|
|
Laboratory scenarios describing DNS system
Sakala, Peter ; Langhammer, Lukáš (referee) ; Jeřábek, Jan (advisor)
The master’s thesis deals with Domain Name System (DNS) and its practical use. It describes hierarchy of domain names, resource record types, protocol used, as well as DNSSEC extension. The most utilized implementations of authoritative and recursive DNS servers are presented. Virtualization, containers and other tools with potential use in labs are described. Two lab scenarios in virtualized environment with instructions for students were designed and developed in this thesis.
|
|
|
Automatic verification of software packages with help of DNS
Sehnoutka, Martin ; Dvořák, Jan (referee) ; Jeřábek, Jan (advisor)
Tato diplomová práce se zabývá problémem bezpečné distribuce software. Je navrženo zlepšení s pomocí doménového systému, který je použit pro uložení verifikačních klíčů, potřebných pro ověření integrity balíků stáhnutých pomocí správce balíků. Navíc je navržena rozšířená verze, které se zabývá zabezpečením metadat repositářů. Obě verze jsou implementovány v jazyce Python a integrovány do správce balíků dnf. Tato implementace je otestována ve virtuálním prostředí, diskutována a zhodnocena z hlediska způsobené zátěže.
|
|
|
Client side DNSSEC deployment
Nekuža, Karel ; Smékal, David (referee) ; Martinásek, Zdeněk (advisor)
Diplomová práce se zabývá problémem přístupu koncového uživatele k odpovědím ověřeným pomocí protokolu DNSSEC. Práce posuzuje možnosti nasazení a nastavování resolveru za účelem zlepšení bezpečnosti pro koncové uživatele. V práci je navrhnuto řešení problému pro operační systém Fedora Workstation. Navrhnuté řešení je realizováno a porovnáno s již existujícím řesením.
|
|
|
Monitoring of SLD DNS servers
Šťastný, Petr ; Peterka, Jiří (advisor) ; Lukeš, Dan (referee)
This publication directly follows the bachelor thesis. It contains necessary theory of HTTP, SMTP and some other protocols and services. This knowledge is then used to draw a methodology to build additional tests to verify availability and functionality of basic Internet services of a domain name. This methodology is then implemented as an application that uses distributed processing to analyse a large number of domains. Obtained results are then compiled into statistical outputs. One chapter is also devoted to overview of the attacks on DNS and security options of DNS servers and domain records.
|
|
|
Automatic Tracking of DNSSEC Configuration on DNS Servers
Lat, Radek ; Polčák, Libor (referee) ; Matoušek, Petr (advisor)
This bachelor thesis describes design and implementation of a tool for tracking of configuration of DNSSEC security extension on DNS servers. The goal is to perform automatic signature verification, tracking of cryptographic algorithms being used and inform about potential or found problems. Bachelor thesis has been developed in cooperation with CZ.NIC.
|
|
|
On-Line Monitoring of Expiration of DNSSEC Signatures
Mrázek, Jakub ; Polčák, Libor (referee) ; Matoušek, Petr (advisor)
In the bachelor thesis we have described computer software (programme) which is supposed to check the signatures of DNS (Domain Name System) records (resource records) and warn in due time about the expiry date or the approaching expiry date of the signatures in order to prevent from expiring. In the paper we have specified the DNSSEC (Domain Name System Security) technology, new resource records for the DNSSEC and details of signing the resource records. Moreover, we have introduced the programme itself, the possibilities of setting the programme, the ways of data reading and warning output. Since no such programme exists, and because there is a need to check the signatures quickly and warn about their expiry date, we have decided for this work.
|
|
|
DNSSEC Online Web Map
Scherfel, Peter ; Grégr, Matěj (referee) ; Matoušek, Petr (advisor)
This master's thesis is focusedurity extension DNSSEC of DNS system. It will go trough the basics of securing DNS by DNSSEC and possibilities of collecting information about the state of DNSSEC in present. Its main goal is to design application, which will be monito- ring security state of TLD and SLD domains. Implemented system is gathering information from public Whois database. Gathered information are transformed to geographical coor- dinates by Google Maps API. All gathered information are stored in database and placed on geographical map of the world by Google Maps Api.
|
|
|
Library and Tools for Server-Side DNSSEC Implementation
Včelák, Jan ; Grégr, Matěj (referee) ; Matoušek, Petr (advisor)
Tato práce se zabývá analýzou současných open source řešení pro zabezpečení DNS zón pomocí technologie DNSSEC. Na základě provedené rešerše je navržena a implementována nová knihovna pro použití na autoritativních DNS serverech. Cílem knihovny je zachovat výhody stávajících řešení a vyřešit jejich nedostatky. Součástí návrhu je i sada nástrojů pro správu politiky a klíčů. Funkčnost vytvořené knihovny je ukázána na jejím použití v serveru Knot DNS.
|
|
|
Secured access for web applications
Humpolík, Jan ; Pelka, Tomáš (referee) ; Doležel, Radek (advisor)
This thesis mainly concerns often neglected security part of each web application, but also secure access users themselves. Describes theoretically and practically modern security technology, on a web application being tested and shows a possible way of defense. Gives instructions for installing its own web server.
|
|
|
DNS protocol client with a graphical interface suitable for lecturing
Sousedík, Tomáš ; Lattenberg, Ivo (referee) ; Jeřábek, Jan (advisor)
This thesis describes DNS protocol and messages it uses to obtain desired information. The protocol is described from its creation and occasions that caused the creation of the protocol. Later on are discussed multicast capabilities of name resolution this section is focused on mDNS and LLMNR. In the second part is detailed description of the structure of the messages and their useage. In the last part is described the design of the application, which was based on the specifications listed in RFCs. One chapter is devoted to a detailed description of the application and its individual parts. A large part is devoted to the testing. There are also described problems that occurred during application development and their solutions.
|
guest ::
