are therefore implemented in the practical part of the thesis and in the monitoring script. The practical part of the bachelor thesis is focused on the establishment of VPN tunnels and its parameter measurement. The VPN clients are to be found in the Czech Republic, Ukraine and Egypt, which establishes the real conditions for network monitoring status. The final part of the work deals with the script, which is created for the automatic-monitoring of VPN service in the accessible network and sends the gathered data to the operators. The aim of the thesis is to illustrate the usage of integrated monitoring tools in the RouterOS system in the network built on the Mikrotik elements. The chosen monitoring service was the service VPN, which is being used for remote access to the local networks from distant part of the world by the corporations but also individuals. Individual monitored parameters are enlisted and compared depending on client geographic location.
|
guest ::
