|
|
Analysis of the wireless network security
Bencel, Jozef ; Koutný, Martin (referee) ; Jeřábek, Jan (advisor)
This master's thesis deals with security of wireless network standard 802.11. There are described security mechanisms as hide SSID, MAC address filtering, WEP, WPA, WPA2 protocols. There are described also the most often kinds of attacks (Denial of Service, disclosure WEP key, Man-in-the-Middle). The work contains investigation of used security mechanisms in wireless networks in parts of Brno. There were used NetStumbler and inSSIDer applications for this measurement. The last part of work contains measurement of security mechanisms (WEP, WPA, WPA2) effect to transfer rate from the point of view of the end user. The measurement was realized with Iperf application.
|
|
|
Safety risks of current routers
Bubelíny, Peter ; Vymazal, Michal (referee) ; Vychodil, Petr (advisor)
The thesis aims to study and document the problem router security. It present the characteristic information about a router, functions, types and locations in a computer network. Because router is integrated part of network, next are described the most commonly types of attacks and generally available security technologies. The thesis also offers insight into the router as a safety device in the role of the throat network, part of the deeper security infrastructure or access point in wireless networks. Next are described the selected security technologies against some of already mentioned attacks and also are offered opportunities to improve safety router. The next are demonstrated DoS and brute-force attacks on router in ethernet network and attacks based on sniffing packets on router in wireless network. Finally, the results are presented.
|
|
|
Annotation of NetFlow Data from Perspective of Network Security
Kadletz, Lukáš ; Grégr, Matěj (referee) ; Žádník, Martin (advisor)
This thesis describes design and implementation of application for offline NetFlow data annotation from perspective of network security. In this thesis is explained the NetFlow architecture in detail along with methods for security incidents detection in the captured data. The application design is based on analysis of manual annotation and supported by several UML diagrams. The Nemea system is used for detecting security events and Warden system as a source of information about reported security incidents on the network. The application uses technologies such as PHP 5, Nette framework, jQuery library and Bootstrap framework. The CESNET association provided NetFlow data for testing the application. The result of this thesis could be used for analysis and annotation of NetFlow data. Resulting data set could be used to verify proper functionality of detection tools.
|
|
|
Network attacks of Linux operating system
Valčák, Richard ; Janovič, Filip (referee) ; Pelka, Tomáš (advisor)
Main objective of this bachelor thesis is to inform with the most famous security attacks, describe their characteristics, evaluate risk degree and suggest security against of these attacks. The bachelor work presents theoretical and practical part focused on security attacks of Linux operational system. First chapters describe operational system security shell theory. Followed by the most frequent attacks like Buffer overflow, ARP Cache poisoning, SYN flood , Denial of Service, DHCP, which are described theoretically, demonstrated by these examples and possible security assignment against this attacks registered. Basic theoretical system Linux knowledge is necessary for the practical part of the bachelor thesis.
|
|
|
Architecture and management of secure networks
Štangler, Jan ; Frolka, Jakub (referee) ; Člupek, Vlastimil (advisor)
This work is focused on the security of small to medium-sized networks with central administration, especially on the creation of a methodology for secure network design.The design of a secure network for a start-up IT company, using open-source software, is described. Deployment of the designed secure network, with central management, is performed and the connectivity of network elements are tested. The model simulates network traffic situations and network attacks using penetration testing techniques. In terms of the severity of the impact on network security, intercepted attacks are evaluated and immediately reported to responsible persons. Finally, the results of the intercepted attacks are processed and further actions are recommended.
|
|
|
Vizualizace síťového provozu s ohledem na bezpečnostní události
SOUBUSTA, Jan
The thesis deals with methods of visualization of network traffic and identification of unfair or offensive activities. The theoretical part is verified by experiments with virtual machines, where an attacker, generating malicious traffic, is simulated. The target of the thesis is to describe and test the ways of displaying data in the network so that it is humanly readable and possible to identify potentially dangerous activities of the attacker.
|
|
| |
|
|
Architecture and management of secure networks
Štangler, Jan ; Frolka, Jakub (referee) ; Člupek, Vlastimil (advisor)
This work is focused on the security of small to medium-sized networks with central administration, especially on the creation of a methodology for secure network design.The design of a secure network for a start-up IT company, using open-source software, is described. Deployment of the designed secure network, with central management, is performed and the connectivity of network elements are tested. The model simulates network traffic situations and network attacks using penetration testing techniques. In terms of the severity of the impact on network security, intercepted attacks are evaluated and immediately reported to responsible persons. Finally, the results of the intercepted attacks are processed and further actions are recommended.
|
|
|
Secure, reliable and adaptive network based on Cisco devices
Lefler, Přemysl ; Komosný, Dan (referee) ; Kubánková, Anna (advisor)
This bachelor thesis deals with design of secure, reliable and adaptive network using Cisco network devices. Thesis includes design of a network with description of each individual technology, that were used in the design to meet requirements for safety, reliability and adaptivity. The last chapter describes frequently occuring network attacks along with a description of their execution followed by implementation of defense against them.
|
|
|
Flood attacks generation
Hudec, David
Proposal of a high speed packet flooding device is presented in this paper. The product is based on the FPGA (Field-programmable Gate Array) platform, developed in VHDL (Very high speed integrated circuit Hardware Description Language) and set into the NetCOPE environment. It uses an existing solution of packet generator. Once done, it should be implemented on a COMBO-80G board to serve as a network stressing tool.
|
guest ::
