|
|
Automated system for installing and configuring GNU/Linux virtual hosts
Horák, Daniel ; Polívka, Michal (referee) ; Pelka, Tomáš (advisor)
This work deals with possibilities of administration of virtual machines (mainly from the developer's point of view) and available methods for automatic installation of GNU/Linux distributions. First part contains the information about virtualisation technologies and possibilities to configure them with a libvirt library. The definition and specification of each part of virtualisation environment (virtual machines, disks, networks) using XML is described. Further more the possibilities of automatic installation of Linux distributions based on RedHat and Debian considering the virtualisation environment are discussed. The possibility of copying an existing disk with installed system is also mentioned. In a practical part a server application for control and management of virtual machines including automatic installation of operating system is proposed and realised.
|
|
|
Web interface for submitting student projects
Hill, Tomáš ; Polívka, Michal (referee) ; Pelka, Tomáš (advisor)
This master thesis deals with the description of web framework Web2py. The web frameworks are designed to facilitate the development of web applications. Selected web framework, Web2py, is written in Python programming language. The main purpose of this thesis is to create web application able to manage student projects and also manage students attendance. Created application is optimised for special needs of laboratory PA126.
|
|
|
SELinux application for Linux server security
Jirka, Michal ; Pelka, Tomáš (referee) ; Šimek, Milan (advisor)
This work is engaged in access control mechanism in GNU/Linux operating systems. At first discretionary and mandatory access control are compared and examine basic technologies based on mandatory access control. More closely is focused on project SELinux, whose generation of new rules is explained. Within the thesis is made application for logging evaluation and for writing new Type Enforcement rules.
|
|
|
Principals, switching functions and routing techniques in computer networks
Dvořák, Pavel ; Pelka, Tomáš (referee) ; Polívka, Michal (advisor)
This bachelor thesis consider main principles and function of active network components. Mainly is intent to component working on the third level of referential model ISO/OSI, router. There are described its main parts and more closely charactered routing protocols. Then is verified the ability of dynamic routing to react to failure in the network and there is measured the reaction time of crossing to secondary route when using different routing protocols. Another part of the thesis is focused on the questions of Quality of Service (QoS) and its support in computer networks. There are explored various ways of the QoS configuration on the routers and the proper of them is chosen and applied to the test network.
|
|
|
File exchange on the internet
Tropp, Peter ; Pelka, Tomáš (referee) ; Polívka, Michal (advisor)
The main aim of my thesis was the TCP/IP protocol issue and the data transfer over the internet using FTP protocol. The thesis is demonstrating the main settings of a server, his functionality and it further describes the development and use of HTML and PHP protocols in my created application. The final chapter of my thesis explaining the resolution of web application interfaces for complex work with and portability in virtual environments.
|
|
|
Firewall security audit
Krajíček, Jiří ; Pelka, Tomáš (referee) ; Pust, Radim (advisor)
An aim of master´s thesis is Firewall security audit. Main tasks this work is introduce with principles of application for audit, create methodology and with this methodology make security audit of the selected firewalls. Theoretical part of this document deal with firewalls and possibilities of integration into network infrastructure. And next with audit and principles of application for security audit. Next practical part of this document deal with creation methodology and procedures including penetration testing. With this methodology is created audit of linux firewall and ISA 2006 included tips for change configuration providing more security.
|
|
|
Security of wireless computer networks
Jelínek, Martin ; Pelka, Tomáš (referee) ; Doležel, Radek (advisor)
The master's thesis deals with the issue of Wireless Local Area Network (WLAN) from the viewpoint of the security and functional principle of security mechanisms. The transition to the issue concerning the security is accompanied by the methods of wireless data transmission operating on the level of physical layer (FHSS, DSSS, OFDM, MIMO), which is followed by the summary of individual 802.11 standards. The next part deals with the issue of shared transmission medium (CSMA/CA), influence of interference and correcting mechanisms (RTS/CTS). Within the security, the principles of the authentication along with the commonly used methods of security (WEP, WPA, WPA2) are described in detail. The first part concerning security deals with the security in the form of the WEP protocol, which is considered insufficient nowadays and points out the imperfect implementation and the consequent risks. The following part describes the security in the form of WPA which eliminates the implementation weaknesses of the previous WEP security protocol. The description of commonly used mechanisms of authentication (PSK, 802.1x), required temporary key management (PTK, GTK), data integrity (MIC) and encryption which uses TKIP protocol are also included. The last part, possible WLAN security, is aimed at the full support of 802.11i standard, which is called WPA2 (sometimes RSN). That part describes the basic encryption security element CCMP, which is based on the AES block cipher modes. The practical part of the thesis deals with the security verification of current wireless networks. In the process of verification the accessible HW means and programming tools of Open Source Software (OSS) are used. By means of verification it has been pointed out that there are possible security risks resulting from the security method which has been used. Also several recommendations how to reduce the security risks of the used method to minimum are mentioned.
|
|
|
Adaptive Linux firewalls, geographic firewalls
Najbr, Ondřej ; Kacálek, Jan (referee) ; Pelka, Tomáš (advisor)
The aim of the Bachelor's thesis is to study and describe the options of adaptive firewalling, which has a Linux firewall netfilter, and to study the advanced routing and marginally geographic IP filtering. In detail I will deal with the work with Iptables and its using in creation of firewalls for the Linux operating system. In the next section in detail I will describe the design and implementation Linux applications of creating rules in Iptables.
|
|
|
Tools for analyzing security protocols
Duchovič, Adam ; Burda, Karel (referee) ; Pelka, Tomáš (advisor)
This thesis is focused on tools which are used to analyzed security protocols. In the beginning of the thesis key goals of security protocols are mentioned and also basic attacks on them are illustrated. Subsequently basic verification techniques, specification languages and verification tools are described. Next part of thesis contains description of protocols in common syntax. Then the main standards used for evaluation of information security products are mentioned. In the end of thesis two well-known verification tools – AVISPA and Scyther - are described and compared to designed methodology of comparing verification tools and their outputs.
|
|
|
Server management application
Smahel, Petr ; Pelka, Tomáš (referee) ; Krajsa, Ondřej (advisor)
This thesis deals with the management of computer servers. The theoretical part describes the client-server architecture, operating system GNU/Linux and server management tools. The second chapter is devoted to design an own application to manage servers. The next chapter describes the design and implementation of individual modules from which application is build. In the fourth chapter there is described how to install and configure the application on the GNU/Linuw operating system. The penultimate chapter is written as a user manual and acquaints reader with application control. In the last section there are results obtained in testing the application presented and commented.
|
guest ::
