|
|
Interception of Modern Encrypted Protocols
Marček, Ján ; Korček, Pavol (referee) ; Kajan, Michal (advisor)
This thesis deals with the introduction to the security mechanism.The procedure explains the basic concepts, principles of cryptography and security of modern protocols and basic principles that are used for information transmission network. The work also describes the most common types of attacks targeting the eavesdropping of communication. The result is a design of the eavesdropping and the implementation of an attack on the secure communication of the SSL protocol..The attacker uses a false certificate and attacks based on poisoning the ARP and DNS tables for this purpose. The thesis discusses the principles of the SSL protocol and methodology of attacks on the ARP and DNS tables.
|
|
|
Simulated Fault-Injection in Network Communication
Rozsíval, Michal ; Rogalewicz, Adam (referee) ; Smrčka, Aleš (advisor)
The development of network applications takes place under ideal conditions, as opposed to deploying them in a real-world environment that contains vulnerabilities such as loss, latency, or cyber-attacks. Ensuring resilience against these vulnerabilities is thus crucial. This thesis introduces the NetLoiter, which aims to enable the simulation of the required vulnerabilities and thus allow developers to treat them correctly. The NetLoiter can be used in transparent (proxy server), hidden (captures communication directly from the system kernel), or hardware versions suitable for testing embedded systems. NetLoiter supports dynamic reconfiguration using a public interface that can be used to automate the testing process. NetLoiter has been successfully integrated and used in real projects.
|
|
|
Module Orchestration of Multitenant Systems
Freyburg, Petr ; Pavela, Jiří (referee) ; Smrčka, Aleš (advisor)
This thesis deals with the creation of multitenant systems and their orchestration. The creation process is based on the transformation of an existing monolithic but modular system in order to extract a selected module. The resulting solution includes an infrastructure that enables secure transmission between the information system and the extracted module. This infrastructure isolates the individual tenants from each other. The individual modules are containerized in Docker technology and orchestrated using Kubernetes. The proposed solution supports several interfaces between the module and the system. Supported interfaces include, for example, a standard client-server architecture or a standard input/output to allow the single-running of console applications.
|
|
| |
|
|
Advanced proxy for penetration testing
Válka, Michal ; Vilém,, Šlesinger (referee) ; Sedlák, Petr (advisor)
This master’s thesis focuses on improving the open-source proxy tool for penetration testing of thick clients. The thesis is divided into three main chapters, the first of which is focused on the theoretical background on which the thesis is based. The second chapter describes the analysis of the current state and defines user requirements, which must be met. The third chapter deals with increasing the quality and expanding the functionality based on user requirements. At the same time, a testing methodology is created and a vulnerable application is developed as a teaching material for the methodology. The chapter concludes with a summary of the economic costs and benefits of the application for the penetration testing process.
|
|
|
Trusted proxy in SSL/TLS connection
Smolík, Jiří ; Forst, Libor (advisor) ; Lukeš, Dan (referee)
The problem of SSL/TLS interception ("trusted proxy in SSL/TLS connection") has been known for years and many implementations exist. However, all of them share a single technical solution which is based solely on the PKI authentication mechanism and suffers from multiple serious disadvantages. Most importantly, it is not compatible with several aspects or future trends of SSL/TLS and PKI, there's almost no space for improvement and its real use may spawn legal issues. After we analyze technical background and the current solution, we will propose another one, based not only on PKI but SSL/TLS too. Both solutions will be compared and general superiority of the new one will be shown. Basic implementation and analysis will follow, along with deployment requirements and ideas for future development. Powered by TCPDF (www.tcpdf.org)
|
|
|
Design and Creation of Proxy for Penetration Testing
Válka, Michal ; Bláha, Lukáš (referee) ; Dydowicz, Petr (advisor)
This bachelor’s thesis is aimed at design and development of proxy for penetration testing. The thesis is divided into three main parts and begins with a theoretical part, which is focused on fundamental technologies and principles on which the application is based. The second part is focused on comparison of currently available solutions. The third part contains the creation of the proxy itself. The last chapter contains a summary of this thesis and the benefits of the developed product for penetration testing.
|
|
|
Censorship in the Internet
Rajecký, Michal ; Rychlý, Marek (referee) ; Očenášek, Pavel (advisor)
Internet censorship is a phenomenon of the time, which significantly restricts freedom of speech. The aim of this work was to find out the current state of Internet censorship in China. As part of the analysis, I designed and implemented a tool for testing website availability and detecting censorship of potentially blocked keywords. This tool verified different levels of access to a target server. The analysis showed that the city of Beijing forms a significant part of China's system in the implementation of censorship, as it loses a large part of Internet communication, up to 97% of all lost data. Testing also revealed the variability of censorship over time. On average, 57.6% of websites received different results during the testing period. This article provides an up-to-date picture of the state of Chinese Internet censorship and its impact on users. Censorship in China can be considered centralized, very extensive and variable over time.
|
|
|
Comparative analysis of proxies in the Syrian conflict
Janoš, Ondřej ; Doboš, Bohumil (advisor) ; Bahenský, Vojtěch (referee)
The thesis examines the engagement of the external actors in the Syrian civil war. It is focusing on five main internal actors of the conflict. Using the Heraclide method it is evaluating engagement intensity of the external actors in the conflict. Together with the examination of the external players engagement the thesis is also focusing on the relations ship between the external actor and his proxy group in Syria. I examine how the international players changed their strategy or proxy groups during the time.
|
|
|
Trusted proxy in SSL/TLS connection
Smolík, Jiří ; Forst, Libor (advisor) ; Lukeš, Dan (referee)
The problem of SSL/TLS interception ("trusted proxy in SSL/TLS connection") has been known for years and many implementations exist. However, all of them share a single technical solution which is based solely on the PKI authentication mechanism and suffers from multiple serious disadvantages. Most importantly, it is not compatible with several aspects or future trends of SSL/TLS and PKI, there's almost no space for improvement and its real use may spawn legal issues. After we analyze technical background and the current solution, we will propose another one, based not only on PKI but SSL/TLS too. Both solutions will be compared and general superiority of the new one will be shown. Basic implementation and analysis will follow, along with deployment requirements and ideas for future development. Powered by TCPDF (www.tcpdf.org)
|
guest ::
