IPv6: a new security challenge

Tese de mestrado em Segurança Informática, apresentada à Universidade de Lisboa, através da Faculdade de Ciências, 2011O Protocolo de Internet versão 6 (IPv6) foi desenvolvido com o intuito de resolver alguns dos problemas não endereçados pelo seu antecessor, o Protocolo de Internet versão 4 (IPv4), nomeadamente questões relacionadas com segurança e com o espaço de endereçamento disponível. São muitos os que na última década têm desenvolvido estudos sobre os investimentos necessários à sua adoção e sobre qual o momento certo para que o mesmo seja adotado por todos os players no mercado. Recentemente, o problema da extinção de endereçamentos públicos a ser disponibilizado pelas diversas Region Internet registry – RIRs - despertou o conjunto de entidades envolvidas para que se agilizasse o processo de migração do IPv4 para o IPv6. Ao contrário do IPv4, esta nova versão considera a segurança como um objetivo fundamental na sua implementação, nesse sentido é recomendado o uso do protocolo IPsec ao nível da camada de rede. No entanto, e devido à imaturidade do protocolo e à complexidade que este período de transição comporta, existem inúmeras implicações de segurança que devem ser consideradas neste período de migração. O objetivo principal deste trabalho é definir um conjunto de boas práticas no âmbito da segurança na implementação do IPv6 que possa ser utilizado pelos administradores de redes de dados e pelas equipas de segurança dos diversos players no mercado. Nesta fase de transição, é de todo útil e conveniente contribuir de forma eficiente na interpretação dos pontos fortes deste novo protocolo assim como nas vulnerabilidades a ele associadas.IPv6 was developed to address the exhaustion of IPv4 addresses, but has not yet seen global deployment. Recent trends are now finally changing this picture and IPv6 is expected to take off soon. Contrary to the original, this new version of the Internet Protocol has security as a design goal, for example with its mandatory support for network layer security. However, due to the immaturity of the protocol and the complexity of the transition period, there are several security implications that have to be considered when deploying IPv6. In this project, our goal is to define a set of best practices for IPv6 Security that could be used by IT staff and network administrators within an Internet Service Provider. To this end, an assessment of some of the available security techniques for IPv6 will be made by means of a set of laboratory experiments using real equipment from an Internet Service Provider in Portugal. As the transition for IPv6 seems inevitable this work can help ISPs in understanding the threats that exist in IPv6 networks and some of the prophylactic measures available, by offering recommendations to protect internal as well as customers’ networks

Data Communications and Network Technologies

This open access book is written according to the examination outline for Huawei HCIA-Routing Switching V2.5 certification, aiming to help readers master the basics of network communications and use Huawei network devices to set up enterprise LANs and WANs, wired networks, and wireless networks, ensure network security for enterprises, and grasp cutting-edge computer network technologies. The content of this book includes: network communication fundamentals, TCP/IP protocol, Huawei VRP operating system, IP addresses and subnetting, static and dynamic routing, Ethernet networking technology, ACL and AAA, network address translation, DHCP server, WLAN, IPv6, WAN PPP and PPPoE protocol, typical networking architecture and design cases of campus networks, SNMP protocol used by network management, operation and maintenance, network time protocol NTP, SND and NFV, programming, and automation. As the world’s leading provider of ICT (information and communication technology) infrastructure and smart terminals, Huawei’s products range from digital data communication, cyber security, wireless technology, data storage, cloud-computing, and smart computing to artificial intelligence

Data Communications and Network Technologies

This open access book is written according to the examination outline for Huawei HCIA-Routing Switching V2.5 certification, aiming to help readers master the basics of network communications and use Huawei network devices to set up enterprise LANs and WANs, wired networks, and wireless networks, ensure network security for enterprises, and grasp cutting-edge computer network technologies. The content of this book includes: network communication fundamentals, TCP/IP protocol, Huawei VRP operating system, IP addresses and subnetting, static and dynamic routing, Ethernet networking technology, ACL and AAA, network address translation, DHCP server, WLAN, IPv6, WAN PPP and PPPoE protocol, typical networking architecture and design cases of campus networks, SNMP protocol used by network management, operation and maintenance, network time protocol NTP, SND and NFV, programming, and automation. As the world’s leading provider of ICT (information and communication technology) infrastructure and smart terminals, Huawei’s products range from digital data communication, cyber security, wireless technology, data storage, cloud-computing, and smart computing to artificial intelligence

Exploiting Wireless Sensors: a gateway for 868MHz sensors

[ANGLÈS] The great interest in monitoring everything around us has increased the number of sensors that we utilize in our daily lives. Furthermore, the evolution of wireless technologies has facilitated their ubiquity. Moreover, is in locations such as homes and offices where exploitation of the data from these sensors has been more important. For example, we want to know if the temperature in our home is adequate, otherwise we want to turn on the heating (or cooling) system automatically and we want to be able to monitor the environment of the home or office remotely. The knowledge from these sensors and the ability to actuate devices, summon human assistance, and adjust contracts for electrical power, heating, cooling, etc. can facilitate a myriad of ways to improve the quality of our life and potentially even reduce resource consumption. This master?s thesis project created a gateway that sniffs wireless sensor traffic in order to collect data from existing sensors and to provide this data as input to various services. These sensors work in the 868 MHz band. Although these wireless sensors are frequently installed in homes and offices, they are generally not connected to any network. We designed a gateway capable of identifying these wireless sensors and decoding the received messages, despite the fact that these messages may use a vendor?s proprietary protocol. This gateway consists of a microcontroller, a radio transceiver (868-915 MHz), and an Ethernet controller. This gateway enables us to take advantage of all the data that can be captured. Thinking about these possibilities, imultaneously acquiring data from these various sensors could open a wide range of alternatives in different fields, such as home automation, industrial controlling? Not only can the received data be interesting by itself; but when different sensors are located in the same environment we can exploit this data using sensor fusion. For example, time differences in arrival and differences in signal strength as measured t multiple receivers could be used to locate objects. The final aim of this thesis project is to support diverse applications that could be developed using the new gateway. This gateway creates a bridge between the information that is already around us and our ability to realize many new potential services. A wide range of opportunities could be realized by exploiting the wireless sensors we already have close to us.[CASTELLÀ] El gran interés en el seguimiento de todo lo que nos rodea ha incrementado el número de sensores que utilizamos en nuestra vida diaria. Por otra parte, la evolución de la tecnología inalámbrica ha facilitado su instalación. Es en lugares como casas y oficinas donde el aprovechamiento de los datos de estos sensores ha sido más importante. Por ejemplo, si queremos saber si la temperatura en casa es la adecuada para activar el sistema de calefacción (o refrigeración) de forma automática. La capacidad para accionar dispositivos externos y ajustar los contratos de energía eléctrica, calefacción, refrigeración, etc. puede facilitar una gran variedad de formas de mejorar la calidad de nuestra vida y, potencialmente, incluso reducir el consumo de recursos. Este proyecto de tesis ha creado una gateway que detecta el tráfico de sensores inalámbricos con el fin de recoger datos de los sensores existentes y proporcionarlos como entrada a varios servicios. Estos sensores funcionan en la banda de 868 MHz. A pesar de que estos sensores inalámbricos son frecuentemente instalados en hogares y oficinas, generalmente no están conectados a ninguna red. Hemos diseñado una gateway capaz de identificar estos sensores inalámbricos y descodificar los mensajes recibidos, aunque estos mensajes pueden utilizar un protocolo exclusivo del propietario. Esta gateway consta de un microcontrolador, un transceptor de radio (868-915 MHz) y un controlador Ethernet. Esta gateway nos permite tomar ventaja de todos los datos que se pueden capturar. Pensando en todas estas posibilidades a la vez, la adquisición de los datos de estos diversos sensores podría abrir una amplia gama de alternativas en diferentes campos, como la automatización del hogar, control industrial ... No sólo los datos recibidos pueden ser interesantes, sino que los diferentes sensores que se encuentran en el mismo entorno pueden explotar estos datos mediante la fusión de sensores. Por ejemplo, las diferencias de tiempo en la llegada y las diferencias en intensidad de la señal, según lo que determina múltiples receptores también podría ser utilizado para localizar objetos. El objetivo final de este proyecto de tesis es dar apoyo a las diversas aplicaciones que pueden ser desarrolladas utilizando la nueva gateway. Esta gateway crea un puente entre la información que ya está a nuestro alrededor y nuestra capacidad de realizar muchos nuevos servicios potenciales. Una amplia gama de posibilidades puede ser generada mediante la explotación red de sensores inalámbricos que ya están presentes en nuestro alrededor.[CATALÀ] El gran interès en el seguiment de tot el que ens envolta ha incrementat el nombre de sensors que utilitzem en la nostra vida diària. D'altra banda, l'evolució de la tecnologia sense fils ha facilitat la seva instal·lació. És en llocs com cases i oficines on l'aprofitament de les dades d'aquests sensors ha estat més important. Per exemple, si volem saber si la temperatura a casa és l'adequada per activar el sistema de calefacció (o refrigeració) de forma automàtica. La capacitat per accionar dispositius externs i ajustar els contractes d'energia elèctrica, calefacció, refrigeració, etc. pot facilitar una gran varietat de formes de millorar la qualitat de la nostra vida i, potencialment, fins i tot reduir el consum de recursos. Aquest projecte de tesi ha creat una gateway que ensuma el tràfic de sensors sense fils amb la finalitat de recollir dades dels sensors existents i proporcionar-les com a entrada de diversos serveis. Aquests sensors funcionen a la banda de 868 MHz. Malgrat aquests sensors sense fils són sovint instal·lats en llars i oficines, generalment no estan connectats a cap xarxa. Hem dissenyat una gateway capaç d'identificar aquests sensors sense fil i descodificar el missatges rebuts, tot i que aquests missatges poden utilitzar un protocol exclusiu del propietari. Aquesta gateway consta d'un microcontrolador, un transceptor de ràdio (868-915 MHz) i un controlador Ethernet. Aquesta gateway ens permet prendre avantatge de totes les dades que es poden capturar. Pensant en totes aquestes possibilitats a la vegada, l'adquisició de les dades d'aquests diversos sensors podria obrir una àmplia gamma d'alternatives en diferents camps, com ara l'automatització de la llar, control industrial ... No només les dades rebudes poden ser interessants, sinó que els diferents sensors que es troben en el mateix entorn poden explotar aquestes dades mitjançant la fusió de sensors. Per exemple, les diferències de temps en l'arribada i les diferències en intensitat del senyal segons el que determina múltiples receptors també podria ser utilitzat per localitzar objectes. L'objectiu final d'aquest projecte de tesi és donar suport a les diverses aplicacions que poden ser desenvolupades utilitzant la nova gateway. Aquesta gateway crea un pont entre la informació que ja està al nostre voltant i la nostra capacitat de realitzar nous serveis potencials . Una àmplia gamma de possibilitats pot ser generada mitjançant l'explotació de la xarxa de sensors sense fils que ja tenim a prop nostre

A Historical evaluation of C&C complexity

The actions of Malware are often controlled through uniform communications mechanisms, which are regularly changing to evade detection techniques and remain prolific. Though geographically dispersed, malware-infected nodes being controlled for a common purpose can be viewed as a logically joint network, now loosely referred to as a botnet. The evolution of the mechanisms or processes for controlling the networks of malware-infected nodes may be indicative of their sophistication relative to a point of inception or discovery (if inception time is unknown). A sampling of botnet related malware at different points of inception or discovery can provide accurate representations of the sophistication variance of command and control processes. To accurately measure a sampling, a matrix of sophistication, deemed the Complexity Matrix (CM), was created to categorize the signifying characteristics of Command and Control (C&C) processes amongst a historically-diverse selection of bot binaries. In this paper, a survey of botnets is conducted to identify C&C characteristics that accurately represent the level of sophistication being implemented within a specified time frame. The results of the survey are collected in a CM and used to generate a subsequent roadmap of C&C milestones

Bitcoin, Blockchain Technology, and Cryptocurrencies

The blockchain based cryptocurrency known as Bitcoin was theorized in a whitepaper published October 28, 2008, by Satoshi Nakamoto (pseudonym) (Nakamoto, 2008). The paper, titled, “Bitcoin: A Peer-to-Peer Electronic Cash System,” laid out a digital currency creation/exchange structure that employs a decentralized ledger that would later run on the author’s open-source application (Nakamoto, 2008). The main innovation of this technology is found within the security benefits provided by the proof-of-work consensus mechanism that requires solving a mathematic trap-door compression function to verify transactions/blocks added to the blockchain. On January 3, 2009, the genesis block, a term for the first block in any given blockchain, was created using Satoshi’s Bitcoin v0.1 software that actualized the concepts in the Bitcoin whitepaper (Bitcoin Core, 2021)

A Companion Study Guide for the Cisco DCICN Data Center Certification Exam (200-150)

The official Cisco DCICN book and practice exams are great resources, but this is not an easy exam. This study guide is a companion to those resources and summarizes the subject areas into additional review questions with an answer description for each item. This book is not a braindump and it is not bootleg screenshots of the actual exam. Instead, this book provides additional context and examples, serves to complement other study guides, and provides additional examples. If you are getting ready to take the exam for the first time, I hope that this guide provides the extra help to pass! If you are up for re-certification, I hope that this guide serves as a refresher and reminder! Keep working hard, keep studying, and never stop learning…https://digitalcommons.odu.edu/distancelearning_books/1000/thumbnail.jp

Segurança contra intrusão em redes informáticas

Devido ao facto de hoje em dia a informação que é processada numa rede informática empresarial, ser cada vez mais de ordem confidencial, torna-se necessário que essa informação esteja o mais protegida possível. Ao mesmo tempo, é necessário que esta a informação esteja disponível com a devida rapidez, para os parceiros certos, num mundo cada vez mais globalizado. Com este trabalho pretende-se efectuar o estudo e implementação da segurança, numa pequena e genérica rede de testes, que facilmente seja extrapolada, para uma rede da dimensão, de uma grande empresa com potenciais ramificações por diversos locais. Pretende-se implementar/monitorização segurança quer externamente, (Internet service provider ISP) quer internamente (activos de rede, postos de trabalho/utilizadores). Esta análise é baseada na localização (local, wireless ou remota), e, sempre que seja detectada qualquer anomalia, seja identificada a sua localização, sendo tomadas automaticamente acções de protecção. Estas anomalias poderão ser geridas recorrendo a ferramentas open source ou comerciais, que façam a recolha de toda a informação necessária, e tomem acções de correcção ou alerta mediante o tipo de anomalia.By the fact of nowadays the information that is processed in an enterprise network, must be each time, more than confidential, it becomes necessary to protect this information. At the same time, it is necessary to provide this informatation to become available as soon as possible, for the certain partners, with the globalization of the world. With this work, it is intended to study and implement security guard, in a small generic network prototype. In this case, is easily to export to network with a dimension of a great company, with potential ramifications, in diverse places. It is intended to implement/monitoring external security, (Internet service to sevice provider ISP), or internal security (networking equipment, servers, hosts or users). This analizes is based in the localization (local, remote or wireless), and whenever any anomaly is detected, and it can identifyed quickly, being taken an automatically protection. These anomalies could be managed appealing to the commercial or open source tools, which make possible to get all the necessary information, and take the necessaries measures of alerting or correcting that type of anomaly

Application Adaptive Bandwidth Management Using Real-Time Network Monitoring.

Application adaptive bandwidth management is a strategy for ensuring secure and reliable network operation in the presence of undesirable applications competing for a network’s crucial bandwidth, covert channels of communication via non-standard traffic on well-known ports, and coordinated Denial of Service attacks. The study undertaken here explored the classification, analysis and management of the network traffic on the basis of ports and protocols used, type of applications, traffic direction and flow rates on the East Tennessee State University’s campus-wide network. Bandwidth measurements over a nine-month period indicated bandwidth abuse of less than 0.0001% of total network bandwidth. The conclusion suggests the use of the defense-in-depth approach in conjunction with the KHYATI (Knowledge, Host hardening, Yauld monitoring, Analysis, Tools and Implementation) paradigm to ensure effective information assurance

Heterogeneous Access: Survey and Design Considerations

As voice, multimedia, and data services are converging to IP, there is a need for a new networking architecture to support future innovations and applications. Users are consuming Internet services from multiple devices that have multiple network interfaces such as Wi-Fi, LTE, Bluetooth, and possibly wired LAN. Such diverse network connectivity can be used to increase both reliability and performance by running applications over multiple links, sequentially for seamless user experience, or in parallel for bandwidth and performance enhancements. The existing networking stack, however, offers almost no support for intelligently exploiting such network, device, and location diversity. In this work, we survey recently proposed protocols and architectures that enable heterogeneous networking support. Upon evaluation, we abstract common design patterns and propose a unified networking architecture that makes better use of a heterogeneous dynamic environment, both in terms of networks and devices. The architecture enables mobile nodes to make intelligent decisions about how and when to use each or a combination of networks, based on access policies. With this new architecture, we envision a shift from current applications, which support a single network, location, and device at a time to applications that can support multiple networks, multiple locations, and multiple devices