DOCSLIB.ORG

ADC Administration Guide, Staros Release 21.9

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
ADC Administration Guide, Staros Release 21.9 ADC Administration Guide, StarOS Release 21.9 First Published: 2018-07-31 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com go trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1721R) © 2018 Cisco Systems, Inc. All rights reserved. CONTENTS PREFACE About this Guide vii Conventions Used vii Supported Documents and Resources viii Related Common Documentation viii Related Product Documentation viii Obtaining Documentation ix Contacting Customer Support ix CHAPTER 1 Application Detection and Control Overview 1 ADC Overview 1 Qualified Platforms 2 License Requirements 2 Dynamic Software Upgrade 2 Overview 2 ADC Protocol Group Detection 3 Behavioral Traffic 4 SNI Detection 4 SSL Renegotiation Tracking 4 Analyzer Interworking 5 Traffic Sub-classification 5 ADC Support for TRM/FP 5 ADC Support for FAPA 5 ADC Support over Gx 7 Limitations 9 Dynamic Advertisement Server Correlation 9 Bulk Statistics Support 10 ADC Administration Guide, StarOS Release 21.9 iii Contents How ADC Works 11 Limitations 11 CHAPTER 2 Application Detection and Control Configuration 13 Configuring Dynamic Software Upgrade 13 How to perform Dynamic Software Upgrade 13 Configuring System for ADC 15 Initial Configuration 16 Enabling Enhanced Charging 16 Modifying the Local Context 16 ADC Configuration 17 Creating the Active Charging Service 17 Configuring ADC Rules 18 Configuring P2P Protocol Groups 19 Configuring Behavioral Detection 20 Configuring P2P Advertisement server 21 Configuring SSL Renegotiation 21 Configuring Analyzers 22 Configuring the Charging Action 22 Configuring the Rulebase 23 Setting EDR Formats 23 Configuring IP Protocol and Server port mapping 24 Configuring EDR for P2P Events 24 Gathering ADC Statistics 25 Supported Bulk Statistics 27 P2P Reports 27 CHAPTER 3 App-based Tethering Detection 29 Feature Information 29 Feature Description 30 How It Works 30 Licensing 30 Configuring App-based Tethering Detection 30 Enabling App-based Tethering Detection at Rulebase Level 30 ADC Administration Guide, StarOS Release 21.9 iv Contents Enabling App-based Tethering Detection at Ruledef Level 31 Enabling App-based Tethering Detection at Rule-variable 31 Monitoring and Troubleshooting the App-based Tethering Detection 32 Show Commands and Outputs 32 CHAPTER 4 Peer-to-Peer Protocol and Application Detection Support 35 Supported Protocols and Applications 35 New in this Release 35 All Supported Protocols and Applications 36 Port-based Protocols 98 IP Protocols 126 CHAPTER 5 Reporting SSL Parameters in EDR 133 Feature Summary and Revision History 133 Feature Description 134 How It Works 134 EDR 134 Configuring SSL Parameters in EDR 136 Enabling SSL Parameters 136 Monitoring and Troubleshooting 136 Show Commands and/or Outputs 136 CHAPTER 6 Support for SNI Detection 139 Feature Description 139 QUIC SNI Detection 139 Relationships to Other Features 140 Configuring SNI Detection 141 Configuring SNI in Ruledef 141 Configuring SNI rule variable 142 Enabling HTTPS Analyzer Interworking 143 Verifying the SNI Configuration 143 Monitoring and Troubleshooting the SNI Detection 143 SNI Detection Show Command(s) and/or Outputs 143 show active-charging analyzer statistics name cdp 143 ADC Administration Guide, StarOS Release 21.9 v Contents show active-charging flows type cdp 144 Bulk Statistics 144 ADC Administration Guide, StarOS Release 21.9 vi About this Guide This preface describes the ADC Administration Guide, how it is organized and its document conventions. Application Detection and Control (ADC) is a StarOS™ in-line service application that runs on Cisco® ASR 5500 platform. The ADC in-line service makes use of innovative and highly accurate protocol behavioral detection techniques to reliably detect protocols and applications in the network. ADC is mainly used to detect Peer-to-Peer protocols by analyzing traffic, and can also detect network traffic created by audio and video clients. • Conventions Used, on page vii • Supported Documents and Resources, on page viii • Contacting Customer Support , on page ix Conventions Used The following tables describe the conventions used throughout this documentation. Notice Type Description Information Note Provides information about important features or instructions. Caution Alerts you of potential damage to a program, device, or system. Warning Alerts you of potential personal injury or fatality. May also alert you of potential electrical hazards. Typeface Conventions Description Text represented as a screen display This typeface represents displays that appear on your terminal screen, for example: Login: ADC Administration Guide, StarOS Release 21.9 vii About this Guide Supported Documents and Resources Typeface Conventions Description Text represented as commands This typeface represents commands that you enter, for example: show ip access-list This document always gives the full form of a command in lowercase letters. Commands are not case sensitive. Text represented as a command variable This typeface represents a variable that is part of a command, for example: show card slot_number slot_number is a variable representing the desired chassis slot number. Text represented as menu or sub-menu names This typeface represents menus and sub-menus that you access within a software application, for example: Click the File menu, then click New Supported Documents and Resources Related Common Documentation The following common documents are available: • AAA Interface Administration and Reference • Command Line Interface Reference • GTPP Interface Administration and Reference • Installation Guide (platform dependant) • Release Change Reference • SNMP MIB Reference • Statistics and Counters Reference • System Administration Guide (platform dependant) • Thresholding Configuration Guide Related Product Documentation The most up-to-date information for this product is available in the product Release Notes provided with each product release. The following product documents are also available and work in conjunction with ADC: • ECS Administration Guide • GGSN Administration Guide • PDSN Administration Guide • P-GW Administration Guide ADC Administration Guide, StarOS Release 21.9 viii About this Guide Obtaining Documentation Obtaining Documentation The most current Cisco documentation is available on the following website: http://www.cisco.com/cisco/web/psa/default.html Use the following path selections to access the ADC documentation: Products > Wireless > Mobile Internet > In-Line Services > Cisco Peer-to-Peer Contacting Customer Support Use the information in this section to contact customer support. Refer to the support area of http://www.cisco.com for up-to-date product documentation or to submit a service request. A valid username and password are required to access this site. Please contact your Cisco sales or service representative for additional information. ADC Administration Guide, StarOS Release 21.9 ix About this Guide Contacting Customer Support ADC Administration Guide, StarOS Release 21.9 x CHAPTER 1 Application Detection and Control Overview This chapter
Load more

Recommended publications
  • Uila Supported Apps
    Uila Supported Applications and Protocols updated Oct 2020 Application/Protocol Name Full Description 01net.com 01net website, a French high-tech news site. 050 plus is a Japanese embedded smartphone application dedicated to 050 plus audio-conferencing. 0zz0.com 0zz0 is an online solution to store, send and share files 10050.net China Railcom group web portal. This protocol plug-in classifies the http traffic to the host 10086.cn. It also 10086.cn classifies the ssl traffic to the Common Name 10086.cn. 104.com Web site dedicated to job research. 1111.com.tw Website dedicated to job research in Taiwan. 114la.com Chinese web portal operated by YLMF Computer Technology Co. Chinese cloud storing system of the 115 website. It is operated by YLMF 115.com Computer Technology Co. 118114.cn Chinese booking and reservation portal. 11st.co.kr Korean shopping website 11st. It is operated by SK Planet Co. 1337x.org Bittorrent tracker search engine 139mail 139mail is a chinese webmail powered by China Mobile. 15min.lt Lithuanian news portal Chinese web portal 163. It is operated by NetEase, a company which 163.com pioneered the development of Internet in China. 17173.com Website distributing Chinese games. 17u.com Chinese online travel booking website. 20 minutes is a free, daily newspaper available in France, Spain and 20minutes Switzerland. This plugin classifies websites. 24h.com.vn Vietnamese news portal 24ora.com Aruban news portal 24sata.hr Croatian news portal 24SevenOffice 24SevenOffice is a web-based Enterprise resource planning (ERP) systems. 24ur.com Slovenian news portal 2ch.net Japanese adult videos web site 2Shared 2shared is an online space for sharing and storage.
    [Show full text]
  • Prebrane Zo Stranky
    Manuál pre začiatočníkov a používateľov Microsoft Windows Galadriel 1.7.4 Manuál je primárne tvorený pre Ubuntu 7.04 Feisty Fawn. Dá sa však použiť aj pre Kubuntu, Xubuntu, Edubuntu, Ubuntu Studio a neoficiálne distribúcie založené na Ubuntu. Pokryté verzie: 7.10, 7.04, 6.10, 6.06 a 5.10 (čiastočne) Vypracoval Stanislav Hoferek (ICQ# 258126362) s komunitou ľudí na stránkach: linuxos.sk kubuntu.sk ubuntu.wz.cz debian.nfo.sk root.cz 1 Začíname! 5 Pracovné prostredie 9 Live CD 1.1 Postup pre začiatočníkov 5.1 Programové vybavenie 9.1 Vysvetlenie 1.2 Zoznámenie s manuálom 5.1.1 Prvé kroky v Ubuntu 9.2 Prístup k internetu 1.3 Zoznámenie s Ubuntu 5.1.2 Základné programy 9.3 Pripojenie pevných diskov 1.3.1 Ubuntu, teší ma! 5.1.3 Prídavné programy 9.4 Výhody a nevýhody Live CD 1.3.2 Čo tu nájdem? 5.2 Nastavenie jazyka 9.5 Live CD v prostredí Windows 1.3.3 Root 5.3 Multimédia 9.6 Ad-Aware pod Live CD 1.4. Užitočné informácie 5.3.1 Audio a Video Strana 48 1.4.1 Odkazy 5.3.2 Úprava fotografii 1.4.2 Slovníček 5.4 Kancelária 10 FAQ 1.4.3 Ako Linux funguje? 5.4.1 OpenOffice.org 10 FAQ 1.4.4 Spúšťanie programov 5.4.2 PDF z obrázku Strana 50 1.5 Licencia 5.4.3 Ostatné Strana 2 5.5 Hry 11 Tipy a triky 5.6 Estetika 11.1 Všeobecné rady 2 Linux a Windows 5.7 Zavádzanie systému 11.2 Pokročilé prispôsobenie systému 2.1 Porovnanie OS 5.7.1 Zavádzač 11.3 Spustenie pri štarte 2.2 Náhrada Windows Programov 5.7.2 Prihlasovacie okno 11.4 ALT+F2 2.3 Formáty 5.7.3 Automatické prihlásenie 11.5 Windows XP plocha 2.4 Rozdiely v ovládaní 5.8 Napaľovanie v Linuxe Strana 55 2.5 Spustenie programov pre Windows 5.9 Klávesové skratky 2.6 Disky 5.10 Gconf-editor 12 Konfigurácia 2.7 Klávesnica Strana 27 12.1 Nástroje na úpravu konfigurákov Strana 12 12.2 Najdôležitejšie konf.
    [Show full text]
  • Cisco SCA BB Protocol Reference Guide
    Cisco Service Control Application for Broadband Protocol Reference Guide Protocol Pack #60 August 02, 2018 Cisco Systems, Inc. www.cisco.com Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at www.cisco.com/go/offices. THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
    [Show full text]
  • Comodo System Cleaner Version 3.0
    Comodo System Cleaner Version 3.0 User Guide Version 3.0.122010 Versi Comodo Security Solutions 525 Washington Blvd. Jersey City, NJ 07310 Comodo System Cleaner - User Guide Table of Contents 1.Comodo System-Cleaner - Introduction ............................................................................................................ 3 1.1.System Requirements...........................................................................................................................................5 1.2.Installing Comodo System-Cleaner........................................................................................................................5 1.3.Starting Comodo System-Cleaner..........................................................................................................................9 1.4.The Main Interface...............................................................................................................................................9 1.5.The Summary Area.............................................................................................................................................11 1.6.Understanding Profiles.......................................................................................................................................12 2.Registry Cleaner............................................................................................................................................. 15 2.1.Clean.................................................................................................................................................................16
    [Show full text]
  • Faster Interconnects for Next-Generation Data Centers 2
    Faster Interconnects for Next- Generation Data Centers Summary Insight With the data deluge washing over today’s data centers, IT Author: Jean S. Bozman infrastructure benefits from Introduction faster interconnects. Faster storage requires faster A wave of change is sweeping over the data center – and a multi- networks. Even more terabyte data deluge is coming along with it. This rapid change is being generated by new sources of data coming from Cloud performance can be achieved by Computing, Mobility, Social Media and Big Data/Analytics. All of using iSER, a maturing these workloads must now be supported, along with transactional standard for extending iSCSI processing, enterprise applications and data warehouses. with RDMA (Remote Direct For many IT professionals, the new demands are causing a “rethink” Memory Access). Using iSER, of their data-transfer infrastructure. The Fibre Channel high-performing storage can be interconnects and slower Ethernet links are showing their age – and connected to fast Ethernet links the aging links must be updated or replaced as quickly as possible. via iSCSI, speeding data Otherwise, these slow links will be “bottlenecks” that slow down the transfers from the network to business or organization that depends on that IT infrastructure. servers and storage systems. This process of data center transformation requires thoughtful These technologies can be used planning – but IT organizations cannot afford to wait too long, or together to replace aging high- performance of mission-critical applications and databases will speed interconnects, such as suffer. Fibre Channel links and older Ethernet links. Flash Storage and Your Network Many technologies will need to become more efficient in the process, including the storage systems that house the data – and send it to the compute engines for processing.
    [Show full text]
  • Simulacijski Alati I Njihova Ograničenja Pri Analizi I Unapređenju Rada Mreža Istovrsnih Entiteta
    SVEUČILIŠTE U ZAGREBU FAKULTET ORGANIZACIJE I INFORMATIKE VARAŽDIN Tedo Vrbanec SIMULACIJSKI ALATI I NJIHOVA OGRANIČENJA PRI ANALIZI I UNAPREĐENJU RADA MREŽA ISTOVRSNIH ENTITETA MAGISTARSKI RAD Varaždin, 2010. PODACI O MAGISTARSKOM RADU I. AUTOR Ime i prezime Tedo Vrbanec Datum i mjesto rođenja 7. travanj 1969., Čakovec Naziv fakulteta i datum diplomiranja Fakultet organizacije i informatike, 10. listopad 2001. Sadašnje zaposlenje Učiteljski fakultet Zagreb – Odsjek u Čakovcu II. MAGISTARSKI RAD Simulacijski alati i njihova ograničenja pri analizi i Naslov unapređenju rada mreža istovrsnih entiteta Broj stranica, slika, tablica, priloga, XIV + 181 + XXXVIII stranica, 53 slike, 18 tablica, 3 bibliografskih podataka priloga, 288 bibliografskih podataka Znanstveno područje, smjer i disciplina iz koje Područje: Informacijske znanosti je postignut akademski stupanj Smjer: Informacijski sustavi Mentor Prof. dr. sc. Željko Hutinski Sumentor Prof. dr. sc. Vesna Dušak Fakultet na kojem je rad obranjen Fakultet organizacije i informatike Varaždin Oznaka i redni broj rada III. OCJENA I OBRANA Datum prihvaćanja teme od Znanstveno- 17. lipanj 2008. nastavnog vijeća Datum predaje rada 9. travanj 2010. Datum sjednice ZNV-a na kojoj je prihvaćena 18. svibanj 2010. pozitivna ocjena rada Prof. dr. sc. Neven Vrček, predsjednik Sastav Povjerenstva koje je rad ocijenilo Prof. dr. sc. Željko Hutinski, mentor Prof. dr. sc. Vesna Dušak, sumentor Datum obrane rada 1. lipanj 2010. Prof. dr. sc. Neven Vrček, predsjednik Sastav Povjerenstva pred kojim je rad obranjen Prof. dr. sc. Željko Hutinski, mentor Prof. dr. sc. Vesna Dušak, sumentor Datum promocije SVEUČILIŠTE U ZAGREBU FAKULTET ORGANIZACIJE I INFORMATIKE VARAŽDIN POSLIJEDIPLOMSKI ZNANSTVENI STUDIJ INFORMACIJSKIH ZNANOSTI SMJER STUDIJA: INFORMACIJSKI SUSTAVI Tedo Vrbanec Broj indeksa: P-802/2001 SIMULACIJSKI ALATI I NJIHOVA OGRANIČENJA PRI ANALIZI I UNAPREĐENJU RADA MREŽA ISTOVRSNIH ENTITETA MAGISTARSKI RAD Mentor: Prof.
    [Show full text]
  • Software to Download from File Sharing Sites 10 Best File Sharing Software for Peer to Peer File Sharing
    software to download from file sharing sites 10 Best File Sharing Software for Peer to Peer File Sharing. Sharing files online isn’t that much easy as it should be, especially, if you have large files with size in GBs. Thankfully, we can use P2P (peer-to- peer) file sharing software to easily share files with anyone online of no matter what size. You can easily upload or download TBs of data without any restrictions. P2P file sharing software can be quite handy, but at the same time, they also have some negative points. These p2p file sharing software also host illegal downloads so that it may lead to any action against you. Furthermore, these peer to peer file sharing software are also known to spread viruses and malware; you will have to be careful about downloading too. Top 10 Best File Sharing Software for Peer to Peer File Sharing. There are dozens of P2P file sharing software to choose from, but it is essential to choose the best P2P file sharing software that is safe and features rich. To help you find the best file sharing software for your needs, we have compiled a list of best file sharing software. You can just select the one that seems right for your needs. 1. uTorrent. Even after being acquired by BitTorrent.inc and becoming closed-sourced with ads, uTorrent is still the leader when it comes to P2P file sharing software. Although you need to subscribe for a premium membership to take full advantage of the client, even its free version offers all the required features to upload and download files without limitations.
    [Show full text]
  • Forescout Counteract® Endpoint Support Compatibility Matrix Updated: October 2018
    ForeScout CounterACT® Endpoint Support Compatibility Matrix Updated: October 2018 ForeScout CounterACT Endpoint Support Compatibility Matrix 2 Table of Contents About Endpoint Support Compatibility ......................................................... 3 Operating Systems ....................................................................................... 3 Microsoft Windows (32 & 64 BIT Versions) ...................................................... 3 MAC OS X / MACOS ...................................................................................... 5 Linux .......................................................................................................... 6 Web Browsers .............................................................................................. 8 Microsoft Windows Applications ...................................................................... 9 Antivirus ................................................................................................. 9 Peer-to-Peer .......................................................................................... 25 Instant Messaging .................................................................................. 31 Anti-Spyware ......................................................................................... 34 Personal Firewall .................................................................................... 36 Hard Drive Encryption ............................................................................. 38 Cloud Sync ...........................................................................................
    [Show full text]
  • Conducting and Optimizing Eclipse Attacks in the Kad Peer-To-Peer Network
    Conducting and Optimizing Eclipse Attacks in the Kad Peer-to-Peer Network Michael Kohnen, Mike Leske, and Erwin P. Rathgeb University of Duisburg-Essen, Institute for Experimental Mathematics, Ellernstr. 29, 45326 Essen [email protected], [email protected], [email protected] Abstract. The Kad network is a structured P2P network used for file sharing. Research has proved that Sybil and Eclipse attacks have been possible in it until recently. However, the past attacks are prohibited by newly implemented secu- rity measures in the client applications. We present a new attack concept which overcomes the countermeasures and prove its practicability. Furthermore, we analyze the efficiency of our concept and identify the minimally required re- sources. Keywords: P2P security, Sybil attack, Eclipse attack, Kad. 1 Introduction and Related Work P2P networks form an overlay on top of the internet infrastructure. Nodes in a P2P network interact directly with each other, i.e., no central entity is required (at least in case of structured P2P networks). P2P networks have become increasingly popular mainly because file sharing networks use P2P technology. Several studies have shown that P2P traffic is responsible for a large share of the total internet traffic [1, 2]. While file sharing probably accounts for the largest part of the P2P traffic share, also other P2P applications exist which are widely used, e.g., Skype [3] for VoIP or Joost [4] for IPTV. The P2P paradigm is becoming more and more accepted also for professional and commercial applications (e.g., Microsoft Groove [5]), and therefore, P2P technology is one of the key components of the next generation internet.
    [Show full text]
  • Diapositiva 1
    TRANSFERENCIA O DISTRIBUCIÓN DE ARCHIVOS ENTRE IGUALES (peer-to-peer) Características, Protocolos, Software, Luis Villalta Márquez Configuración Peer-to-peer Una red peer-to-peer, red de pares, red entre iguales, red entre pares o red punto a punto (P2P, por sus siglas en inglés) es una red de computadoras en la que todos o algunos aspectos funcionan sin clientes ni servidores fijos, sino una serie de nodos que se comportan como iguales entre sí. Es decir, actúan simultáneamente como clientes y servidores respecto a los demás nodos de la red. Las redes P2P permiten el intercambio directo de información, en cualquier formato, entre los ordenadores interconectados. Peer-to-peer Normalmente este tipo de redes se implementan como redes superpuestas construidas en la capa de aplicación de redes públicas como Internet. El hecho de que sirvan para compartir e intercambiar información de forma directa entre dos o más usuarios ha propiciado que parte de los usuarios lo utilicen para intercambiar archivos cuyo contenido está sujeto a las leyes de copyright, lo que ha generado una gran polémica entre defensores y detractores de estos sistemas. Las redes peer-to-peer aprovechan, administran y optimizan el uso del ancho de banda de los demás usuarios de la red por medio de la conectividad entre los mismos, y obtienen así más rendimiento en las conexiones y transferencias que con algunos métodos centralizados convencionales, donde una cantidad relativamente pequeña de servidores provee el total del ancho de banda y recursos compartidos para un servicio o aplicación. Peer-to-peer Dichas redes son útiles para diversos propósitos.
    [Show full text]
  • Peer-To-Peer Protocol and Application Detection Support
    Peer-to-Peer Protocol and Application Detection Support This appendix lists all the protocols and applications currently supported by Cisco ASR 5500 ADC. • Supported Protocols and Applications, page 1 Supported Protocols and Applications This section lists all the supported P2P protocols, sub-protocols, and the applications using these protocols. Important Please note that various client versions are supported for the protocols. The client versions listed in the table below are the latest supported version(s). Important Please note that the release version in the Supported from Release column has changed for protocols/applications that are new since the ADC plugin release in August 2015. This will now be the ADC Plugin Build number in the x.xxx.xxx format. The previous releases were versioned as 1.1 (ADC plugin release for December 2012 ), 1.2 (ADC plugin release for April 2013), and so on for consecutive releases. New in this Release This section lists the supported P2P protocols, sub-protocols and applications introduced in the ADC Plugin release for December 1, 2017. ADC Administration Guide, StarOS Release 21.6 1 Peer-to-Peer Protocol and Application Detection Support New in this Release Protocol / Client Client Version Group Classification Supported from Application Release 6play 6play (Android) 4.4.1 Streaming Streaming-video ADC Plugin 2.19.895 Unclassified 6play (iOS) 4.4.1 6play — (Windows) BFM TV BFM TV 3.0.9 Streaming Streaming-video ADC Plugin 2.19.895 (Android) Unclassified BFM TV (iOS) 5.0.7 BFM — TV(Windows) Clash Royale
    [Show full text]
  • Psichogios.Pdf
    1 ΠΑΝΕΠΙΣΤΗΜΙΟ ΠΕΙΡΑΙΩΣ Τμήμα Ψηφιακών Συστημάτων «Διαχείριση κατανεμημένου πολυμεσικού περιεχομένου με χρήση υπηρεσιοστρεφών αρχιτεκτονικών » ΨΥΧΟΓΥΙΟΣ ΕΥΣΤΑΘΙΟΣ Η εργασία υποβάλλεται για την μερική κάλυψη των απαιτήσεων με στόχο την απόκτηση του Μεταπτυχιακού Διπλώματος Σπουδών στα Ψηφιακά Συστήματα του Πανεπιστήμιο Πειραιώς 2 ΠΙΝΑΚΑΣ ΠΕΡΙΕΧΟΜΕΝΩΝ ΠΙΝΑΚΑΣ ΠΕΡΙΕΧΟΜΕΝΩΝ ............................................................................... 2 ΠΕΡΙΛΗΨΗ ............................................................................................................. 4 ΚΑΤΑΛΟΓΟΣ ΣΧΗΜΑΤΩΝ .................................................................................. 5 ΕΙΣΑΓΩΓΗ .............................................................................................................. 6 ΜΕΡΟΣ ΠΡΩΤΟ ..................................................................................................... 7 0 ΚΕΦΑΛΑΙΟ 1 - ΥΠΗΡΕΣΙΕΣ ΠΑΓΚΟΣΜΙΟΥ ΙΣΤΟΥ ........................................ 7 ΥΠΗΡΕΣΙΕΣ ΠΑΓΚΟΣΜΙΟΥ ΙΣΤΟΥ – ΕΙΣΑΓΩΓΗ ........................................... 7 ΥΠΗΡΕΣΙΕΣ ΠΑΓΚΟΣΜΙΟΥ ΙΣΤΟΥ – ΠΛΕΟΝΕΚΤΗΜΑΤΑ ............................. 9 ΥΠΗΡΕΣΙΕΣ ΠΑΓΚΟΣΜΙΟΥ ΙΣΤΟΥ – ΠΑΡΑΔΕΙΓΜΑΤΑ................................ 10 ΥΠΗΡΕΣΙΕΣ ΠΑΓΚΟΣΜΙΟΥ ΙΣΤΟΥ – ΤΙ ΑΛΛΑΖΕΙ; ....................................... 11 ΥΠΗΡΕΣΙΕΣ ΠΑΓΚΟΣΜΙΟΥ ΙΣΤΟΥ – TO ΜΕΛΛΟΝ ΤΟΥΣ ΣΤΗΝ ΕΛΛΑΔΑ .. 12 ΤΕΧΝΙΚΑ ΧΑΡΑΚΤΗΡΙΣΤΙΚΑ – ΟΡΙΣΜΟΣ ....................................................ΠΕΙΡΑΙΑ 14 ΤΕΧΝΙΚΑ ΧΑΡΑΚΤΗΡΙΣΤΙΚΑ – ΜΟΝΤΕΛΟ ..................................................
    [Show full text]