|
|
Use of New Methods for Securing Remote Computers
Šandera, Vladimír ; Řihák, Petr (referee) ; Ondrák, Viktor (advisor)
This paper is focused on computer security services for households and small businesses. First I analyze the current situation on the computer security market. In theoretical part of the paper I will describe known types of security threats as viruses, malware, rootkits and counter measures against these threats. In practical part of the paper I analyze current conditions on the market, my business project and I introduce new concept for securing remote computers. I will talk about economical advantages of this concept as cost reduction, centralization of resources and increase in efficiency.
|
|
|
Methods of Linux Kernel Hacking
Procházka, Boris ; Malinka, Kamil (referee) ; Vojnar, Tomáš (advisor)
This bachelor thesis focuses on the Linux kernel security from the attacker perspective. It tries to identify and map all key features and methods used by nowadays cyber-terrorists. One of its aims is to give a comprehensive overview of this topic. At final, it can serve as a small reference for everybody who wants to broaden his knowledge of Linux kernel security. The work consists of four parts. The first part repeats and defines basic notions and taxonomy of operation systems. The second and third part form the core. They cover principles and methods used to hide processes, files, connections, etc. The last chaper is devoted to related issues. A supplement of this bachelor thesis is a set of demonstrating modules, which implement discussed problems involved, and tables, where can be found a comparison of nowadays rootkits.
|
|
|
The Hidden Resources Detector for GNU/Linux
Nečas, Radek ; Rogalewicz, Adam (referee) ; Procházka, Boris (advisor)
The main goal of this thesis was to detect hide resources in GNU/Linux operating systems and analyse tools so called rootkits, which are used to hide system resources. This thesis is devided into two parts, theoretical and practical one. Theoretic part focusses on resource managment, representation, privilege levels and system calls. Practical part covers design and implementation of an abstract detector. Each new detection method is implemented as a plugin. Some of those methods are realized as linux kernel modules. The usability of the detector is compared against real rootkits.
|
|
|
Attacks on the Linux Operating System in Theory and Practice
Procházka, Boris ; Hanáček, Petr (referee) ; Vojnar, Tomáš (advisor)
This master's thesis deals with Linux kernel security from the attacker's point of view. It maps methods and techniques of disguising the computing resources used by today's IT pirates. The thesis presents a unique method of attack directed on the system call interface and implemented in the form of two tools (rootkits). The thesis consists of a theoretical and a practical part. Emphasis is placed especially on the practical part, which manifests the presented information in the form of experiments and shows its use in real life. Readers are systematically guided as far as the creation of a unique rootkit, which is capable of infiltrating the Linux kernel by a newly discovered method -- even without support of loadable modules. A part of the thesis focuses on the issue of detecting the discussed attacks and on effective defence against them.
|
|
|
Decentralized communication tool with anonymity guarantee
Legéň, Michal ; Burget, Radim (referee) ; Malý, Jan (advisor)
Anonymity on the internet is becoming a actuall issue nowadays. There are several tools, that can be used to monitor user's activity and it can lead to lose privacy of users. The aim of this master's thesis is to describe different ways of working anonymous systems, especially the method called Onion Routing. The introduction of this work is devoted to the description of this method together with asymmetric cryptosystem RSA. The second part belongs to basics of socket programming and to the implementation of anonymous system in programming language C++. The final part is focussed on analysis of system in terms of security and time complexity. The conditions of anonymity and decentralization are accomplished. There is no presence of central server in the system and the management is handled by signalling messages.
|
|
| |
|
| |
|
| |
|
| |
|
|
Security policyes of SELinux for selected application in Gnome environment
Sládek, Michael ; Palovský, Radomír (advisor) ; Vadinský, Ondřej (referee)
The goal of this work is creation of SELinux security policy for selected application. To achieve this goal is this work divided to several parts. The first part is presentation of basic security principles, on which SELinux is based and then presentation of structure of the SELinux itself. The second part is analysis of the degree of support of SELinux in some selected, user favorite, distributions of Linux. In the last part is, on the specific application, presented process of creation of SELinux security policy. Specifically, remaking of document browser Evince into secure browser of untrusted documents. The contribution of this work is to create a working policy for application Evince for GNOME user environment and mapping the extent of SELinux support in selected Linux distributions.
|
guest ::
