The Experts below are selected from a list of 6 Experts worldwide ranked by ideXlab platform
Benbenek Jan - One of the best experts on this subject based on the ideXlab platform.
-
IDS/IPS Systems and Automatic Configuration of Juniper Security Gateways
Vysoká škola báňská - Technická univerzita Ostrava, 2015Co-Authors: Benbenek JanAbstract:Import 03/11/2016Diplomová práce se zabývá aplikací autokonfiguračních bezpečnostních skriptů pro prvky Juniper a jejich praktickým uplatněním v podnikových sítích. Hlavní princip systémů spočívá v automatické konfiguraci Juniper Firewallů proti dané síťové bezpečnostní hrozbě. Na základě detekované bezpečnostní hrozby IDS systémem, je vygenerován bezpečnostní skript, který automaticky nastavuje Juniper Firewall proti síťovému útoku. Vlastnosti síťových bezpečnostních pravidel IDS systému tedy určují celkovou efektivitu detekce útoků. Účelem práce je nejprve provést popis: bezpečnostních hrozeb, IDS/IPS systémů, bezpečnostních prvků Juniper a simulačního softwaru GNS3, ve kterém bude realizována testovací topologie. V praktické části navrhnout bezpečnostní systém využívající IDS/IPS systémy SNORT nebo Suricata, k detekci dané bezpečnostní hrozby. Dále nalézt automatický skript, který bude blokovat bezpečnostní hrozby na základě IDS výstrah. Realizovaný systém poté zhodnotit a uvést univerzální topologii pro využití v praxi.The diploma thesis deals with an aplication of autoconfiguration security scripts for Juniper Firewalls and their practical use in corporate networks. The main function of these systems consist in automatic configuration of Juniper Firewalls against given network attack. The security script is generated due to captured security threat, which automatically sets Juniper Firewall against the network attack. Features of the network security rules of the IDS system determine overall efficiency of detection. The purpose of this thesis is to perform: analysis of the IDS/IPS systems, review network security threats, description of Juniper security Firewalls and simulation software GNS3 in which the the test topology will be implemented. The practical part designs the network security system using IDS/IPS systems SNORT or Suricata to detect the network security threat. The next step is to find an automatic script which will block network attacks based on IDS alerts. Then implemented system to evaluate and specify universal topology for use in a practice.440 - Katedra telekomunikační technikydobř
Mais Nijim - One of the best experts on this subject based on the ideXlab platform.
-
Develop a solution for protecting and securing enterprise networks from malicious attacks
Mobile Multimedia Image Processing Security and Applications 2014, 2014Co-Authors: Harshitha Kamuru, Mais NijimAbstract:In the world of computer and network security, there are myriad ways to launch an attack, which, from the perspective of a network, can usually be defined as "traffic that has huge malicious intent." Firewall acts as one of the measure in order to secure the device from incoming unauthorized data. There are infinite number of computer attacks that no Firewall can prevent, such as those executed locally on the machine by a malicious user. From the network's perspective, there are numerous types of attack. All the attacks that degrade the effectiveness of data can be grouped into two types: brute force and precision. The Firewall that belongs to Juniper has the capability to protect against both types of attack. Denial of Service (DoS) attacks are one of the most well-known network security threats under brute force attacks, which is largely due to the high-profile way in which they can affect networks. Over the years, some of the largest, most respected Internet sites have been effectively taken offline by Denial of Service (DOS) attacks. A DoS attack typically has a singular focus, namely, to cause the services running on a particular host or network to become unavailable. Some DoS attacks exploit vulnerabilities in an operating system and cause it to crash, such as the infamous Win nuke attack. Others submerge a network or device with traffic so that there are no more resources to handle legitimate traffic. Precision attacks typically involve multiple phases and often involves a bit more thought than brute force attacks, all the way from reconnaissance to machine ownership. Before a precision attack is launched, information about the victim needs to be gathered. This information gathering typically takes the form of various types of scans to determine available hosts, networks, and ports. The hosts available on a network can be determined by ping sweeps. The available ports on a machine can be located by port scans. Screens cover a wide variety of attack traffic as they are configured on a per-zone basis. Depending on the type of screen being configured, there may be additional settings beyond simply blocking the traffic. Attack prevention is also a native function of any Firewall. Juniper Firewall handles traffic on a per-flow basis. We can use flows or sessions as a way to determine whether traffic attempting to traverse the Firewall is legitimate. We control the state-checking components resident in Juniper Firewall by configuring "flow" settings. These settings allow you to configure state checking for various conditions on the device. You can use flow settings to protect against TCP hijacking, and to generally ensure that the fire-wall is performing full state processing when desired. We take a case study of attack on a network and perform study of the detection of the malicious packets on a Net screen Firewall. A new solution for securing enterprise networks will be developed here.
Harshitha Kamuru - One of the best experts on this subject based on the ideXlab platform.
-
Develop a solution for protecting and securing enterprise networks from malicious attacks
Mobile Multimedia Image Processing Security and Applications 2014, 2014Co-Authors: Harshitha Kamuru, Mais NijimAbstract:In the world of computer and network security, there are myriad ways to launch an attack, which, from the perspective of a network, can usually be defined as "traffic that has huge malicious intent." Firewall acts as one of the measure in order to secure the device from incoming unauthorized data. There are infinite number of computer attacks that no Firewall can prevent, such as those executed locally on the machine by a malicious user. From the network's perspective, there are numerous types of attack. All the attacks that degrade the effectiveness of data can be grouped into two types: brute force and precision. The Firewall that belongs to Juniper has the capability to protect against both types of attack. Denial of Service (DoS) attacks are one of the most well-known network security threats under brute force attacks, which is largely due to the high-profile way in which they can affect networks. Over the years, some of the largest, most respected Internet sites have been effectively taken offline by Denial of Service (DOS) attacks. A DoS attack typically has a singular focus, namely, to cause the services running on a particular host or network to become unavailable. Some DoS attacks exploit vulnerabilities in an operating system and cause it to crash, such as the infamous Win nuke attack. Others submerge a network or device with traffic so that there are no more resources to handle legitimate traffic. Precision attacks typically involve multiple phases and often involves a bit more thought than brute force attacks, all the way from reconnaissance to machine ownership. Before a precision attack is launched, information about the victim needs to be gathered. This information gathering typically takes the form of various types of scans to determine available hosts, networks, and ports. The hosts available on a network can be determined by ping sweeps. The available ports on a machine can be located by port scans. Screens cover a wide variety of attack traffic as they are configured on a per-zone basis. Depending on the type of screen being configured, there may be additional settings beyond simply blocking the traffic. Attack prevention is also a native function of any Firewall. Juniper Firewall handles traffic on a per-flow basis. We can use flows or sessions as a way to determine whether traffic attempting to traverse the Firewall is legitimate. We control the state-checking components resident in Juniper Firewall by configuring "flow" settings. These settings allow you to configure state checking for various conditions on the device. You can use flow settings to protect against TCP hijacking, and to generally ensure that the fire-wall is performing full state processing when desired. We take a case study of attack on a network and perform study of the detection of the malicious packets on a Net screen Firewall. A new solution for securing enterprise networks will be developed here.
