Monitoring commercial cloud service providers CERN openlab Summer Students Lightning Talk Sessions Lassi Kojo › 19/08/2015.

Slides:



Advertisements
Similar presentations
CCNA1 v3 Module 9 v3 CCNA 1 Module 9 JEOPARDY K. Martin Galo Valencia.
Advertisements

1 Dynamic DNS. 2 Module - Dynamic DNS ♦ Overview The domain names and IP addresses of hosts and the devices may change for many reasons. This module focuses.
Operating Systems Concepts 1/e Ruth Watson Chapter 11 Chapter 11 Network Maintenance Ruth Watson.
Nassau Community College
1 Content Delivery Networks iBAND2 May 24, 1999 Dave Farber CTO Sandpiper Networks, Inc.
Copyright 2004 Monash University IMS5401 Web-based Systems Development Topic 2: Elements of the Web (g) Interactivity.
IT:Network:Applications VIRTUAL DESKTOP INFRASTRUCTURE.
Chapter 13 Chapter 13: Managing Internet and Network Interoperability.
Inferring Internet Denial-of- Service Activity David Moore, Geoffrey M Voelker, Stefan Savage Presented by Yuemin Yu – CS290F – Winter 2005.
CCNA Guide to Cisco Networking Fundamentals Fourth Edition Chapter 9 Network Services.
1 Secure Zero Configuration in a Ubiquitous Computing Environment Shenglan Hu and Chris J. Mitchell Information Security Group Royal Holloway, University.
1 Module 13 Windows NT Networking Services. 2  Overview Installing Network Services Dynamic Host Configuration Protocol (DHCP) Windows Internet Name.
Andrew Smith 1 NAT and DHCP ( Network Address Translation and Dynamic Host Configuration Protocol )
OSPF To route, a router needs to do the following: Know the destination address Identify the sources it can learn from Discover possible.
Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.
HalFILE 3.0 Active Directory Integration. halFILE 3.0 AD – What is it? Centralized organization of network objects and security – servers, computers,
Technology ICT Communications & Computer Networks Resource Notes - Network Software.
DHCP Server © N. Ganesan, Ph.D.. Reference DHCP Server Issues or leases dynamic IP addresses to clients in a network The lease can be subject to various.
Managing DHCP. 2 DHCP Overview Is a protocol that allows client computers to automatically receive an IP address and TCP/IP settings from a Server Reduces.
Basic Network Training. Cable/DSL Modem The modem is the first link in the chain It is usually provided by the ISP and often has a coax cable connector.
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
NDN NAC Chengyu Fan 1. Motivation Currently, NDN users need manual configuration before they can publish or consume content NDN Auto-configuration (NAC)
/dev/urandom Barry Britt, Systems Support Group Department of Computer Science Iowa State University.
CN2668 Routers and Switches Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Name Resolution Domain Name System.
(ITI310) By Eng. BASSEM ALSAID SESSIONS
Damian Leibaschoff Support Escalation Engineer Microsoft Becky Ochs Program Manager Microsoft.
Lectures and Practicals Mon 8-10 SC1222 TUE SC1222 Office: SC Website: mis.csit.sci.tsu.ac.th/kanida.
11 KDDI Trial Hub & Spoke Shu Yamamoto Carl Williams Hidetoshi Yokota KDDI R&D Labs.
Dynamic and Secure DNS Tianyi Xing.  Establish a dynamic and secure DNS service in the mobicloud system.
資 管 Lee Lesson 13 IPv6 and Name Resolution. 資 管 Lee Lesson Objectives IPv6 name-to-address and address-to-name resolution IPv6 name resolution support.
CTSP TRAINING Router 101 And Networking Basics. You Don’t Need Internet Access to Run or Connect your devices to an Ethernet switch or Router Enable DHCP.
1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols.
Tyre Kicking the DNS Testing Transport Considerations of Rolling Roots Geoff Huston APNIC.
Vulnerabilities in peer to peer communications Web Security Sravan Kunnuri.
Cloud Computing & Amazon Web Services – EC2 Arpita Patel Software Engineer.
Dynamic Host Configuration Protocol and IP Address Assignment CIS 238 Oakton Community College.
Abdullah Alshalan Garrett Drown Team 3 CSE591: Virtualization and Cloud Computing.
Guide to Linux Installation and Administration, 2e1 Chapter 2 Planning Your System.
The Changing World of Endpoint Protection
ENUM and its impact on the VoIP market Jay Daley.
DHCP Meha Modi. “Dynamic Host Configuration Protocol” Automatically assigns IP addresses to devices (I.e. hosts) on your network. -Prevents to enter data.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 4 v3.0 Module 1 Scaling IP Addresses.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 4 v3.0 Module 1 Scaling IP Addresses.
Networking in Linux. ♦ Introduction A computer network is defined as a number of systems that are connected to each other and exchange information across.
Presented by Rebecca Meinhold But How Does the Internet Work?
ECMM6018 Enterprise Networking for Electronic Commerce Tutorial 7 Dynamic Host Protocol.
Free, online, technical courses Take a free online course. Microsoft Virtual Academy.
Cloud Computing is a Nebulous Subject Or how I learned to love VDF on Amazon.
Information Security Dashboard Senior Design Spring 2008 Brian Rappach.
WEEK 11 – TOPOLOGIES, TCP/IP, SHARING & SECURITY IT1001- Personal Computer Hardware System & Operations.
Connection Technologies and IP Addressing CONNECTING TO THE INTERNET.
DNS/IP. WHAT IS DNS?...IP?  Domain Name System (DNS) is a database system that translates a computer's fully qualified domain name into an IP address.
1 Objectives Discuss the basics of Dynamic Host Configuration Protocol (DHCP) Describe the components and processes of DHCP Install DHCP in a Windows Server.
Computer Networks & FirewallsUniversity IT Security Office - Tom Davis, CISSP University IT Security Officer Office of the Vice.
(ITI310) By Eng. BASSEM ALSAID SESSIONS 9: Dynamic Host Configuration Protocol (DHCP)
11 ROUTING IP Chapter 3. Chapter 3: ROUTING IP2 CHAPTER INTRODUCTION  Understand the function of a router.  Understand the structure of a routing table.
Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 1 Managing Network Threat Information  Giri Raichur, Network Services.
1 Welcome to Designing a Microsoft Windows 2000 Network Infrastructure.
Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) Organising computers in a large network Reference books:The DHCP Handbook, Ralph.
Uniform Resource Locator URL protocol URL host Path to file Every single website on the Internet has its own unique.
John S. Otto Mario A. Sánchez John P. Rula Fabián E. Bustamante Northwestern, EECS.
Week-6 (Lecture-1) Publishing and Browsing the Web: Publishing: 1. upload the following items on the web Google documents Spreadsheets Presentations drawings.
TDC375 Autumn 03/04 John Kristoff - DePaul University 1 Network Protocols Internet Protocols Overview.
OAuth protocol for CERN Web Applications
Web page a hypertext document connected to the World Wide Web.
Web Traffic Analysis Script PHP Web Traffic Analysis Script PHP Web Traffic Analysis Software.
DoH! Peter Van Roste GAC/ccNSO meeting - ICANN 64
Revision PowerPoint By Nicole Davidson.
Presentation transcript:

Monitoring commercial cloud service providers CERN openlab Summer Students Lightning Talk Sessions Lassi Kojo › 19/08/2015

Challenge › Ever growing use by individuals and workgroups to sign-­up for 3rd party cloud services › Security issues include  Accidental data leaks  Where is the data?  Who can access it?  Availability of the data? › How do identify different services? › No man-in-the-middle, have to rely on IP address ranges and DNS › Data sources: NetFlows and DNS queries 19/08/2015Lassi Kojo2

Challenge › Most of the services do not provide their IP address ranges › If a service has their own Autonomous System they probably publish their networks via Border Gateway Protocol › If they don’t, have to rely on hostname patterns  Which are unreliable ̵ No guarantees of which domains they use (Google uses 1e100.net) ̵ If a service is running inside other service (like Amazon Web Services) ̵ Not all the servers have public DNS records, reverse DNS will fail › Number of users can be determined most reliably by DNS queries  Static and dynamic IP addresses  During regular work day, your mobile device will have 4-5 different dynamic IP addresses 19/08/2015Lassi Kojo3

Results 19/08/2015Lassi Kojo4

Results 19/08/2015Lassi Kojo5

Impact › Before  Monitoring was limited to running queries manually and analysing the data by hand  Only a couple of services were monitored › After  Three scripts with support for 20 services and more can be added easily  Automatically analyse and plot results 19/08/2015Lassi Kojo6

Thank you! 19/08/2015Lassi Kojo7

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.