C#/.net>> Network-Security>> 返回
项目作者: BFreitas16

项目描述 :
Network Advanced Security and Architecture Projects
高级语言:
项目地址: git://github.com/BFreitas16/Network-Security.git
创建时间: 2021-06-02T14:57:18Z
项目社区:https://github.com/BFreitas16/Network-Security
开源协议:MIT License
下载


Network-Security

These projects where made in Network Advanced Security and Architecture class. The main goal was to study the principles and techniques for the design and management of secure network infrastructures in heterogeneous environments.

Table of Contents

Project 1 Network Attacks and Mitigations

Report: Network Attacks & Mitigations
Config File: Configurations inside the report in Annex

This report discusses some network vulnerabilities and countermeasures. It is also explained the steps to reproduce the attacks, the steps to prevent it and some theoretical concepts necessary for its understanding.
Topics covered:

  • CAM table overflow
  • DHCP attacks
    • DHCP spoofing
    • DHCP starvation
  • ARP poisoning (MitM)
  • STP manipulation
  • VLAN attacks
    • DTP attack
    • Double-tagging attack
  • DNS spoofing
  • RIP poisoning
  • Idle Scan
  • ICMP redirect (MitM)

Project 2 Firewalls and AAA

Report: Firewalls & AAA
Config file: Firewalls & AAA Configuration

This report discusses Firewalls and AAA which stands for Authentication, Authorization and Accounting (basically, is a framework used to control who is permitted to use the network resources - authentication - what they are authorized to do - authorization - and capture the actions performed while accessing the network - accounting).
Topics covered:

  • Classical Firewalls
  • Zone Based Policy Firewalls
  • Defense agains DoS attacks
  • AAA
    • TACACS+
    • RADIUS
  • 802.1X authentication
  • ASA firewall

Project 3 IPSec and VPNs

Report: IPSec & VPNs
Config File: Configurations inside the report in Annex

This report discusses IPSec and VPNs, where it is analyzed different VPNs and their configurations.
Topics covered:

  • Tunneling
    • GRE
    • IPv6 tunneling over IPv4
  • IPSec
    • IPSec using ESP in tunnel mode & AH in tunnel mode
    • IPSec with NAT traversal
    • GRE over IPSec
  • DMVPN
    • DMVPN over IPSec
  • GETVPN
  • Load balancing and redundancy
    • HSRP
    • HSRP with object tracking
    • Attacking HSRP
    • GLBP
  • VRFs and MPLS VPNs

Project 4 Snort alerting DoS attacks

Report: Snort - alerting DoS attacks
Config File: Configurations inside the report in Annex

This report discusses Snort as an NIDS and shows the alert rules that can be configured so that different DoS attacks are detected, and gives a python script to execute each attack.
Topics covered:

  • ICMP flood
  • SYN flood
  • Ping of death
  • Land attack
  • HTTP flooding
  • TCP reset attack
  • Christmas tree attack
  • UDP flood
  • DNS flood
  • Smurf attack