|
|
Detection of DoS and DDoS attacks in IPv6
Frátrik, Tibor ; Fujdiak, Radek (oponent) ; Holasová, Eva (vedoucí práce)
This bachelor thesis in the theoretical part contains a description of the network and transport layer. The protocols of individual layers are also discussed. It is primarily about their function and safety. Individual attacks are also related to these layers. In this thesis are mentioned DoS (denial-of-service) and DDoS (distributed denial-of-service) attacks. Furthermore, the bachelor thesis mentioned detection and mitigation tools, and the possible solutions. The practical part contains descriptions of detections that were created in the Snort and Suricata programs. Finally, the individual detections and mitigations were also tested. In the detection of DoS attacks, the Suriata and Snort programs focused primarily on the number of packets per unit time. Detection in the Scapy program was focused mainly on individual ports of the transport layer. The goal was for DoS attacks to be detected and for ordinary network traffic not to be detected.
|
|
|
High Availability firewally
Frátrik, Tibor ; Zeman, Václav (oponent) ; Slavíček, Karel (vedoucí práce)
Táto diplomová práca je venovaná výskumu možnosťam redundancie firewallov a to špeciálne komerčným, softvérovým alebo hardvérovým. V teoretickej časti sú popísane jednotlivé firewally a ich možnosti redundancie. Diplomová práca bola viac zameraná na dva konkrétne firewally: ASA a Pfsense. V rámci praktickej časti boli navrhnuté a implementované topógie pre otestovanie redundancie u týchto firewallov. Pre testovanie boli vybrané dynamické preklady adries (NAT), stav VPN spojení, či už VPN spojenie typu site-to-site alebo remote-access a tiež spojenia TCP. Na záver boli porovnané výsledky pre jednotlivé firewally. Kde bolo skúmané a porovnané prevažne to, ako počítačová sieť u jednotlivých typov firewallov reaguje na redundanciu.
|
|
|
Detection of DoS and DDoS attacks in IPv6
Frátrik, Tibor ; Fujdiak, Radek (oponent) ; Holasová, Eva (vedoucí práce)
This bachelor thesis in the theoretical part contains a description of the network and transport layer. The protocols of individual layers are also discussed. It is primarily about their function and safety. Individual attacks are also related to these layers. In this thesis are mentioned DoS (denial-of-service) and DDoS (distributed denial-of-service) attacks. Furthermore, the bachelor thesis mentioned detection and mitigation tools, and the possible solutions. The practical part contains descriptions of detections that were created in the Snort and Suricata programs. Finally, the individual detections and mitigations were also tested. In the detection of DoS attacks, the Suriata and Snort programs focused primarily on the number of packets per unit time. Detection in the Scapy program was focused mainly on individual ports of the transport layer. The goal was for DoS attacks to be detected and for ordinary network traffic not to be detected.
|
host ::
RSS.