|
|
Design and Creation of Proxy for Penetration Testing
Válka, Michal ; Bláha, Lukáš (referee) ; Dydowicz, Petr (advisor)
This bachelor’s thesis is aimed at design and development of proxy for penetration testing. The thesis is divided into three main parts and begins with a theoretical part, which is focused on fundamental technologies and principles on which the application is based. The second part is focused on comparison of currently available solutions. The third part contains the creation of the proxy itself. The last chapter contains a summary of this thesis and the benefits of the developed product for penetration testing.
|
|
|
Configurable Security Email Proxy
Židek, Stanislav ; Samek, Jan (referee) ; Cvrček, Daniel (advisor)
This bachelor thesis deals with design and implementation of multiuser configurable system capable of securing communication via electronic mail. Emphasis is put especially on remote configuration. It also describes existing protocols used for this communication and some of the mechanisms that can secure this communication from different points of view.
|
|
| |
|
| |
|
|
Application for monitoring and controlling the security of large LAN and WAN computer networks
Maloušek, Zdeněk ; Polívka, Michal (referee) ; Novotný, Vít (advisor)
Computer networks are used in much wider extent than 20 years ago. People use the computer mainly for communication, entertainment and data storage. Information is often stored only in electronic devices and that is why the security of the data is so important. The objective of my thesis is to describe network security problems and their solutions. First chapter deals with the network security, security checks and attacks. It describes procedures used in practise. First part deals with traffic scanning and filtering at various layers of the TCP/IP model. Second part presents the types of proxy and its pros and cons. Network Address Translation (NAT) is a favourite technique of managing IP addresses of inside and outside network which helps to improve the security and lower the costs paid for IP addresses. NAT description, IPSec, VPN and basic attacks are described in this section. The second chapter of the thesis presents set of Perl scripts for network security checking. The purpose of the project is not to check the whole network security. It is designed for contemporary needs of IBM Global Services Delivery Centrum Brno. The first script checks running applications on target object. The aim is to detect services that are not necessary to run or that are not updated. The second one checks the security of the Cisco device configuration. There is a list of rules that has to be kept. The third script inspects the Nokia firewall configuration which is on the border of IBM network. If some of the rule is broken, it shows the command that has to be proceeded at the particular device. The output of the first and the second script is an HTML file. The third script uses the command line for the final report. The last part of this chapter gives advice to configure Cisco devices. It is a list of security recommendations that can be used by configuring e.g. routers. The appendix presents two laboratory exercises. The aim is to give students an opportunity to learn something about programs and technologies which are used in practise by IT experts to check the weaknesses of their networks.
|
|
|
Advanced proxy for penetration testing
Válka, Michal ; Vilém,, Šlesinger (referee) ; Sedlák, Petr (advisor)
This master’s thesis focuses on improving the open-source proxy tool for penetration testing of thick clients. The thesis is divided into three main chapters, the first of which is focused on the theoretical background on which the thesis is based. The second chapter describes the analysis of the current state and defines user requirements, which must be met. The third chapter deals with increasing the quality and expanding the functionality based on user requirements. At the same time, a testing methodology is created and a vulnerable application is developed as a teaching material for the methodology. The chapter concludes with a summary of the economic costs and benefits of the application for the penetration testing process.
|
|
|
Proxy Server for Mobile Devices
Vašenka, Václav ; Chmelař, Petr (referee) ; Weiss, Petr (advisor)
This thesis should introduce principles of proxy servers. Main focus is on using proxy as a mediator between a web user, accessing the web from mobile devices and a web server. Next, this paper deals with web design and with aspects that have affect the speed and effectiveness of web page browsing via a proxy server. Moreover, the realization of such a system is described in this paper.
|
|
|
Censorship in the Internet
Rajecký, Michal ; Rychlý, Marek (referee) ; Očenášek, Pavel (advisor)
Internet censorship is a phenomenon of the time, which significantly restricts freedom of speech. The aim of this work was to find out the current state of Internet censorship in China. As part of the analysis, I designed and implemented a tool for testing website availability and detecting censorship of potentially blocked keywords. This tool verified different levels of access to a target server. The analysis showed that the city of Beijing forms a significant part of China's system in the implementation of censorship, as it loses a large part of Internet communication, up to 97% of all lost data. Testing also revealed the variability of censorship over time. On average, 57.6% of websites received different results during the testing period. This article provides an up-to-date picture of the state of Chinese Internet censorship and its impact on users. Censorship in China can be considered centralized, very extensive and variable over time.
|
|
|
IMAP Implementation in C++
Pohl, Marek ; Janoušek, Vladimír (referee) ; Peringer, Petr (advisor)
This thesis has focused on development of library of IMAP network protocol in C++ programming language. This work has focused on design and on interface of the library. Object design of this library is based on analysis of the IMAP protocol. Developed library contains implementation of a client and server part of the IMAP protocol. This work shows also the another IMAP libraries and evaluates pros and cons of the different solutions. Security of a network transfer is explained here in this thesis. This work deals with authentication methods, which are used to protect user credentials during authentication process. Created library can be easily used by software developers to develop an applications like an email client program and IMAP mail server. Part of this work has focused on testing of this developed library.
|
|
|
Design of user authentication for small and medium networks
Hajný, Jan ; Pust, Radim (referee) ; Burda, Karel (advisor)
The main focus of this Master’s thesis is user authentication and access control in a computer network. I analyze the TCP/IP model in connection with security and describe main stepping stones of authentication protocols (mainly hash functions). The authentication protocol analysis follows. I begin with LANMAN protocol analysis for the reason of a security comparison. The NTLM, Kerberos and Radius follows. The focus is on the Kerberos which is chosen as a main authentication protocol. This is also a reason why the modification used in MS domains is described. The implementation and functional verification is placed in the second part which is more practical. The virtualization technology is used for an easier manipulation. The result is a computer network model requiring user authentication and minimizing the possibility of an attack by unauthorized clients.
|
guest ::
