Filip Holik

Effective penetration testing with Metasploit framework and methodologies

Nowadays, information security is very important, because more and more confidential information, like medical reports, is being stored electronically on computer systems and those systems are often connected to computer networks. This represents new challenges for people working in information technology. They have to ensure that those systems are as much secure as possible and confidential information will not be revealed. One possible way how to prove system security is to conduct regular penetration tests - e.g. simulate attackers malicious activity. This article briefly introduces the basics of penetration testing and shows how to deploy and use Metasploit framework when conducting penetration testing. Finally, a case study in production environment is shown. Software tools and techniques described in this work are also valid and applicable for SCADA systems and moreover in any other field where computer networks are used.

The deployment of Security Information and Event Management in cloud infrastructure

This article deals with the problematics of data safety and security in cloud environment while using Security Information and Event Management (SIEM). This article introduces and critically assesses the basic principles of SIEM in data infrastructure, its deployments in specific cloud environment, and technical requirements for SIEM solution implementation into a cloud environment applied to individual cloud distribution models.

Methods of deploying security standards in a business environment

Information is the essential building block of society and is found in each field of business. They can represent a business plan, personnel data, manufacturing know-how, financial transactions and many others. Information is part of company assets and thus has to be protected. This article describes methods of deploying security standards in a business environment. The practical part of the article describes implementation of Information Security Management System in a real automotive company located in the Czech Republic.

Measuring Information Quality of Geosocial Networks

Geosocial networks are widespread adopted by tourists for the last years. These networks can replace tourist information center and play important information role in tourism. The main goal of this article is to get amount of coverage of geosocial networks to verify whether there is sufficiently reliable cloud information source for needs of tourism. This paper examines the coverage rate of points of interest used in tourism from Foursquare, Google+ and Facebook in the Czech Republic. Quality of information obtained from these geosocial networks is measured and compared with widely used map applications like Google Maps or local application Mapy.cz.

Vulnerabilities of modern web applications

The security of modern web applications is becoming increasingly important with their growing usage. As millions of people use these services, the availability, integrity, and confidentiality are critical. This paper describes the process of penetration testing of these applications. The goal of such testing is to detect application flaws and vulnerabilities and to propose a solution to mitigate them. The paper analyses current penetration testing tools and subsequently tests them on a use case web application, build specifically with present security flaws. The process of penetration testing is described in detail and the performance of each tool is evaluated. In the last section, recommended practices to mitigate found flaws are summarized.

Analysis of the use of Rainbow Tables to break hash

Tento dokument seznamuje s vytvořenou aplikaci pro generovani Rainbow tabulek a výsledky testů s využitim Rainbow tables podle delky zvoleneho řetězce. Přispěvek prezentuje specializovanou aplikaci obsahujici vlastni algoritmy pro funkce redukce, změnu delky řetězce, generovani Rainbow tables a detailni měřeni efektivity při vyhledavani hesla. V ramci testů je dale popsana zavislost velikosti rainbow tables na delce hesla, ovlivněni hash vyhledavani podle velikosti zvoleneho řetězce a propojeni s kolizemi, ktere vyvstavaji z principu využiti redukcni funkce. Výsledky objektivně popisuji výhody a nevýhody využiti Rainbow tables a ukazuji možnosti a omezeni pro jejich efektivni využiti.

Proposal to Centralize Operational Data Outputs of Airport Facilities

This article presents analysis and a proposal to centralize operational data outputs of airport facilities for the Armed Forces of the Czech Republic. In the first part, the current state of infrastructure and individual systems necessary for controlling flight operations of the Armed Forces of the Czech Republic is presented. Within the analysis, a complex packet capturing was conducted, from which the list of most used protocols was chosen. The second part is focused on proposing a monitoring system with emphasis on its expansibility and security whilst minimizing changes to the current solution, which would mean the necessity of getting new system certifications from designated offices.

The methodology of measuring throughput of a wireless network

It is important to measure network performance in the whole network life cycle. In the development phase network architects can estimate how the network will work for desired number of users and their needs more accurately. In the implementation and testing phases network engineers can conduct a site survey and thus measure network performance in any given location. Spots with poor performance can be then detected and corrected. The last phase is network monitoring where measuring network performance brings advantages like summary statistics and the ability to predict network congestion, which could be prevented by well-timed network upgrade. This paper introduces new methodology for measuring data throughput of a wireless network in a real environment. The methodology is based on deficiencies found in existing approaches to measure wireless throughput.

Implementation and testing of Cisco IP SLA in smart grid environments

Smart grid networks are becoming more and more commonly deployed due to their undisputed benefits. On the other hand, there is a high demand for reliability and functionality of these networks. This paper is analysing usage of the IP SLA for monitoring network state and collecting important information for potential problem detection and solving. The practical part of the paper presents implementation of the IP SLA into the smart grid network environment and its testing. The results from several simulated scenarios with different QoS classes, used within the smart grid networks, are discussed.

Analysis of the wireless communication latency and its dependency on a data size

Aim of this article is to introduce the results of measurement of latency in wireless networks and its dependency on the size of the sent data. Latency and its role in wireless networks are described in detail. Based on the theoretical background, three experimental topologies were designed. These topologies are used to measure latency in wireless networks. The rate of latency, depending on the size of outgoing data is based on test results. This article also presents the prediction when the packet size may be determined so that it is possible to minimize interdependence of latency and data sent and to reduce the latency.