|
|
Extraction of Available Information from SSH Protocol Headers
Ďurčanský, Norbert ; Bartoš, Václav (referee) ; Kořenek, Jan (advisor)
This paper analyzes issue regarding to extraction of available information from SSH protocol. To achieve this aim, knowledge about SSH protocol were used to implement plugin for FlowMon exporter. During the testing plugin was tested on real network and validated in terms of stability, efficiency and accuracy. The result plugin allows us to extract information from SSH protocol and futher analysis without decryption of traffic.
|
|
|
Operation System Detection in Network Traffic Using IPFIX
Vymlátil, Martin ; Grégr, Matěj (referee) ; Matoušek, Petr (advisor)
This task deal with detection of operation system in network traffic using IPFIX. The main idea of this task is based on the fingeprinting, when we use information from IP and TCP headers to determine operation system. This data represent a unique signature of the operation system. Based on the information a plugin for the FlowMon probe was designed and implemented. Plugin was tested on live network traffic and pcap files.
|
|
|
Radius Monitoring Using IPFIX
Vyskočil, Pavel ; Grégr, Matěj (referee) ; Matoušek, Petr (advisor)
This barchelor thesis is focused on monitoring RADIUS traffic in the computer network based on IPFIX technology. A new input plugin for the FlowMon probe from the INVEA-TECH company was created using the acquiered knowledge about the RADIUS traffic and the possibilities of the IPFIX protocol. During the tests, the implemented plugin showed the ability to detect and process RADIUS comunication in the LAN network.
|
|
|
Web Configuration Interface for Network Devices
Žižlavský, Marek ; Kořenek, Jan (referee) ; Martínek, Tomáš (advisor)
Main goal of this bachelor work is to design a universal configuration system for remote network device configuration based on the NETCONF protocol and to develop a web configuration interface for the FlowMon, monitoring probe. This work uses existing software tools developed by the Liberouter project. Main objective of the implementation part of this work is to develop a web configuration interface, supporting class libraries for configuration management and GUI creation in PHP. Implemented web configuration interface for the FlowMon probe is a fully-functional prototype of a configuration interface based on concepts of the universal configuration system designed in this bachelor work.
|
|
|
Detecting DoS and DDoS Attacks Using NetFlow Data
Huňka, Jan ; Grégr, Matěj (referee) ; Matoušek, Petr (advisor)
This thesis deals with using NetFlow data for DoS and DDoS attacks detection. Based on the findings of the analysis of attack traffic a plugin for exporter of the FlowMon probe is implemented. It monitors several heuristics and based on them determines a level of suspicion of the source IP address. During testing, it was verified that the plugin is able to reliably detect large-scale DoS and DDoS attacks on live traffic.
|
|
|
Self Test of FlowMon Probe
Kříž, Blažej ; Kaštil, Jan (referee) ; Kořenek, Jan (advisor)
This thesis deals with development of built-in self-test for FlowMon probe, device for monitoring network traffic based on IP flows. At the begining, both NetFlow technology and the FlowMon probe are described and related terms are summarized. The development itself consists of requirements specification and analysis, design of general testing technique, desing of particular tests, their implementation and solution review.
|
|
|
Self Test of FlowMon Probe
Ivančo, Daniel ; Kořenek, Jan (referee) ; Kaštil, Jan (advisor)
Aim of this bachelor thesis is to design and implement self test of FlowMon probe. Which is a device monitoring network traffic based on IP flows, developed by Liberouter project team. The thesis includes theories of testing and test categories the self test is related to. There is also a brief description of network monitoring by NetFlow protocol and description of FlowMon probe architecture. Furthermore, the thesis contains the self test design and its description. Final solution consist of two programs. The first one implements packet generator creating all types of required packets and flows used by the second one, which implements the self test itself.
|
|
|
Porting Netflow/Combo6 Probe from Linux to FreeBSD
Grešša, Pavol ; Kašpárek, Tomáš (referee) ; Čejka, Rudolf (advisor)
The thesis deals with the problem of developing device drivers for FreeBSD operation system and explains particular steps necessary for their implementation. Furthermore, it describes modularity of drivers and basic technologies used in this operation system. Its purpose is to create a device driver for the principal card Combo6x of the Liberouter project. The output of the thesis should be a complete device driver supporting DMA transfers ant interrupts.
|
|
|
Netopeer: Configuration Platform for Network Devices
Žižlavský, Marek ; Žádník, Martin (referee) ; Kořenek, Jan (advisor)
Master's thesis analyzes available network device configuration options and describes NETCONF configuration protocol and NETCONF event notifications extension in details. It describes Netopeer, open configuration platform developed on Liberouter project, and its pitote deployment as FlowMon probe remote configuration system. Newly designed Netopeer architecture, which adds support for NETCONF event notifications, was verified by reference implementation. Security of the new design and implementation was analyzed, and recommended system settings were provided. This Master's thesis is based on results of previous bachelor's thesis of author and on existing software tools developed by the Liberouter project.
|
|
|
Software Architecture for Flow Based Monitoring Probe
Špringl, Petr ; Kořenek, Jan (referee) ; Martínek, Tomáš (advisor)
This thesis deals with design and implementation of software architecture for Flexible FlowMon probe, accessories for monitoring high speed computer networks based on IP flows. The probe has been developed in project named Liberouter. There is described flow based monitoring and export formats NetFlow version 5, NetFlow version 9 and IPIFX, which are very widely used. The thesis contains description of hardware part of Flexible FlowMon probe including its requirements for software, which are the base of the whole software architecture. There is detailed description of that part of software architecture which was implemented during the work on this thesis.
|
guest ::
