|
|
Censorship on the Internet
Postolka, Jáchym ; Rychlý, Marek (referee) ; Očenášek, Pavel (advisor)
Cenzura internetu je velmi relevantní téma moderní společnosti. Stále více se internet využívá ke kontrole přístupu k informacím a sledováním jeho uživatelů. Cílem této práce je zdokumentovat způsoby cenzury ve Spojených Arabských Emirátech a za jakým účelem je internet v této zemi cenzurován. Dále je to také prozkoumání dopadů této cenzury na přístup uživatelů k internetu, jakým způsobem cenzura internetu omezuje přístup k svobodným informacím a jak je využívána jako nástroj represe. Součástí této práce je návrh a implementace nástroje na zjištění přítomnosti cenzury a jakým způsobem je internet cenzurován. Tento nástroj je sestaven z několika testů, kde každý je zaměřen na otestování jiného způsobu cenzury. Tento nástoj lze úpravou vstupů využít pro testování cenzury i v jiných zemích, než jsou Spojené Arabské Emiráty. Nástroj nebyl schopen zjistit známky cenzury, kvůli jeho spouštění na virtuálním privátním serveru, který svým umístěním v síti obchází cenzorské prostředky dodavatelů internetového připojení, které jsou hlavním způsobem cenzury této země. Pro otestování jeho funkčnosti jako nástroje detekce a analýzy cenzury ve Spojených Arabských Emirátech, by vyžadovalo lokální uživatelský přístup k internetu.
|
|
|
Censorship on the Internet
Kyjovský, Dalibor ; Rychlý, Marek (referee) ; Očenášek, Pavel (advisor)
Internet censorship is a significant and current topic that affects freedom of speech and access to information. This bachelor’s thesis focuses on the analysis of internet censorship with an emphasis on technical aspects, using Belarus as an example. The introductory part of the thesis deals with the context of internet censorship in the world and emphasizes the importance of freedom on the internet. Subsequently, a detailed analysis of censorship means in Belarus is carried out, including technical details and detection possibilities. The thesis also examines tools that allow users to bypass internet censorship. The main output of the thesis is a proposed and implemented application for analyzing the internet environment in Belarus, which allows the identification of censorship mechanisms and provides data for further research. The obtained results support a better understanding of the issue of internet censorship and offer possibilities for further monitoring and development of this application.
|
|
|
Methodology for setting firewall rules
Vagner, Michal ; Jan,, Burian (referee) ; Sedlák, Petr (advisor)
This diploma thesis focuses on explaining the concept of firewalls, and especially next-generation firewalls. It introduces their specific representative Barracuda CloudGen Firewall, project management and technologies such as Python and RESTful API. Based on these findings it creates an implementation proposal for migrating and creating firewall policies on Barracuda CloudGen Firewall in COMGUARD a.s.
|
|
|
Opensource firewall redundancy
Škurla, Tomáš ; Zeman, Václav (referee) ; Slavíček, Karel (advisor)
This diploma thesis deals with the comparison of different open-source firewalls from the perspective of high availability topology. The goal of the thesis is to determine the most suitable firewall for implementing a topology with high availability. The theoretical part deals with the explanation of the concepts of address translation, the operation of firewalls, and subsequently describes the protocols necessary for the implementation of high availability, followed by a description of the testing using GNS3. The practical part of the thesis describes the preparation of the laboratory environment, as well as the process of configuration and testing of the individual firewalls, followed by an evaluation based on the test results.
|
|
|
DPDK Accelerated Firewall
Holubář, Jiří ; Fukač, Tomáš (referee) ; Vrána, Roman (advisor)
Nowadays, when almost everyone uses the Internet, network traffic security must also be ensured. This is what firewall helps with. Some routes require higher bandwidth than others. This thesis explores possibilities of using the DPDK library when implementing the firewall in order to achieve the highest possible bandwidth.
|
|
| |
|
|
Packet Processing Using DPDK Library
Procházka, Aleš ; Lichtner, Ondrej (referee) ; Grégr, Matěj (advisor)
This master thesis focuses on filtering and forwarding packets in high speed networks. Firstly the DPDK framework is introduced, which is used for fast packet processing. This project also introduces a design of application for high-speed packet filtering and design of tools for making it easier to work with that application. Subsequently, the implementation of this design is introduced and testing with comparison of results with a standard firewall
|
|
|
Advanced methods of filtering network traffic in the Linux system
Peša, David ; Komosný, Dan (referee) ; Kacálek, Jan (advisor)
This master's thesis is meant to provide techniques in designing and building a standalone packet filtering firewall in Linux machines, mainly for small sites who don’t give much service to Internet users. It deals with attenuating the effect of the most common types of attacks using iptables. It guides how to design, implement, run, and maintain Firewall. Techniques for continuously monitoring attacks is attempted. It also give a historical, architectural and technical overview of firewalls and security attacks.
|
|
|
Design methods for computer networks
Božek, Martin ; Stančík, Peter (referee) ; Hajný, Jan (advisor)
Bacherol‘s thesis deals with a topic of a suitable computer network design for a mid-sized infrastructure, its security and router and firewall realization. This boundary element is able to manage basic processes of network controlling between inner and outer network. There is a brief analysis of OSI model but we focused our attention on TCP/IP model more closely. Our project includes description and outlines an importance of the most common elements of the particular network type and their contribution to the security. Description of the three most frequent topologies of the infrastructure type follows. On the basis of the found information, we have chosen and analysed the most suitable topology from the security point of view. The result of the theoretical part is a network model proposal. In the practical part, some our findings are tested and implemented in a real setting. We used a technology of virtualization for the final realization and testing. Thanks to the virtualization used for realization and testing, we could configure the router and the firewall, which are boundary elements that separate the inner network from the Internet.
|
|
| |
guest ::
