| | SLO | ENG | Cookies and privacy

Bigger font | Smaller font

Show document

Title:PENETRACIJSKO TESTIRANJE VARNOSTI RAČUNALNIŠKIH SISTEMOV
Authors:Puncer, Marko (Author)
Potočnik, Božidar (Mentor) More about this mentor... New window
Files:.pdf UNI_Puncer_Marko_2013.pdf (1,29 MB)
MD5: 7C74052EFD2A23CD36BDC17F4138CB1B
 
Language:Slovenian
Work type:Bachelor thesis/paper (mb11)
Typology:2.11 - Undergraduate Thesis
Organization:FERI - Faculty of Electrical Engineering and Computer Science
Abstract:V diplomski nalogi smo se ukvarjali s problemom varnostnih lukenj in odkrivanjem le-teh v računalniških sistemih s pomočjo penetracijskega testiranja. Preučili smo najpogostejše varnostne luknje, pri čemer smo poseben poudarek posvetili tistim, ki se pojavljajo zaradi površnosti administratorjev računalniških sistemov. Poseben poudarek smo namenili slovarskemu napadu, ki smo ga skupaj z orodjem za pridobivanje gesel tudi implementirali v orodje za slovarski napad na spletne vmesnike. Penetracijsko testiranje smo izvedli na realnem računalniškem sistemu osnovne šole, lastno aplikacijo pa smo zaradi pravno-formalnih omejitev testirali v simuliranem okolju. Testiranje smo izvedli v skladu s priporočili najdenimi v literaturi. Med testiranjem smo odkrili množico pričakovanih varnostnih lukenj, pri čemer so nekatere predstavljale tudi znatno grožnjo brezhibnemu delovanju sistema. Na osnovi najdenih varnostnih lukenj smo izdelali priporočila za njihovo odpravo in jih predali administratorju računalniškega sistema. Preizkušanje lastnega orodja za slovarski napad pa je pokazalo, da so spletni vmesniki lahka tarča za vdor v sistem, saj je avtomatski napad enostavno izvedljiv. Vendar pa za hiter in uspešen napad potrebujemo učinkovito orodje, ki je prilagodljivo sistemu in napadalčevim zahtevam.
Keywords:penetracijsko testiranje, računalniška varnost, računalniški sistemi, varnostne luknje, slovarski napad
Year of publishing:2013
Publisher:[M. Puncer]
Source:Maribor
UDC:004.2:004.94(043.2)
COBISS_ID:17486614 New window
NUK URN:URN:SI:UM:DK:ZRRWLTS6
Views:1452
Downloads:180
Metadata:XML RDF-CHPDL DC-XML DC-RDF
Categories:KTFMB - FERI
:
  
Average score:(0 votes)
Your score:Voting is allowed only for logged in users.
Share:AddThis
AddThis uses cookies that require your consent. Edit consent...

Hover the mouse pointer over a document title to show the abstract or click on the title to get all document metadata.

Secondary language

Language:English
Title:PENETRATION TESTING OF COMPUTER SYSTEMS SECURITY
Abstract:In thesis we dealt with the issue of security vulnerabilities and how to discover them in computer systems with the aid of penetration testing. We studied most common security vulnerabilities especially those which occur due to carelessness of computer system administrators. We devoted special attention to the dictionary attack which, together with the parsing tool, we implemented into a web interface dictionary attack tool. We carried out the penetration testing on a live computer system of a local primary school, while the testing of own tool was performed in a simulated environment due to legal concerns. The testing was performed in accordance with the guidelines found in literature. During the testing we discovered a number of expected security vulnerabilities, some of which were presenting a considerable threat to the flawless operation of the systems. Based on those findings we elaborated guidelines for their resolution and presented them to the computer system administrator. The testing of own tools for dictionary attack showed that the web sign-in interface is an easy target as the automated attack is quite uncomplicated. However, for a fast and successful attack an attacker needs an efficient tool that is adaptable to the system and attacker’s requirements.
Keywords:penetration testing, computer security, computer systems, security vulnerability, dictionary attack


Comments

Leave comment

You have to log in to leave a comment.

Comments (0)
0 - 0 / 0
 
There are no comments!

Back
Logos of partners University of Maribor University of Ljubljana University of Primorska University of Nova Gorica