|
|
Laboratory scenarios describing DNS system
Sakala, Peter ; Langhammer, Lukáš (referee) ; Jeřábek, Jan (advisor)
The master’s thesis deals with Domain Name System (DNS) and its practical use. It describes hierarchy of domain names, resource record types, protocol used, as well as DNSSEC extension. The most utilized implementations of authoritative and recursive DNS servers are presented. Virtualization, containers and other tools with potential use in labs are described. Two lab scenarios in virtualized environment with instructions for students were designed and developed in this thesis.
|
|
|
Wireless network attacks
Brusnický, Pavel ; Martinásek, Zdeněk (referee) ; Stančík, Peter (advisor)
Objective of this thesis is to point out to almost everywhere present flaw in realization of second level network security access to WiFi networks with using traffic tunneling over DNS protocol. Realization has been accomplished by existing utilities OzymanDNS, DNS2TCP, NSTX, Iodine, Heyoka. Measurements were done on realistic traffic on the network. The effort was to show outline of these implementations. Transfer speeds in some implementations can be marked as applicable thanks to high speeds, which are on the same level as broadband internet. Functionality was tested on WiFi network, where was also compromised PPTP VPN tunnel, its function was to provide security of the communication on wireless network due to absence of first level security mechanisms such as WPA, WPA 2 and so on, with the help of Asleap, which comes out of Cisco LEAP attack. At the end of the work are suggested possible countermeasures for securing network by the topology change of the network infrastructure or by implementing IDS.
|
|
|
Synchronization of DNS Records between LDAP Database and DNS Server
Bašti, Martin ; Matoušek, Petr (referee) ; Čejka, Rudolf (advisor)
Cílem této práce je prozkoumat možnosti uložení DNS dat v LDAP databázi a jejich oboustranné synchronizace s DNS serverem s využitím standardních technologií, paralelizace a jednoduché rozšiřitelnosti o podporu různých DNS a LDAP serverů s různými DNS schématy. Práce dále popisuje různa schémata pro uložení dat v LDAP databázi a analyzuje problémy spojené se synchronizací a navrhuje jejich řešení. Výsledkem je prototyp synchronizační aplikace s doporučenými nastaveními pro DNS server a LDAP databázi, která je schopna efektivně synchronizovat DNS data.
|
|
|
New scenarios with Wireshark in communication technologies
Šíma, Jan ; Dvořák, Jan (referee) ; Jeřábek, Jan (advisor)
The aim of this thesis is to design and create scenarios that will be used by students as a basis for laboratory exercises in a course that focuses on communication technologies. These scenarios also need to be accompanied by a theoretical introduction that will introduce the topic under discussion to the students. The created scenarios contain additional tasks that are intended for individual work of students. For the teachers there are prepared separate files summarising the correct solution of these tasks. This thesis starts with a theoretical description of used network protocols. First the TCP/IP model is described and then the protocols that belong to this model. The main ones are those that occur in multiple created scenarios, such as TCP, UDP or DNS. The programs and applications that are used in the scenarios are also described. The main program is Wireshark and also the application called Klient DNS. This is followed by a chapter that deals with the drafting of each scenario. The drafts outline what the scenarios goals are. The drafts also list the protocols, programs, and utilities that are used in the exercise. The first scenario contains tasks based on Network Address Translation and its interaction with other protocols, such as the previously mentioned TCP, UDP, and also ICMP and FTP protocols. The second created scenario is dealing and analyzing protocols that try to secure the translation of domain names. Specifically, the DNSSEC extension and also the DoH protocol. The third scenario is focusing more in detail at the function of recursive servers in DNS and DNSSEC communication. The last created scenario explains the planning and allocation of the address space, where again the NAT topic is encountered and the function of routing tables is also explained here.
|
|
|
Hotelnet Information System
Šturala, Aleš ; Rychlý, Marek (referee) ; Masopust, Tomáš (advisor)
The main objective of my work was to create a system administered over the web interface, where administrators may control users and computers in a small-area network (max. 250 computers). The system is modular to meet requirements of different networks and is administered over the web interface. A part of the whole system is created by PHP scripts for a Linux router, which are connected to the database and can set the router. Users have assigned rights to access to different parts of the system. The system was developed in common technologies like database system PostgreSQL, script language PHP, and mark-up language HTML.
|
|
|
Mobile Application for DNS Administration
Galajda, Denis ; Ovšonka, Daniel (referee) ; Kováčik, Michal (advisor)
This bachelor's thesis deals with possibilities and specifics of developing a custom mobile applicaion for DNS administration on Android. The goal is to create an easy-to-use application which will allow the user to manage zones and resource records of BIND9 nameserver. This issue is solved by manipulation of zone files over SSH connection, controlled through the modern user interface. The resulting programm allows the users to comfortably manage a DNS server from their smartphone practically anywhere.
|
|
|
Technology for comprehensive support of multimedia services in heterogeneous networks
Dosoudil, Petr ; Krkoš, Radko (referee) ; Novotný, Vít (advisor)
The theses explains the Evolution Packet System (EPS) and subsystem IP Multimedia Subsystem (IMS). It also informs how these systems cooperate and through which interfaces the main data and signals between these two technologies are transfered. The thesis includes practical section, in which installation and configuration of sections of the IMS system including its "core", and application and medial server. For verification of the functionality of the system, two dissimilar clients are installed, and emulator WAN is applied for simulation of Internet. The product of the theses is the design of the laboratory exercise drafted in such a way that it can be solved by students less knowledgeable of the issues.
|
|
|
Mobile Application for DNS Vulnerabilities Testing
Béder, Michal ; Ovšonka, Daniel (referee) ; Kováčik, Michal (advisor)
The aim of this thesis is to show the way how to implement an Android application, which allows full control over DNS packets creation. This was achieved by partial implementation of the application in C++ programming language. Furthermore, in this thesis are described topics as Android security model and possibilities of combining native and Java code. Resulting application allows to generate network attacks, which are exploiting some of the known DNS vulnerabilities.
|
|
| |
|
|
Malicious Domains Detection Using Analysis of DNS Traffic
Podešvová, Vlasta ; Bartoš, Václav (referee) ; Kováčik, Michal (advisor)
The aim of this bachelor's thesis is to design, implement and test a system for malicious domain detection in data sets obtained from real network traffic. It is aimed specifically on detection of DGA botnet activities. This detection is provided by analysis of domain name syntax. Part of the solution is focused at building a model from a set of legal domain names. This model is used for domain name syntax analysis and user of the final system is allowed to choose his own model data. Overall this thesis brings a view on the efficiency of implemented methods of malicious domain detection.
|
guest ::
