Traffic Analysis on a Domain Name System Server. SMTP Access Generates Many Name-Resolving Packets to a Greater Extent than Does POP3 Access
|
|
- Daisy Boyd
- 5 years ago
- Views:
Transcription
1 Traffic Analysis on a Domain Name System Server. SMTP Access Generates Many Name-Resolving Packets to a Greater Extent than Does POP3 Access Yasuo Musashi, Ryuichi Matsuba, and Kenichi Sugitani Center for Multimedia and Information Technologies, Kumamoto University, Kumamoto Japan, musashi@cc.kumamoto-u.ac.jp
2 Table of Contents Domain Name System and Intrusion Detection System 4 This Work 5 Computations: Normal Equation 1 6 Computations: Normal Equation 2 7 Used Server Daemon Programs and Estimation of Traffic 8 Observed data of N SMTP, N POP3, and D q (day 1 ). 9 D q N POP3 versus N SMTP plot 10 Traffic of SMTP, POP3, and DNS query in 2002/02/13 11 Observed and calculated DNS traffic in 2002/02/13 12 Traffic of SMTP, POP3, and DNS query in 2002/02/16 13 Traffic of Weekday and Holiday 14
3 Why is m SMTP 8.6? 15 DNS query accesses by a SMTP access 16 Receiving SMTP access 16 Transmitting SMTP access 16 DNS vs SMTP/POP3 17 Cache Effects on DNS traffic from servers 18 Observed and calculated DNS traffics in Estimated Cache Efficiency of DNS traffic 20 Conclusions 21 Acknowledgement 22 Traffic of SMTP(from,to, and others) in 2002/02/16 23 Traffic of SMTP(from,to, user and others) in the peak 24
4 Traffic of DNS and SMTP at 2002/07/15 25 Traffic of DNS and SMTP at 2002/07/16 26 Traffic of DNS and SMTP at 2002/07/17 27
5 Domain Name System and Intrusion Detection System The most important network services on the Internet. SMTP/POP3(Mail),FTP,HTTP,... We need to protect the DNS server, firmly. (A) Network Based Intrusion Detection System DMZ Internet FireWall Local Area Network NIDS NIDS (B) Host Based Intrusion Detection System DMZ Internet FireWall HIDS DNS SMTP/POP3 HIDS
6 This Work DNS Log of DNS query SMTP POP3 Log of SMTP Log of POP3 disk disk 1DNS 1MX (1) Statistical investigation on traffic of the DNS query packets between the DNS server (1DNS) and the server (1MX). (2) How are the DNS query packets generated by the SMTP and POP3 accesses? (3) Cache effects of the DNS query.
7 Computations: Normal Equation 1 D q = R SMTP + R POP3 + R FTP + (1) R i = m i N i (2) D q = the DNS query access between the 1DNS and 1MX. R i = the access numbers from the DNS clients. i = a network protocol, such as SMTP, POP3, FTP,... N i = the access counts of a network application, m i = a linear coefficient. R SMTP + R POP3 R FTP + (1MX) D q = m SMTP N SMTP + m POP3 N POP3 (3)
8 Computations: Normal Equation 2 A SMTP,POP3 x SMTP,POP3 = d SMTP,POP3 (4) A SMTP,POP3 = n N 2 j=1 SMTP,j n N SMTP,jN POP3,j j=1 n N SMTP,jN POP3,j j=1 n N 2 j=1 POP3,j (j = 1, 2, 3,, n; days) x SMTP,POP3 = (m SMTP, m POP3 ) t d SMTP,POP3 = ( n j=1 N SMTP,jD q,j, n j=1 N POP3,jD q,j) t
9 Used Server Daemon Programs and Estimation of Traffic Used server daemon programs 1DNS: The DNS server and the DNS packet recorder. BIND and iplog-1.2 1MX:The SMTP and POP3 servers. ISC sendmail and Qualcomm qpopper-4.0 Estimation of Traffic (1) D q : % grep domain /var/log/messages.1 wc (2) N SMTP : % grep "sendmail" /var/log/syslog.0 wc (3) N POP3 : % grep "poppe\[" syslog.0 wc
10 Observed data of N SMTP, N POP3, and D q (day 1 ). A SMTP,POP3 = j N SMTP N POP3 D q 2002/02/ / / / / / / / / / / / / , d SMTP,POP3 = ( , ) t, x SMTP,POP3 = (8.6, 1.0) t D q = 8.6N SMTP + N POP3
11 D q N POP3 versus N SMTP plot Dq NPOP3/day y =8.0 x R = NSMTP/day m SMTP = 8 9 and m POP3 = 1 The SMTP access generates the DNS query, rather than that of the POP3 access.
12 Traffic of SMTP, POP3, and DNS query in 2002/02/13-1 Traffic of SMTP, POP3, and DNS query accesses/s DNS query POP SMTP Time/h (1) There are three peaks. (2) The DNS traffic resembles well the SMTP one.
13 Observed and calculated DNS traffic in 2002/02/13-1 Traffic of observed and calculated DNS query accesses/s Observed Calculated Time/h The calculated curve resembles well the observed one.
14 Traffic of SMTP, POP3, and DNS query in 2002/02/ Traffic of SMTP, POP3, and DNS query accesses/s DNS query POP3 SMTP Time/h (1) The DNS traffic resembles well the SMTP one. (2) The peak of the early morning maybe network trouble?
15 Traffic of Weekday and Holiday -1 Traffic of SMTP, POP3, and DNS query accesses /s DNS query POP3 SMTP 2/17(Sun) 2/18(Mon) 2/19(Tue) 2/20(Wed) 2/21(Thu) 2/22(Fri) 2/23(Sat) Time/day All traffic in weekday is larger than that in holiday.
16 Why is m SMTP 8.6? (A) POP3 access and Receiving SMTP access 2 rq 1MX 1 MX POP3 Client 1 rq 1DNS POP3: 1 rq Receiving SMTP: 2 rq (B) Transmission SMTP access 1MX 4 rq 1 MX 2 rq 1DNS 4 rq 2 MX SMTP Client 4 rq n MX Transmission SMTP : 2 + 4n rq 1 rq = 1 request of DNS query packet
17 DNS query accesses by a SMTP access R POP3 = N POP3 (5) Receiving SMTP access R rec SMTP = 2N rec SMTP (6) Transmitting SMTP access R tr SMTP = (2 + 4n)N tr SMTP (7)
18 DNS vs SMTP/POP3 R SMTP = R rec SMTP + Rtr SMTP (8) q = N rec SMTP N rec SMTP +N tr SMTP (9) m SMTP N SMTP = 2qN SMTP + (1 q)(2 + 4n)N SMTP (N SMTP > 0) m SMTP = 2q + (1 q)(2 + 4n) = 2 + 4n(1 q) (10) D q = (2 + 4n(1 q))n SMTP + N POP3 (11) If q = and m SMTP = 8.6; n = The user of 1MX sends to at least 3 7 persons by one ing.
19 Cache Effects on DNS traffic from servers We present the DNS cache effects of the DNS query access between 1DNS and 1MX with the equation ( D q = 8.6N SMTP + N POP3 ). DNS Log of DNS query disk DNS disk SMTP POP3 Log of POP3 Log of SMTP 1DNS Used server daemon programs 1MX 1DNS: The DNS server and the DNS packet recorder. BIND and iplog-1.2 1MX:The SMTP and POP3 servers. ISC sendmail and Qualcomm qpopper-4.0
20 Observed and calculated DNS traffics in Traffic of the observed and calculated DNS query accesses/s Observed Calculated 3/11(Mon) 3/12(Tue) 3/13(Wed) 3/14(Thu) 3/15(Fri) 3/16(Sat) Time/h The observed traffic is considerably much smaller than the calculated one.
21 Estimated Cache Efficiency of DNS traffic DCE = 1 Dobs q D q calc (12) DNS cache efficiency /11(Mon) 3/12(Tue) 3/13(Wed) 3/14(Thu) 3/15(Fri) 3/16(Sat) Time/h The DNS cache for SMTP/POP3 services is considerably effective.
22 Conclusions (1) The total number of DNS packets, D q, are represented as D q = m SMTP N SMTP + m POP3 N POP3 where N SMTP and N POP3 represent the number of the SMTP access and that of the POP3 access, respectively. The linear coefficients m SMTP and m POP3 are calculated to be and 1.0. (2) m SMTP = 2 + 4n(1 q) where q is a mail-receiving rate and n is a number of different domain hosts. (3) The DNS cache sufficiently affects on the traffic between the DNS server and the server, and the cache efficiency is about The DNS cache on the server reduces the traffic between the DNS server and the server, drastically. The DNS cache should be applied to the server.
23 Acknowledgement All the calculations were carried out with AMD Athlon, Intel Pentium III, and Sun Microsystems Ultra-Sparc machines in our center.
24 Traffic of SMTP(from,to, and others) in 2002/02/ Traffic of SMTP and DNS query accesses/s DNS query from to other Time/h (1) N from > N to > N others. (2) Many SMTP sessions and several nslook-up failures.
25 Traffic of SMTP(from,to, user and others) in the peak 0.3 from user Traffic of SMTP/s to 0.0 other Time/10min (1) N user N from (2) Is the user cracked?
26 Traffic of DNS and SMTP at 2002/07/ Traffic of SMTP, POP3, and DNS query accesses/s DNS query from to Time/h (1) The curve of N to is rippled in the midnight hours. (2) In the morning, the MMI-worm, Frethem.K, was detected.
27 Traffic of DNS and SMTP at 2002/07/ Traffic of SMTP, POP3, and DNS query accesses/s DNS query from to Time/h (1) The curve of N to is rippled in the early morning. (2) Frethem.K was spread by the internet.
28 Traffic of DNS and SMTP at 2002/07/ Traffic of SMTP, POP3, and DNS query accesses/s DNS query from to Time/h (1) The curve of N to is normal in the early morning. (2) Frethem.K was disappeared from 1MX.
Traffic Analysis on a Mass Mailing Worm and DNS/SMTP
Traffic Analysis on a Mass Mailing Worm and DNS/SMTP Yasuo Musashi, Kenichi Sugitani, and Ryuichi Matsuba Center for Multimedia and Information Technologies, Kumamoto University, Kumamoto 860-8555 Japan,
More informationStatistical Analysis in Log Files of Electronic-Mail Server and Domain Name System Server. SPAM Mail Generates Many DNS Query Packets
Statistical Analysis in Log Files of Electronic-Mail Server and Domain Name System Server. SPAM Mail Generates Many DNS Query Packets Yasuo Musashi, Ryuichi Matsuba, and Kenichi Sugitani Center for Multimedia
More informationStatistical Analysis in Syslog Files in DNS and Spam SMTP Relay Servers
Statistical Analysis in Syslog Files in DNS and Spam SMTP Relay Servers Ryuichi Matsuba, Yasuo Musashi, and Kenichi Sugitani Center for Multimedia and Information Technologies, Kumamoto University, Kurokami,
More informationDNS Query Access and Backscattering SMTP Distributed Denial-of-Service Attack
DNS Query Access and Backscattering SMTP Distributed Denial-of-Service Attack Yasuo Musashi, Ryuichi Matsuba, and Kenichi Sugitani Center for Multimedia and Information Technologies, Kumamoto University,
More informationDNS. Analysis of IPv6 Based DNS Query Traffic
IPv6 DNS DNS IPv6 DNS (1) IPv4 () IPv6 IPv6 IPv4 Analysis of IPv6 Based DNS Query Traffic Hirofumi Nagatomi and Dennis Artona Ludeña Romaña Yasuo Musashi, Ryuichi Matsuba, and Kenichi Sugitani Abstract
More informationDevelopment of Automatic Detection and Prevention Systems of DNS Query PTR record-based Distributed Denial-of-Service Attack
DNS PTR : DNS DNS (DDoS) DNS syslog : (1)DNS DDoS (PTR) (2) PTR IP IP IP PTR DNS DDoS DDoS (IPS) Development of Automatic Detection and Prevention Systems of DNS Query PTR record-based Distributed Denial-of-Service
More informationA Statistical Study of ANY Resource Record Based DNS Query Request Packet Traffic
A Statistical Study of ANY Resource Record Based DNS Query Request Packet Traffic A Statistical Study of ANY Resource Record Based DNS Query Request Packet Traffic Yasuo Musashi,* Yuto Takeda,** Nobuhiro
More informationIndirect Detection of Mass Mailing Worm-Infected PC terminals for Learners
Indirect Detection of Mass Mailing Worm-Infected PC terminals for Learners Yasuo Musashi, Ryuichi Matsuba, and Kenichi Sugitani Center for Multimedia and Information Technologies, Kumamoto University,
More informationDetection of Mass Mailing Worm-infected IP address by Analysis of Syslog for DNS server
DNS syslog IP : - DNS syslog : (1) PC A MX DNS (2) UNIX PC spam A MX PTR DNS DNS PC Detection of Mass Mailing Worm-infected IP address by Analysis of Syslog for DNS server Ryuichi Matsuba, Yasuo Musashi,
More informationEntropy Study on A and PTR Resource Records-Based DNS Query Traffic
Entropy Study on A and PTR Resource Records-Based DNS Query Traffic Dennis Arturo Ludeña Romaña Shinichiro Kubota, Kenichi Sugitani, and Yasuo Musashi Abstract: We carried out entropy study on the A and
More informationDNS Based Detection of Spam Bots and Host Search Activity
DNS : 2007 4 1 2008 7 31 DNS DNS (1) IP DNS (2) IP DNS Based Detection of Spam Bots and Host Search Activity Dennis Arturo Ludeña Romaña Shinichiro Kubota, Kenichi Sugitani, and Yasuo Musashi Abstract:
More informationDetection of NS Resource Record DNS Resolution Traffic, Host Search, and SSH Dictionary Attack Activities
International Journal of Intelligent Engineering & Systems http://wwwinassorg/ Detection of NS Resource Record DNS Resolution Traffic, Host Search, and SSH Dictionary Attack Activities Kazuya Takemori
More informationDNS based Security Incidents Detection in Campus Network
International Journal of Intelligence Engineering & Systems INASS http://www.inass.org/ DNS based Security Incidents Detection in Campus Network Dennis Arturo Ludeña Romaña 1, Kenichi Sugitani 2, and Yasuo
More informationDetection of DNS Cache Poisoning Attack in DNS Standard Resolution Traffic
Detection of DNS Cache Poisoning Attack in DNS Standard Resolution Traffic Yasuo Musashi, Kazuya Takemori, Shinichiro Kubota, and Kenichi Sugitani We statistically investigated the total A resource record
More informationBUP2 5/2 12/4/07 12:49 AM Page 1. Introduction
BUP2 5/2 12/4/07 12:49 AM Page 1 Introduction This booklet will give you easy to follow instructions to allow you to set your BUP2 Programmer to the Weekday/Weekend, (same times Monday - Friday, different
More informationInternet Threat Detection System Using Bayesian Estimation
Internet Threat Detection System Using Bayesian Estimation Masaki Ishiguro 1 Hironobu Suzuki 2 Ichiro Murase 1 Hiroyuki Ohno 3 Abstract. We present an Internet security threat detection system 4 using
More informationOperational Experiences With High-Volume Network Intrusion Detection
Operational Experiences With High-Volume Network Intrusion Detection Holger Dreger 1 Anja Feldmann 1 Vern Paxson 2 Robin Sommer 1 1 TU München Germany 2 ICSI / LBNL Berkeley, CA, USA ACM Computer and Communications
More informationBatteryStats.com Page 1 of 9
[localhost:~] weiher% date >> /Users/weiher/Documents/Terminal- Unix/BatteryStats.Dat [localhost:~] weiher% ioreg -l grep -i IOBatteryInfo >> /Users/weiher/Documents/Terminal-Unix/BatteryStats.Dat [localhost:~]
More informationBUT2 7day 11/4/07 11:07 PM Page 1. Introduction
BUT2 7day 11/4/07 11:07 PM Page 1 Introduction This booklet will give you easy to follow instructions to allow you to set your BUT2 Timeswitch to the 7 Day, (different times every day) program. Contents
More informationNetwork+ Guide to Networks, Seventh Edition Chapter 2, Solutions
Network+ Guide to Networks, Seventh Edition Chapter 2, Solutions Review Questions 1. Which part of a MAC address is unique to each manufacturer? A. The network identifier B. The OUI C. The device identifier
More informationUnit 28 Website Production ASSIGNMENT 1
Unit 28 Website Production ASSIGNMENT 1 Last week Learning outcomes History HTML skeleton Annotated diagram of a WAN Servers, routers, client PC, browser, Server OS Switch, packet Architecture ISP Web
More informationRWB29 Programmer. Daily Programming
RWB29 Programmer Daily Programming RWB29 Controls ON WHEN LIT EXTEND ADVANCE RESET MENU/SELECT UP & DOWN BACK/EXIT Introduction This booklet gives you easy to follow instructions allowing you to set your
More information4. The transport layer
4.1 The port number One of the most important information contained in the header of a segment are the destination and the source port numbers. The port numbers are necessary to identify the application
More informationSpotify Behind the Scenes
A Eulogy to P2P (?) Spotify gkreitz@spotify.com KTH, May 7 2014 What is Spotify? Lightweight on-demand streaming Large catalogue, over 20 million tracks 1 Available in 28 countries. Over 24 million active
More informationA Signal Analysis of Network Traffic Anomalies
A Signal Analysis of Network Traffic Anomalies Paul Barford with Jeffery Kline, David Plonka, Amos Ron University of Wisconsin Madison Fall, Overview Motivation: Anomaly detection remains difficult Objective:
More informationNAT Router Performance Evaluation
University of Aizu, Graduation Thesis. Mar, 22 17173 1 NAT Performance Evaluation HAYASHI yu-ichi 17173 Supervised by Atsushi Kara Abstract This thesis describes a quantitative analysis of NAT routers
More informationCCNA Exploration Network Fundamentals. Chapter 03 Application Functionality and Protocols
CCNA Exploration Network Fundamentals Chapter 03 Application Functionality and Protocols Updated: 27/04/2008 1 3.1 Applications: The Interface Between Human and Networks Applications provide the means
More informationEnsim PS Administrator Release Notes
About PS Administrator 3.0 Ensim PS Administrator 3.0.4 Release Notes February 04, 2002 These release notes cover product compatibility, new product features, list of applications included, version differences,
More informationChapter 10: Application Layer
Chapter 10: Application Layer Application, Session and Presentation Presentation and Session Layers Session layer Functions, creates, and maintains dialogs between source and destination applications Handles
More informationCCNA R&S: Introduction to Networks. Chapter 10: The Application Layer
CCNA R&S: Introduction to Networks Chapter 10: The Application Layer Frank Schneemann 10.0.1.1 Introduction 10.0.1.2 Activity - Application Investigation 10.1.1.1 OSI and TCP/IP Models Revisited The application
More informationJob sample: SCOPE (VLDBJ, 2012)
Apollo High level SQL-Like language The job query plan is represented as a DAG Tasks are the basic unit of computation Tasks are grouped in Stages Execution is driven by a scheduler Job sample: SCOPE (VLDBJ,
More informationAudit Logging and Monitoring Procedure Document Number: OIL-IS-PRO-ALM
Audit Logging and Monitoring Procedure Document Number: OIL-IS-PRO-ALM Document Détails Title Description Version 1.0 Author Classification Review Date 25/02/2015 Audit Logging and Monitoring Procedures
More informationNimsoft Monitor. reboot Guide. v1.4 series
Nimsoft Monitor reboot Guide v1.4 series Legal Notices Copyright 2012, Nimsoft Corporation Warranty The material contained in this document is provided "as is," and is subject to being changed, without
More informationSYLLABUS. Title: Unix Network Administration II
Code: NETW 111 Division: Business & Technology Title: Unix Network Administration II Department: Engineering and Technology Course Description: This course will provide the student with a comprehensive
More information2014 FALL MAILING SEASON Update for the Mailing Industry. August 18, 2014
2014 FALL MAILING SEASON Update for the Mailing Industry August 18, 2014 Agenda Service Actions Taken in 2014 Fall Mailing Season 2013 Review Drop Ship Profile Machine Utilization FSS Holiday Preparedness
More informationComputer Networks. More on Standards & Protocols Quality of Service. Week 10. College of Information Science and Engineering Ritsumeikan University
Computer Networks More on Standards & Protocols Quality of Service Week 10 College of Information Science and Engineering Ritsumeikan University Introduction to Protocols l A protocol is a set of rules
More informationModel: TM-1 / TM1-N. 1 Time Clock Series
Model: TM-1 / TM1-N Model: TM-1 / TM1-N 1 Time Clock Series Table of Contents Product Image Table of Contents Installation Procedure LCD Display Operating Modes Setting the Operating Mode Setting the Clock
More informationCCNA Exploration1 Chapter 3: Application Layer Functionality and Protocols
CCNA Exploration1 Chapter 3: Application Layer Functionality and Protocols LOCAL CISCO ACADEMY ELSYS TU INSTRUCTOR: STELA STEFANOVA 1 Objectives Functions of the three upper OSI model layers, network services
More informationTotal Market Demand Wed Jul 26 Thu Jul 27 Fri Jul 28 Sat Jul 29 Sun Jul 30 Mon Jul 31 Tue Aug 01
MW July 26, 2017 - August 1, 2017 This report provides a summary of key market data from the IESO-administered markets. It is intended to provide a quick reference for all market stakeholders. It is composed
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 3 Protecting Systems
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 3 Protecting Systems Objectives Explain how to harden operating systems List ways to prevent attacks through a Web browser Define
More informationInternet Technology. 03r. Application layer protocols: . Paul Krzyzanowski. Rutgers University. Spring 2016
Internet Technology 03r. Application layer protocols: email Paul Krzyzanowski Rutgers University Spring 2016 1 Email: SMTP (Simple Mail Transfer Protocol) 2 Simple Mail Transfer Protocol (SMTP) Protocol
More informationThe Scheduler & Hotkeys plugin PRINTED MANUAL
The Scheduler & Hotkeys plugin PRINTED MANUAL Scheduler & Hotkeys plugin All rights reserved. No parts of this work may be reproduced in any form or by any means - graphic, electronic, or mechanical, including
More informationGlobal Information Assurance Certification Paper
Global Information Assurance Certification Paper Copyright SANS Institute Author Retains Full Rights This paper is taken from the GIAC directory of certified professionals. Reposting is not permited without
More informationINBOUND AND OUTBOUND NAT
INBOUND AND OUTBOUND NAT Network Address Translation Course # 2011 1 Overview! Network Address Translation (NAT)! Aliases! Static Address Mappings! Inbound Tunnels! Advanced Tunnel Option SYN Cookies Authentication
More informationUnit 2 Assignment 2. Software Utilities?
1 Unit 2 Assignment 2 Software Utilities? OBJECTIVES Identify software utility types and examples of common software Why are software utilities used? Identify and describe the various networking threats.
More informationFTP. Client Server Model. Kent State University Dept. of Computer Science. CS 4/55231 Internet Engineering. Server Models
Client Server Model Client: Any program can be a client temporarily of a specific remote service. Generally it is invoked, controlled by user. It runs only one session. CS 4/55231 Internet Engineering
More informationChapter 4. Internet Applications
Chapter 4 Internet Application Protocols 1 Internet Applications! Domain Name System! Electronic mail! Remote login! File transfer! World Wide Web! All use client-server model 2 Names! Internet communication
More informationInstallation of Security Policy into Kumamoto University and DNS based Detection of Security Incidents in the Campus Network
Installation of Security olicy into Kumamoto University and DNS based Detection of Security Incidents in the ampus Network Yasuo Musashi Abstract: In Kumamoto University, we created policies and standards
More informationMyOwnDeliveries. a Magento module. User manual
MyOwnDeliveries a Magento module User manual Summary Installation 3 On the front office 4 When ordering 4 When subscribing 6 Booking system 7 Delivery sub areas 7 time slots occupation 7 Reservation windows
More informationsoftware Lotus LearningSpace - Virtual Classroom V1.1 Installation Guide
software Lotus LearningSpace - Virtual Classroom V1.1 Installation Guide COPYRIGHT Disclaimer THIS DOCUMENTATION IS PROVIDED FOR REFERENCE PURPOSES ONLY. WHILE EFFORTS WERE MADE TO VERIFY THE COMPLETENESS
More informationTopics in P2P Networked Systems
600.413 Topics in P2P Networked Systems Week 4 Measurements Andreas Terzis Slides from Stefan Saroiu Content Delivery is Changing Thirst for data continues to increase (more data & users) New types of
More informationOwner of the content within this article is Written by Marc Grote
Owner of the content within this article is www.msexchange.org Written by Marc Grote www.it-training-grote.de Using SMTPDIAG to diagnostic Exchange 2003 related SMTP and DNS problems Written by Marc Grote
More informationAvaya AG250 Application Gateway Server Pre-Installation Checklist for Avaya Communication Manager
Avaya AG250 Application Gateway Server Pre-Installation Checklist for Avaya Communication Manager The Application Gateway Server delivers business applications to Internet-enabled IP telephones, personal
More informationInspection of Router-Generated Traffic
Inspection of Router-Generated Traffic The Inspection of Router-Generated Traffic feature allows Context-Based Access Control (CBAC) to inspect traffic that is originated by or destined to the router on
More informationApplication Layer: OSI and TCP/IP Models
Application Layer Application Layer: OSI and TCP/IP Models The communication process between two communicating nodes is actually a communication process between two applications on these devices. Service
More informationQSAN XCbueSAN Series Configuration Worksheet
QSAN XCbueSAN Series Configuration Worksheet Use this worksheet to collect and record information for configuring the QSAN XCubeSAN series storage system. This worksheet should be used in conjunction with
More informationUnit 4: Part 1 Graphing Quadratic Functions
Name: Block: Unit : Part 1 Graphing Quadratic Functions Da 1 Graphing in Verte Form & Intro to Quadratic Regression Da Graphing in Intercept Form Da 3 Da Da 5 Da Graphing in Standard Form Review Graphing
More informationApplication Level Protocols
Application Level Protocols 2 Application Level Protocols Applications handle different kinds of content e.g.. e-mail, web pages, voice Different types of content require different kinds of protocols Application
More informationThe MODBUS RTU/ASCII, MODBUS/TCP plugin PRINTED MANUAL
The MODBUS RTU/ASCII, MODBUS/TCP plugin PRINTED MANUAL MODBUS RTU/ASCII, MODBUS/TCP plugin All rights reserved. No parts of this work may be reproduced in any form or by any means - graphic, electronic,
More informationMcAfee Network Security Platform 9.1
9.1.7.15-9.1.5.9 Manager-NS-series Release Notes McAfee Network Security Platform 9.1 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions Known issues
More informationUMSSIA INTRUSION DETECTION
UMSSIA INTRUSION DETECTION INTRUSION DETECTION Sensor1 Event1, Event2 Monitor No intrusion M SensorN Event1, Event2 Alarm! IDS CHARACTERISTICS Characteristics an IDS can be classified/evaluated by: Type
More informationUnified Communications Manager Express Toll Fraud Prevention
Unified Communications Manager Express Toll Fraud Prevention Document ID: 107626 Contents Introduction Prerequisites Requirements Components Used Conventions Overview Internal vs. External Threats Toll
More informationExploiting Social Interactions in Mobile Systems
Exploiting Social Interactions in Mobile Systems Andrew G. Miklas 1, Kiran K. Gollu 1,KelvinK.W.Chan 2,StefanSaroiu 1, Krishna P. Gummadi 3, and Eyal de Lara 1 1 University of Toronto 2 Google 3 MPI for
More informationExploiting Social Interactions in Mobile Systems
Exploiting Social Interactions in Mobile Systems Andrew G. Miklas, Kiran K. Gollu, Kelvin K. W. Chan, Stefan Saroiu, Krishna P. Gummadi, and Eyal de Lara University of Toronto, Google, and MPI for Software
More informationConfiguration Examples
CHAPTER 4 Before using this chapter, be sure that you have planned your site s security policy, as described in Chapter 1, Introduction, and configured the PIX Firewall, as described in Chapter 2, Configuring
More informationCS 455/555 Spring 2011 Weigle
Homework 2 Application-Level Protocols Assigned: Tuesday, February 1, 2011 Due: Tuesday, February 15, 2011 at the beginning of class CS 455 100 points CS 555 112 points Note: All homework assignments must
More informationGeneral Terms Node - File Permissions - file permissions file
CIS 375 General Terms Node - A networked computing device that takes a protocol address andcan initiate and respond to communication from other networked devices that employ similar protocols. File Permissions
More informationApplied IT Security. System Security. Dr. Stephan Spitz 6 Firewalls & IDS. Applied IT Security, Dr.
Applied IT Security System Security Dr. Stephan Spitz Stephan.Spitz@de.gi-de.com Overview & Basics System Security Network Protocols and the Internet Operating Systems and Applications Operating System
More informationMicrosoft Exam
Volume: 176 Questions Question No: 1 One advantage of dynamic routing is that it: A. Automatically maintains routing tables. B. Limits traffic derived from routing protocols. C. Reduces broadcast traffic.
More informationUDP-based Amplification Attacks and its Mitigations
UDP-based Amplification Attacks and its Mitigations Yoshiaki Kasahara kasahara@nc.kyushu-u.ac.jp 1/21/2014 APAN 37th in Bandung, Indonesia 1 Summary If you have servers with global IP addresses 1. Make
More informationFundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin,
Fundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin, ydlin@cs.nctu.edu.tw Chapter 1: Introduction 1. How does Internet scale to billions of hosts? (Describe what structure
More informationDO NOT OPEN UNTIL INSTRUCTED
CS 378 - Network Security and Privacy Spring 2017 FINAL May 3, 2017 DO NOT OPEN UNTIL INSTRUCTED YOUR NAME: Collaboration policy No collaboration is permitted on this exam. Any cheating (e.g., submitting
More informationUsing Diagnostic Tools
Using Diagnostic Tools The Tools System Diagnostics page on the INVESTIGATE view provides several diagnostic tools that help troubleshoot various kinds of network problems and process monitors. Tech Support
More informationReview and Plans BaBar Plenary Session Monday, 13 July 1998 Bob Cowles, SLAC Computer Security
Computer Security Review and Plans BaBar Plenary Session Monday, 13 July 1998 Bob Cowles, SLAC Computer Security 13 July 1998 Bob Cowles 1 Security Activity Minor incidents occurring 4-5 times/month Anonymous
More informationOn the Relationship of Server Disk Workloads and Client File Requests
On the Relationship of Server Workloads and Client File Requests John R. Heath Department of Computer Science University of Southern Maine Portland, Maine 43 Stephen A.R. Houser University Computing Technologies
More informationDistributed Cooperative Security Monitoring
Distributed Cooperative Security Monitoring Robin Sommer Lawrence Berkeley National Laboratory rsommer@lbl.gov http://www.icir.org/robin Cooperative Security Monitoring Internet sites monitor their network
More informationXL-PB350CA. EoC bridge slave. User manual
XL-PB350CA EoC bridge slave User manual Content 1. Equipment Connection... 6 2. Set Accessed PC... 6 3.WIFI WEB Configuration... 8 3.1 Login WEB Interface... 8 3.2 WAN Configuration... 10 3.2.1 PPPO E
More informationUrban Social Networks
Urban Social Networks Sensing, Modelling and Visualising Urban Mobility and Copresence Networks Vassilis Kostakos Madeira Interactive Technologies Institute University of Madeira Motivation Slide 2 Motivation
More informationIVR (Interactive Voice Response) Operation Manual
IVR (Interactive Voice Response) Operation Manual Ver2.1.0 2018/11/14 Ver2.0.2 2017/07/25 Ver2.0.1 2016/12/22 Table of Contents Settings (Setting User Information) A Cloud PBX Option feature. This manual
More informationInformation Network Systems The application layer. Stephan Sigg
Information Network Systems The application layer Stephan Sigg Tokyo, November 15, 2012 Introduction 04.10.2012 Introduction to the internet 11.10.2012 The link layer 18.10.2012 The network layer 25.10.2012
More informationNetwork Architecture I
Network Architecture I Degree in: Communications Electronic Engineering Telecommunication Systems Engineering Telecommunication Technologies Engineering Telematics Engineering Universidad de Alcalá 2016/17
More informationDual-stack Firewalling with husk
Dual-stack Firewalling with husk Phil Smith linux.conf.au Perth 2014 1 Phil Smith SysAdmin from Melbourne Personal Care Manufacturer Implemented complete Dual-stack Previous role in managed security 4WD'ing
More informationActivant Prophet 21 SQL Server Management
SQL Server Administration suite Class 3 of 4 Activant Prophet 21 SQL Server Management This class is designed for Beginner SQL/Prophet 21 Users who are responsible for SQL Administration as it relates
More informationRedHat Certified Engineer
RedHat Certified Engineer Red Hat Certified Engineer (RHCE) is a performance-based test that measures actual competency on live systems. Called the "crown jewel of Linux certifications," RHCE proves an
More informationSystem Requirements. SuccessMaker 7
System Requirements SuccessMaker 7 Copyright 2015 Pearson Education, Inc. or one or more of its direct or indirect affiliates. All rights reserved. Pearson and SuccessMaker are registered trademarks, in
More informationEnabling Embedded Systems to access Internet Resources
Enabling Embedded Systems to access Internet Resources Embedded Internet Book www.embeddedinternet.org 2 Agenda : RATIONALE Web Services: INTRODUCTION HTTP Protocol: REVIEW HTTP Protocol Bindings Testing
More informationForwarding Logs Using Tail2Syslog. Release Security Threat Response Manager. Juniper Networks, Inc.
Security Threat Response Manager Release 2013.2 Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA 94089 USA 408-745-2000 www.juniper.net Published: 2013-07-19 Copyright Notice Copyright 2013
More informationApplication Firewalls
Application Moving Up the Stack Advantages Disadvantages Example: Protecting Email Email Threats Inbound Email Different Sublayers Combining Firewall Types Firewalling Email Enforcement Application Distributed
More informationChapter 4: Networking and the Internet
Chapter 4: Networking and the Internet 2015 Pearson Education Limited 2015 Chapter 4: Networking and the Internet 4.1 Network Fundamentals 4.2 The Internet 4.3 The World Wide Web 4.4 Internet Protocols
More informationGlobal Commerce Review. United States, Q1 2018
Global Commerce Review United States, Q1 2018 Key Findings Today's shoppers are active across all browsing environments, and they're buying more on-the-go. Optimizing your app lets you connect with more
More informationInternet Technology 2/18/2016
Internet Technology 04r. Assignment 4 & 2013 Exam 1 Review Assignment 4 Review Paul Krzyzanowski Rutgers University Spring 2016 February 18, 2016 CS 352 2013-2016 Paul Krzyzanowski 1 February 18, 2016
More information76 days Wed 8/24/16 Wed 12/7/16 Daniel Wang,Shreyas Makde,Madhavi Potluri,Roua 2 Requirements analysis 11 days Wed 8/24/16 Wed 9/7/16
ID Mode Name Duration Start Finish Predecessors Resource Names 1 OpenWells Cross-Platform Mobile Application 76 days Wed 8/24/16 Wed 12/7/16 Daniel Wang,Shreyas Makde,Madhavi 2 Requirements analysis 11
More informationPeering at Peerings: On the Role of IXP Route Servers
Peering at Peerings: On the Role of IXP Route Servers Contact: Philipp Richter (prichter@inet.tu-berlin.de) Paper: net.t-labs.tu-berlin.de/~prichter/imc238-richtera.pdf Philipp Richter TU Berlin Nikolaos
More informationThe DNS. Application Proxies. Circuit Gateways. Personal and Distributed Firewalls The Problems with Firewalls
Network Security - ISA 656 Application Angelos Stavrou August 20, 2008 Application Distributed Why move up the stack? Apart from the limitations of packet filters discussed last time, firewalls are inherently
More informationT U M. Building a Time Machine for Efficient Recording and Retrieval of High-Volume Network Traffic
T U M I N S T I T U T F Ü R I N F O R M A T I K Building a Time Machine for Efficient Recording and Retrieval of High-Volume Network Traffic Stefan Kornexl, Vern Paxson, Holger Dreger, Anja Feldmann, Robin
More informationCCNA 1 Chapter 10 v5.0 Exam Answers 2013
CCNA 1 Chapter 10 v5.0 Exam Answers 2013 1 Which three layers of the OSI model provide similar network services to those provided by the application layer of the TCP/IP model? (Choose three.) physical
More informationNetwork Game Traffic: A Broadband Access Perspective
Network Game Traffic: A Broadband Access Perspective Amit Sinha, Kenneth Mitchell, Deep Medhi School of Computing and Engineering, University of Missouri-Kansas City Abstract Playing network games is fast
More informationDetecting Lateral Movement in APTs ~Analysis Approach on Windows Event Logs~ June 17, 2016 Shingo ABE ICS security Response Group JPCERT/CC
Detecting Lateral Movement in APTs ~Analysis Approach on Windows Event Logs~ June 17, 2016 Shingo ABE ICS security Response Group JPCERT/CC Agenda Introduction to JPCERT/CC About system-wide intrusions
More informationMaintaining the Central Management System Database
CHAPTER 12 Maintaining the Central Management System Database This chapter describes how to maintain the Central Management System (CMS) database using CLI commands as well as using the Content Distribution
More informationCROWN JEWEL SOFTWARE FOR WINDOWS SOFTWARE REV.
CJWin CROWN JEWEL SOFTWARE FOR WINDOWS SOFTWARE REV. 2.20 Crown Jewel (with Camera) Crown Jewel (Brass Enclosure) User s Guide TABLE OF CONTENTS Getting Started System Requirements.................................3
More information