Workshop inInformation Security: Building a Firewall within the Linux Kernel0368-3500-34, Spring 2015 Lecturer: Eran Tromer Teaching assistant: Roei Ben Harush Student: Lior Bomwurzel
Hdjfy irifiti ititit9 yoyoyo y. T9t 9 to to tt8t I t9t 9titi to to to it ito t ito to yo oy o ot9 59 59t9 to to. Y9t 9t 9l5 95. 958p to8 e86ei6 d6idyi syie dyidou ukryi
MANET Routing Protocols , a case studyRehan Hattab
L. Yi, Y. Zhai, Y. Wang, J. Yuan and I. You , Impacts of Internal Network Contexts on Performance of MANET Routing Protocols: a Case Study, Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing,2012.
Analytical Research of TCP Variants in Terms of Maximum ThroughputIJLT EMAS
This paper is comparative, throughput analysis, for
the TCP variants as for New Reno, Westwood & High Speed,
and it analyzes the outcomes in simulated environment for NS -3
(version 3.25) simulator with reference to multiple varying
network parameters that includes network simulation time,
router bandwidth, varying traffic source counts to observe which
is one of the best TCP variant in different scenarios. Analysis
was done using dumbbell topology to figure out the comparative
maximum throughput of TCP variants. The analysis gives result
as TCP Variant “NewReno” is good when low bandwidth is used,
while TCP Variant “HighS peed” is good in terms of using large
bandwidths in comparison to Westwood. Network traffic flow
was observed in NetAnim tool.
Dynamic time warping and PIC 16F676 for control of devicesRoger Gomes
A presentation done as a part of the final year project during Semester 8 in the under-graduate degree course in engineering.
This presentation explains one of the modules of the project "Speaker and Speech Recognition based Embedded System Design for User Authentication and remote Device Control" which is the Speech Recognition Module.
It effectively explains the Dynamic Time Warping Algorithm used for Speech Recognition and how that is further used along with PIC 16F676 Microcontroller to acquire control of remote devices connected to the system.
5-LEC- 5.pptxTransport Layer. Transport Layer ProtocolsZahouAmel1
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transport Layer.
Transport Layer Protocols
Transpor
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
Acetabularia Information For Class 9 .docxvaibhavrinwa19
Acetabularia acetabulum is a single-celled green alga that in its vegetative state is morphologically differentiated into a basal rhizoid and an axially elongated stalk, which bears whorls of branching hairs. The single diploid nucleus resides in the rhizoid.
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...Levi Shapiro
Letter from the Congress of the United States regarding Anti-Semitism sent June 3rd to MIT President Sally Kornbluth, MIT Corp Chair, Mark Gorenberg
Dear Dr. Kornbluth and Mr. Gorenberg,
The US House of Representatives is deeply concerned by ongoing and pervasive acts of antisemitic
harassment and intimidation at the Massachusetts Institute of Technology (MIT). Failing to act decisively to ensure a safe learning environment for all students would be a grave dereliction of your responsibilities as President of MIT and Chair of the MIT Corporation.
This Congress will not stand idly by and allow an environment hostile to Jewish students to persist. The House believes that your institution is in violation of Title VI of the Civil Rights Act, and the inability or
unwillingness to rectify this violation through action requires accountability.
Postsecondary education is a unique opportunity for students to learn and have their ideas and beliefs challenged. However, universities receiving hundreds of millions of federal funds annually have denied
students that opportunity and have been hijacked to become venues for the promotion of terrorism, antisemitic harassment and intimidation, unlawful encampments, and in some cases, assaults and riots.
The House of Representatives will not countenance the use of federal funds to indoctrinate students into hateful, antisemitic, anti-American supporters of terrorism. Investigations into campus antisemitism by the Committee on Education and the Workforce and the Committee on Ways and Means have been expanded into a Congress-wide probe across all relevant jurisdictions to address this national crisis. The undersigned Committees will conduct oversight into the use of federal funds at MIT and its learning environment under authorities granted to each Committee.
• The Committee on Education and the Workforce has been investigating your institution since December 7, 2023. The Committee has broad jurisdiction over postsecondary education, including its compliance with Title VI of the Civil Rights Act, campus safety concerns over disruptions to the learning environment, and the awarding of federal student aid under the Higher Education Act.
• The Committee on Oversight and Accountability is investigating the sources of funding and other support flowing to groups espousing pro-Hamas propaganda and engaged in antisemitic harassment and intimidation of students. The Committee on Oversight and Accountability is the principal oversight committee of the US House of Representatives and has broad authority to investigate “any matter” at “any time” under House Rule X.
• The Committee on Ways and Means has been investigating several universities since November 15, 2023, when the Committee held a hearing entitled From Ivory Towers to Dark Corners: Investigating the Nexus Between Antisemitism, Tax-Exempt Universities, and Terror Financing. The Committee followed the hearing with letters to those institutions on January 10, 202
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
Digital Tools and AI for Teaching Learning and Research
Presentation
1. Workshop in
Information Security:
Building a Firewall within the Linux Kernel
0368-3500-34, Spring 2015
Lecturer: Eran Tromer
Teaching assistant: Roei Ben Harush
Student: Lior Bomwurzel
2. General description
• kernel module that inspect packets using Netfilter-
each packet that traverses the NF_INET_FORWARD
stage will be inspected by the ip headers,TCP flags,and
the data.
• stateless packet inspection with static rule table for
packet that are not part of a open connection
• stateful packet inspection for TCP packets we
inspect that the TCP flow and the protocols (HTTP and
FTP) are ok.
• Vulnerability check- each packet of an open
connection will be checked for DLP for C
code,Webster,Zabbix vulnerabilities
3. stateless packet inspection
• each packet that is not a part of a open connection will be
inspect to find if there is a rule that match its headers of ip
src/dst port src/dst and protocol and direction.
• if there is a matching rule the packet reason will be logged
as the rule number and the action accept the packet will be
with accordance of the rule.
• if the packet match a rule that accept it, and the packet is
with protocol TCP, we create a new dynamic connection
and we inspect its flow in the stateful packet inspection
• if there isn't a matching rule the packet will be dropped
with the reason REASON_NO_MATCHING_RULE
4. stateful packet inspection
I define a state machine that follows the
protocols of the connection and the state of the
protocols.
For new connection (first packet of TCP that
accepted by the stateless inspection) I open new
dynamic connection ,direction of the connection
is defined by the first side who started the
connection ,first the connection protocol is
defined as TCP
5. • State TCP_SYN (0)-first try to establish tcp connection, (handle in
handle_static_inspection) if there is SYN flag and the connection is
approved in the static rule table, we open new connection. we open
timer of 25 seconds to end of the handshake.
• State TCP_SYN_ACK (1)- second send SYN ACK
• State OPEN_CONN (2)-first send ACK , we close the timer and by that
we treat the connection as finished the handshake and until the end of
the session it will stay open.
• stateEND_SERVER (3),stage END_CLIENT (5)- if packet comes with FIN
flag , and the state of the packet is above OPEN_CONN we forward
the state of the connection to one of the stages (3/5 depend from
which side the FIN arrived)
• state4,6(logical stages) - packet arrived from the other side with the
FIN flag, we open the timer again and by that we let the last ACK of the
tcp termination to arrive,if its arrived we delete the connection, if it
doesn't we delete the connection anyway after 25 second.
• state READY_TO_NEW (-1) -when we know that a packet of a new
connection is going to come with a SYN flag
6. • FTP-1)the server need to send from port 21 data with 220 (server waits for
open connection) we forward the state to be FTP_READY_TO_CLIENT. And
the protocol to be FTP_PROT
2) we validate the connection as successfully established by that the
server send 230 in the data ,we forward the state to be
FTP_ACCEPT_CLIENT, 3)in that
state we parse the data to find PORT command form the client in order to
open new connections for the receiving of the data.
4) if we find PORT command we open new
dynamic connection on the right ports and ips as the protocol define ,the
state of the connection READY_TO_NEW (-1) and the protocol will be
FTP_PROT
• HTTP-for defining a session as HTTP the client need to send to port 80 data
with “GET” string we then forward the connection to be in state
HTTP_GET_REQUEST. in that state we parse the data for finding http
redirect ( “HTTP/1.1 3”) means we need to open new connection, I
preparing place in the dynamic connections in the form of source ip and
port are any(to let the fw the ability to defend on several hosts), and the
destination is like the port and ip we got in the http redirect,the protocol is
HTTP_PROT, the state of the connection is READY_TO_NEW (-1) .after the
first match of the rule I replace the port and the ip to be as the source port
7.
8. General concept
• the DLP for C code inspection is measured
between ratio of number of words in the
packet and the weight defined
• if the weight is higher than the number of
words, the packet will be dropped, and logged
as DLP, and the connection will be deleted
• each weight form the weight rules will be
multiple by the number of brackets (“ { }”)
surround it +1
9. Weight rules
1.
I search for patterns #include and #define in the following manner,
#include -have to be with 2 words, and ends with .h or .c at end of the second word
#define- have to be with 3 words.
I weight each #include and #define as the number of words they have multiply by 5
the code of this rule is found in weight_macros function
2.
each line with the pattern print#(#“#”); or scan#(#“#”); will be count as the number of words the
pattern took from start to end.
If there are inside the pattern %d %s /n I increase the weight by one for each
the code of this rule is found in weight_known_pattern function
3.
Each line with the pattern if#(#) for#(#;#;#) while#(#) will be count as the number of words the pattern
took from start to end.
If there are inside the pattern == <&& || > I increase the weight by one for each
the code of this rule is found in weight_flow function
4.
I weight each “;” I found as 1 and each “->” as 2
10. DLP inspection example
2*5 #include 2 words and the last with .h
0 no .h or .c at last word
0 #define with more then 3 words
3*5 define with 3 words
0 not in the right pattern
2 ->
5+3 (number of words + special chars)
0 no ; at end
1*2 in{} and one word
0
2*3 in {{ }} and equal 2
0
(4+3)*2 in {} , 4 words+3 special chars
0
Sum=10+15+2+8+2+6+14=57
Number of words=31
The packet will be dropped
22. FW inspectoin
if packet came with port 80 and with the GET
request ,I inspect the packet that the requested
url length is last then 64 chars because of the
Webster vulnerability, else I dropped the packet
with reason WEBSTER (enum -8) and the
connection will be deleted
The message to response is: IDS_404_MESSAGE &quot;&lt;HEAD&gt;&lt;TITLE&gt;404 Not Found&lt;/TITLE&gt;&lt;/HEAD&gt;\n&lt;BODY&gt;&lt;H1&gt;404 Not Found&lt;/H1&gt;\nThe requested URL &lt;%s&gt; was not found on this server.&lt;BR&gt;\n&lt;/BODY&gt;\r\n” which size is 136 (without “%s“ include “/0”)
When asking url of 64+ chars there is a buffer overflow in buf[200]
Override exception handler
Each url that comes we hit this function. That logs the request. If the request is ~ 200 chars, there is buffer overflow
Return address is overridden
Taken from Corelan team
The code sends Get request and in the application variable inject the sql query.
The query is for session id from the zabbix session table where the user is admin (userid=1) and the user is not logged in (status=0)