Security Vulnerability Evaluation of Popular Personal Firewalls and Operating Systems

In this thesis, experimental evaluation of security vulnerabilities has been performed under DoS attacks for popular personal firewalls from McAfee, Norton and Kaspersky; and for operating systems namely Apple’s Leopard and SnowLeopard, and Microsoft’s Windows XP and Windows 7. Our experimental results show that the firewalls and operating systems behave differently under a given DoS attack. Some of the firewalls crashed under certain DoS attacks especially when they were configured to prevent and block packets belonging to such attacks. Operating systems evaluated in this thesis were also found to have different built-in security capabilities, and some of them even crashed under certain DoS attacks requiring forced reboot of the system. Comparative performance of firewalls and operating systems under DoS attacks has been presented

Meeting the Challenge of Cyberterrorism: Defining the Military Role in a Democracy

Denna forskningskonsumtion strävar efter att utifrån två frågeställningar undersöka dels var det deliberativa samtalets möjligheter och begränsningar ligger, dels undersöka hur det deliberativa samtalet påverkar lärarrollen i klassrummet. Detta sker genom en systematisk litteraturstudie som behandlar ett urval av relevanta svenska författare och även ett par internationella engelskspråkiga författare. Det deliberativa samtalet är en kommunikativ metod där samförståelse, konsensus och demokrati står i fokus. Tomas Englund, en av de mest uppmärksammade förespråkare av metoden beskriver det deliberativa samtalet med en rad punkter. Dessa punkter beskriver samtalet som att det ska ge olika argument utrymme, samtalet ska vara tolerant, samtalet ska ha inslag av kollektiv viljebildning, traditionella uppfattningar ska ifrågaställas och samtalet ska helst utesluta lärarledning. Det deliberativa samtalet har av bl.a. Skolverket lyfts fram som en  metod som ska gynna värdegrundsarbetet i skolan. Runt millenieskiftet hade det deliberativa samtalet samt värdegrundsarbetet fått en allt mer central del i skolan där Tomas Englund var en av de mest framträdande förespråkarna av metoden. Ytterligare styrkor i samtalet kunde även förstås som dess potential i att kunna implementeras i andra kommunikativa situationer inom flertalet ämnen. Trots att förespråkarna av det deliberativa samtalet kan lyfta många styrkor hos metoden finns fortfarande flera invändningar. De främsta styrkorna som lyfts ur det deliberativa samtalet är värdegrundsarbetet och samtalets tillämpningsbarhet, men de mer kritiska författarna vill gärna uppmärksamma hur det tämligen strukturerade samtalet kan påverka klassrummet och dess dynamik mellan lärare och elever. Hur ska exempelvis läraren förena sin position som betygsättande maktfigur med att hålla samtalet så öppet och tolererande som möjligt, oavsett åsikter som tas upp? Hur ska retoriska färdigheter hos eleverna behandlas när samtalet ska vara öppet och inkluderande? Forskningskonsumtionen lyfter även hur sociala och kulturella faktorer spelar in på elevers förmåga att deltaga i samtalet och lyfter genom författarna fram en diskussion om samtalets lämplighet i klassrummet, främst genom dess deltagare som utgångspunkt. Slutsatsen härleds till att lämpligheten hos det deliberativa samtalet i klassrummet kan kondenseras ned till frågan om förutsättningarna i klassrummet. Det deliberativa samtalet är ingen universallösning för värdegrundsarbete, men har samtidigt en rad andra styrkor som är värda att lyfta fram. Författarna saknar även en enhällig lösning över vilken roll läraren ska ha i samtalet och saknar även en riktig diskussion om hur det deliberativa samtalet ska behandla konflikter när samtalet drivs till sin spets

Defending Servers Against Naptha Attack By Using An Early Client Authentication Method [TK5105.585. C518 2008 f rb].

Serangan Naptha bertujuan mengganggu layanan TCP yang ditawarkan oleh sesuatu pelayan dengan menjanakan banyak sambungan palsu terhadap pelayan tersebut. Naptha attack aims to disrupt TCP service a server provides by generating large amount of forged connections to the server

Mitigating Denial-of-Service Attacks on VoIP Environment

IP telephony refers to the use of Internet protocols to provide voice, video, and data in one integrated service over LANs, BNs, MANs, not WANs. VoIP provides three key benefits compared to traditional voice telephone services. First, it minimizes the need fro extra wiring in new buildings. Second, it provides easy movement of telephones and the ability of phone numbers to move with the individual. Finally, VoIP is generally cheaper to operate because it requires less network capacity to transmit the same voice telephone call over an increasingly digital telephone network (FitzGerald & Dennis, 2007 p. 519). Unfortunately, benefits of new electronic communications come with proportionate risks. Companies experience losses resulting from attacks on data networks. There are direct losses like economic theft, theft of trade secrets and digital data, as well as indirect losses that include loss of sales, loss of competitive advantage etc. The companies need to develop their security policies to protect their businesses. But the practice of information security has become more complex than ever. The research paper will be about the major DoS threats the company’s VoIP environment can experience as well as best countermeasures that can be used to prevent them and make the VoIP environment and, therefore, company’s networking environment more secure

A Look Back at "Security Problems in the TCP/IP Protocol Suite"

About fifteen years ago, I wrote a paper on security problems in the TCP/IP protocol suite. In particular, I focused on protocol-level issues, rather than implementation flaws. It is instructive to look back at that paper, to see where my focus and my predictions were accurate, where I was wrong, and where dangers have yet to happen. This is a reprint of the original paper, with added commentary

DDoS-Capable IoT Malwares: comparative analysis and Mirai Investigation

The Internet of Things (IoT) revolution has not only carried the astonishing promise to interconnect a whole generation of traditionally “dumb” devices, but also brought to the Internet the menace of billions of badly protected and easily hackable objects. Not surprisingly, this sudden flooding of fresh and insecure devices fueled older threats, such as Distributed Denial of Service (DDoS) attacks. In this paper, we first propose an updated and comprehensive taxonomy of DDoS attacks, together with a number of examples on how this classification maps to real-world attacks. Then, we outline the current situation of DDoS-enabled malwares in IoT networks, highlighting how recent data support our concerns about the growing in popularity of these malwares. Finally, we give a detailed analysis of the general framework and the operating principles of Mirai, the most disruptive DDoS-capable IoT malware seen so far

Investigation of open resolvers in DNS reflection DDoS attacks

Les serveurs du système de noms de domaine (DNS) représentent des éléments clés des réseaux Internet. Récemment, les attaquants ont profité de ce service pour lancer des attaques massives de déni de service distribué (DDoS) contre de nombreuses organisations [1, 2, 3]. Ceci est rendu possible grâce aux différentes vulnérabilités liées à la conception, implantation ou une mauvaise configuration du protocole DNS. Les attaques DDoS amplifiées par DNS sont des menaces dangereuses pour les utilisateurs d’Internet. L’objectif de cette étude est d’acquérir une meilleure compréhension des attaques DDoS amplifiées par DNS par l’investigation des résolveurs DNS ouverts à travers le monde. Dans ce contexte, il est nécessaire d’adopter une approche en phase précoce pour détecter les résolveurs DNS ouverts. Cela devient cruciale dans le processus d’enquête. Dans cette thèse, nous nous intéresserons à l’utilisation de résolveurs DNS ouverts dans les attaques DDoS amplifiées par DNS. Plus précisément, la principale contribution de notre recherche est la suivante : (i) Nous profilons les résolveurs DNS ouverts, ce qui implique : détecter les résolveurs ouverts, les localiser, détecter leur système d’exploitation et le type de leur connectivité, et étudier le but de leur vivacité. (ii) Nous effectuons une évaluation de la sécurité des résolveurs DNS ouverts et leurs vulnérabilités. De plus, nous discutons les fonctions de sécurité des résolveurs DNS, qui fournissent, par inadvertence, les attaquants par la capacité d’effectuer des attaques DDoS amplifiées par DNS. (iii) Nous présentons une analyse pour démontrer l’association des résolveurs DNS ouverts avec les menaces de logiciels malveillants.Domain Name System (DNS) servers represent key components of Internet networks. Recently, attackers have taken advantage of this service to launch massive Distributed Denial of Service (DDoS) attacks against numerous organizations [1, 2, 3]. This is made possible due to the various vulnerabilities linked to the design, implementation or misconfiguration of the DNS protocol. DNS reflection DDoS attacks are harmful threats for internet users. The goal of this study is to gain a better understanding of DNS reflection DDoS attacks through the investigation of DNS open resolvers around the world. In this context, there is a need for an early phase approach to detect and fingerprint DNS open resolvers. This becomes crucial in the process of investigation. In this thesis, we elaborate on the usage of DNS open resolvers in DNS reflection DDoS attacks. More precisely, the main contribution of our research is as follows : (i) We profile DNS open resolvers, which involves : detecting open resolvers, locating them, fingerprinting their operating system, fingerprinting the type of their connectivity, studying the purpose of their liveness. (ii) We conduct an assessment with respect to DNS open resolvers security and their vulnerabilities. Moreover, we discuss the security features that DNS open resolvers are equipped with, which inadvertently provide the capability to the attackers in order to carry out DNS reflection DDoS attacks. (iii) We present an analysis to demonstrate the association of DNS open resolvers with malware threats

Network Defense: The Attacks of Today and How Can We Improve?

The practices of Network Defense were analyzed in this research paper. The Internet has become a very dangerous place for computer systems and networks as an increasing number of malicious attacks are occurring each day. Attacks such as Phishing, Campaign Style Attacks, Zero Day Exploits, and Botnets are plaguing individuals and firms who are concerned for the protection of their data and systems. By utilizing a combination of defense systems including Firewalls, Intrusion Protection Systems, 802.1x, NAC, Antivirus, Antispyware and more, I have developed a comprehensive system which can be used as a model of Network Security. In conclusion there many firms that are not ready for Network Security in today’s computer world. With the question of economics needed to remediate the issue, there is the question on how secure are companies and individuals going to be