|
|
Routing policies and real paths in the Internet
Hlaváček, Tomáš ; Peterka, Jiří (advisor) ; Kruliš, Martin (referee)
Routing policies are now represented by RPSL and by its evolutionary extension called RPSLng. These languages can be used for describing unique routing policy of each autonomous system. Experience shows that even though there are translation tools from RPSL and RPSLng to configuration formats of commonly used routers, the actual network configuration is rarely generated from RPSL sources and routing policy is then perceived as marginal paperwork, which often does not reflect the real network settings. There will be most likely a need for RPSL format change in order to remedy the discrepancies. To support this I present long-term measurements of inaccuracies in routing policies compared to real paths in the Internet. I also present a list of the most frequent problems, and I offer suggestions, how to reform RPSL to improve situation in the long term. Powered by TCPDF (www.tcpdf.org)
|
|
|
DNS library for a high-performance DNS server
Slovák, Ľuboš ; Peterka, Jiří (advisor) ; Yaghob, Jakub (referee)
In this thesis I design and implement a high-performance library for developing authoritative name server software. The library supports all basic as well as several advanced features of the DNS protocol, such as EDNS0, DNSSEC or zone transfers. It is designed to be modular, extensible and easy to use. The library was integrated into an experimental server implementation used for testing and benchmarking. Its performance is evaluated and proved to be superior to prevalent implementations in most cases. The thesis also provides theoretic background and a deep analysis of the task together with detailed description of the implemented solutions.
|
|
|
HyperCuts pro filtrování Linuxových paketů
Mašíček, Viktor ; Kučera, Luděk (advisor) ; Peterka, Jiří (referee)
Filtering of packets by multidimensional cutting is one of the new approaches to the solution of the packet classiffication problem. It is based on creating a tree that contains the set rules of filtering. In this case a packets matching is considerably faster than linear traversing of all rules. The HyperCuts methods are one of the latest methods that use multidimensional cutting. At first sight the implementation of the HyperCuts method demonstrated its utility. However, the final decision about the usage of the HyperCuts program in practice can be made only on the basis of the results of testing in it is necessary to can be using in a practice it have to be tested in practical operation. In comparison with the PTree program, which is based on the TBF method, the HyperCuts program, was more successful. The comparison was based on resolving the problem rather than on implementation aspect or success with the same data. In case, where we use PTree source code for confrontation, we compare it with source code of HyperCuts from our implementation. We compare time and memory complexity. In the theoretic part there is explain why the "range match" was used. There is definition of term "cut" which is very advantageous for time and memory complexity. One of the goals of the work was HyperCuts method...
|
|
|
TCP/IP network controller
Tlach, Jiří ; Yaghob, Jakub (advisor) ; Peterka, Jiří (referee)
The aim of this work is design and implementation of software for an embedded system. Its is based on 8-bit RISC AVR processor connected to Ethernet controller that allows network communication. The software will include processor control as well as control of its peripherals and TCP/IP library for Internet communication. The main goal is to minize code size of developed software because both target AVR processors have very limited size of code memory. The first one has capacity of 8 kilobytes, the second one capacity of 16 kilobytes.
|
|
|
DoS a DDoS útoky na SIP protokol
Staněk, Jan ; Peterka, Jiří (advisor) ; Vozňák, Miroslav (referee)
The aim of this diploma thesis is to get accustomed with the SIP protocol and with the problematics of attacks targeting this protocol, with the emphasis on DoS and DDoS attacks. The thesis focuses on detailed classification of the attacks, possibilities and forms of generation of the attacks and methodics of defense against them. The attacks of the flood type are especially stressed because they are easily generated and the SIP components are very prone to these attacks. Prototype implementations of the most important ideas concerning attack generation and protection against these attacks are also part of this thesis. Practical tests of the implementations performed in a simulated SIP environment are also included. 1
|
|
|
DNSSEC support software
Dioszegi, Matej ; Peterka, Jiří (advisor) ; Kolovratník, David (referee)
In the present work we study the development of DNSSEC system (DNS Security extensions) from its beginning to these days. Present work describes how DNSSEC helps to secure the DNS against various attacks, mainly against cache poisoning attacks. As DNSSEC was invented relatively recently and nowadays it is poorly deployed despite its importance, this work also explores present status of implementation of this system, compares existing solutions and, based on this experience, tries to implement software, that helps to deploy and spread system DNSSEC more easily.
|
|
|
Routing simulation in wireless networks
Kouba, Jan ; Kučera, Luděk (advisor) ; Peterka, Jiří (referee)
This work deals with creation of system for routing simulation in wireless networks. System allows the user to enter relevant parameters for simulation and analyses the network. System can assign simulation parameters automaticaly based on chosen algorithm. First it counts node output powers and second communication routes. It is easy to add new algorithms. System is focused on user friendliness and good extensionality. The objective was not to implement realistic model of real network, but to create system where could be new algorithms tested. There is described architecture of the system in the work, so one can continue with development.
|
|
|
A tool for validating electronic signatures on PDF documents
Selement, Pavel ; Peterka, Jiří (advisor) ; Kruliš, Martin (referee)
The subject of this graduation thesis is to study internal electronic signatures in PDF documents. The thesis introduces general principles of electronic signatures, deals with the internal structure of PDF documents including the connection of electronic signatures and describes the process of verifying an electronic signature. An integral part of this thesis is an implementation of an application, which performs verification of electronic signatures in a PDF document. The aim of this application is to verify the digital signature embedded in a PDF document according to the current legislation of the Czech Republic, while allowing users to change extensively the rules for evaluating the validity of the signature. Powered by TCPDF (www.tcpdf.org)
|
|
|
ENUM client
Srp, Jaroslav ; Peterka, Jiří (advisor) ; Bednárek, David (referee)
For node signing and addressing in the internet the 32 bits number is used - known as IP address. Because the long numbers can be hardly memorize the abstract known as domain name is established. This abstraction transforms the domain name to the IP address via DNS (the reverse process is known as reverse DNS). But not everybody owns fixed awarded IP address, that is a problem. This situation is not true for the phone numbers (fixed or mobile phones), of course. The ENUM system which is introduced in this graduation theses uses the reverse DNS to save the information (web, e-mail, sip and other addresses, phone numbers for MMS routing and such like records) to the set phone or other number. After it you can send a query to the reverse DNS for the set phone number and by return you get the mentioned informations about the phone number. As addendum are implemented the applications (client and server) and web browser plug-in that can be used for ENUM system testing, using and exploiting.
|
|
|
Autoritativní DNS server s podporou DNSSEC
Slovák, Ľuboš ; Kolovratník, David (advisor) ; Peterka, Jiří (referee)
In this thesis we design and implement an authoritative DNS server with support for DNSSEC extensions. The server is crossplatform, extensible, and with modular, objectoriented design. However, it does not support some features, such as zone transfers, dynamic updates or responding through TCP due to the constrained range of this work. We also propose a new XMLbased zone file format to be used within the application. An XML Schema grammar for the format is provided. The thesis also contains a brief introduction to the DNS protocol and its main extensions, as well as a omparison of several existing name servers.
|
guest ::
RSS feed.