DOCSLIB.ORG

Netiq Access Manager Appliance 4.0 Access Gateway Guide

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Netiq Access Manager Appliance 4.0 Access Gateway Guide Access Gateway Guide Access Manager 4.0 Appliance SP1 May 2014 www.netiq.com/documentation Legal Notice THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT ARE FURNISHED UNDER AND ARE SUBJECT TO THE TERMS OF A LICENSE AGREEMENT OR A NON-DISCLOSURE AGREEMENT. EXCEPT AS EXPRESSLY SET FORTH IN SUCH LICENSE AGREEMENT OR NON-DISCLOSURE AGREEMENT, NETIQ CORPORATION PROVIDES THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. SOME STATES DO NOT ALLOW DISCLAIMERS OF EXPRESS OR IMPLIED WARRANTIES IN CERTAIN TRANSACTIONS; THEREFORE, THIS STATEMENT MAY NOT APPLY TO YOU. For purposes of clarity, any module, adapter or other similar material ("Module") is licensed under the terms and conditions of the End User License Agreement for the applicable version of the NetIQ product or software to which it relates or interoperates with, and by accessing, copying or using a Module you agree to be bound by such terms. If you do not agree to the terms of the End User License Agreement you are not authorized to use, access or copy a Module and you must destroy all copies of the Module and contact NetIQ for further instructions. This document and the software described in this document may not be lent, sold, or given away without the prior written permission of NetIQ Corporation, except as otherwise permitted by law. Except as expressly set forth in such license agreement or non-disclosure agreement, no part of this document or the software described in this document may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, or otherwise, without the prior written consent of NetIQ Corporation. Some companies, names, and data in this document are used for illustration purposes and may not represent real companies, individuals, or data. This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time. U.S. Government Restricted Rights: If the software and documentation are being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), in accordance with 48 C.F.R. 227.7202- 4 (for Department of Defense (DOD) acquisitions) and 48 C.F.R. 2.101 and 12.212 (for non-DOD acquisitions), the government’s rights in the software and documentation, including its rights to use, modify, reproduce, release, perform, display or disclose the software or documentation, will be subject in all respects to the commercial license rights and restrictions provided in the license agreement. © 2013 NetIQ Corporation. All Rights Reserved. For information about NetIQ trademarks, see https://www.netiq.com/company/legal/. Contents About NetIQ Corporation 7 About this Book and the Library 9 1 Configuring the Access Gateway for SSL and Other Security Features 11 1.1 Using SSL on the Access Manager Appliance Communication Channels. 11 1.2 Prerequisites for SSL . 12 1.2.1 Prerequisites for SSL Communication between the Identity Server and Access Manager Appliance . 13 1.2.2 Prerequisites for SSL Communication between the Access Gateway and Web Servers . 13 1.3 Configuring SSL Communication with Browsers and the Identity Server . 14 1.4 Configuring SSL between the Proxy Service and the Web Servers. 16 1.5 Enabling Secure Cookies . 17 1.5.1 Securing the Embedded Service Provider Session Cookie on the Access Gateway . 17 1.5.2 Securing the Proxy Session Cookie . 18 1.6 Managing Access Gateway Certificates. 19 1.6.1 Managing Reverse Proxy and Web Server Certificates . 19 2 Configuring the Access Gateway to Protect Web Resources 21 2.1 Configuration Options . 21 2.2 Managing Reverse Proxies and Authentication . 23 2.2.1 Creating a Proxy Service . 26 2.2.2 Configuring a Proxy Service . .28 2.2.3 Modifying the DNS Setting for a Proxy Service . 29 2.3 Configuring Web Servers of a Proxy Service. 30 2.4 Configuring Protected Resources . 32 2.4.1 Setting Up a Protected Resource . 33 2.4.2 Configuring an Authentication Procedure for Non-Redirected Login. 36 2.4.3 Assigning an Authorization Policy to a Protected Resource . 38 2.4.4 Assigning an Identity Injection Policy to a Protected Resource. 39 2.4.5 Assigning a Form Fill Policy to a Protected Resource. 40 2.4.6 Assigning a Timeout Per Protected Resource . 41 2.4.7 Assigning a Policy to Multiple Protected Resources . 44 2.5 Configuring Protected Resources for Specific Applications . 45 2.5.1 Configuring Protected Resource for a SharePoint Server . 45 2.5.2 Configuring a Protected Resource for a SharePoint Server with an ADFS Server . 46 2.5.3 Configuring a Protected Resource for Outlook Web Access . 49 2.5.4 Configuring a Protected Resource for a Novell Vibe 3.3 Server . 52 2.5.5 Configuring Access to the Filr Site through Access Manager . 56 2.6 Configuring HTML Rewriting . 57 2.6.1 Understanding the Rewriting Process . 57 2.6.2 Specifying DNS Names to Rewrite . 59 2.6.3 Defining the Requirements for the Rewriter Profile . 62 2.6.4 Configuring the HTML Rewriter and Profile . 69 2.6.5 Creating or Modifying a Rewriter Profile . 72 2.6.6 Disabling the Rewriter . 74 2.7 Configuring Connection and Session Limits. 76 2.7.1 Configuring TCP Listen Options for Clients . 77 2.7.2 Configuring TCP Connect Options for Web Servers . 78 Contents 3 2.7.3 Configuring Connection and Session Persistence. 78 2.7.4 Configuring Web Servers. .79 3 Server Configuration Settings 81 3.1 Configuration Overview . 81 3.2 Saving, Applying, or Canceling Configuration Changes . 82 3.3 Managing Access Gateways . 84 3.3.1 Viewing and Modifying Gateway Settings . 84 3.3.2 Configuration Options . 86 3.3.3 Scheduling a Command . 89 3.4 Managing General Details of the Access Gateway . 89 3.4.1 Changing the Name of an Access Gateway and Modifying Other Server Details . 90 3.4.2 Exporting and Importing an Access Gateway Configuration . 90 3.5 Setting Up a Tunnel . 92 3.6 Setting the Date and Time . 93 3.7 Customizing Error Messages and Error Pages on Access Gateway . 95 3.7.1 Customizing and Localizing Error Messages. 95 3.7.2 Customizing the Error Pages . 96 3.8 Configuring Network Settings. 97 3.8.1 Viewing and Modifying Adapter Settings . 98 3.8.2 Viewing and Modifying Gateway Settings . 99 3.8.3 Viewing and Modifying DNS Settings . 101 3.8.4 Configuring Hosts . 102 3.8.5 Adding a New IP Address to the Access Gateway . 103 3.9 Customizing Logout Requests . 103 3.9.1 Customizing Applications to Use the Access Gateway Logout Page . 103 3.9.2 Customizing the Access Gateway Logout Page . 104 3.9.3 Configuring the Logout Disconnect Interval. 105.
Load more

Recommended publications
  • Load Balancing for Heterogeneous Web Servers
    Load Balancing for Heterogeneous Web Servers Adam Pi´orkowski1, Aleksander Kempny2, Adrian Hajduk1, and Jacek Strzelczyk1 1 Department of Geoinfomatics and Applied Computer Science, AGH University of Science and Technology, Cracow, Poland {adam.piorkowski,jacek.strzelczyk}@agh.edu.pl http://www.agh.edu.pl 2 Adult Congenital and Valvular Heart Disease Center University of Muenster, Muenster, Germany [email protected] http://www.ukmuenster.de Abstract. A load balancing issue for heterogeneous web servers is de- scribed in this article. The review of algorithms and solutions is shown. The selected Internet service for on-line echocardiography training is presented. The independence of simultaneous requests for this server is proved. Results of experimental tests are presented3. Key words: load balancing, scalability, web server, minimum response time, throughput, on-line simulator 1 Introduction Modern web servers can handle millions of queries, although the performance of a single node is limited. Performance can be continuously increased, if the services are designed so that they can be scaled. The concept of scalability is closely related to load balancing. This technique has been used since the beginning of the first distributed systems, including rich client architecture. Most of the complex web systems use load balancing to improve performance, availability and security [1{4]. 2 Load Balancing in Cluster of web servers Clustering of web servers is a method of constructing scalable Internet services. The basic idea behind the construction of such a service is to set the relay server 3 This is the accepted version of: Piorkowski, A., Kempny, A., Hajduk, A., Strzelczyk, J.: Load Balancing for Heterogeneous Web Servers.
    [Show full text]
  • Zope Documentation Release 5.3
    Zope Documentation Release 5.3 The Zope developer community Jul 31, 2021 Contents 1 What’s new in Zope 3 1.1 What’s new in Zope 5..........................................4 1.2 What’s new in Zope 4..........................................4 2 Installing Zope 11 2.1 Prerequisites............................................... 11 2.2 Installing Zope with zc.buildout .................................. 12 2.3 Installing Zope with pip ........................................ 13 2.4 Building the documentation with Sphinx ............................... 14 3 Configuring and Running Zope 15 3.1 Creating a Zope instance......................................... 16 3.2 Filesystem Permissions......................................... 17 3.3 Configuring Zope............................................. 17 3.4 Running Zope.............................................. 18 3.5 Running Zope (plone.recipe.zope2instance install)........................... 20 3.6 Logging In To Zope........................................... 21 3.7 Special access user accounts....................................... 22 3.8 Troubleshooting............................................. 22 3.9 Using alternative WSGI server software................................. 22 3.10 Debugging Zope applications under WSGI............................... 26 3.11 Zope configuration reference....................................... 27 4 Migrating between Zope versions 37 4.1 From Zope 2 to Zope 4 or 5....................................... 37 4.2 Migration from Zope 4 to Zope 5.0..................................
    [Show full text]
  • Linux Install and Configure Pound Reverse Proxy for Apache Http / Https Web Server 21/03/2011 15:17
    Linux install and configure pound reverse proxy for Apache http / https web server 21/03/2011 15:17 About Blog Forum Low graphics Shell Scripts RSS/Feed Flash Linux FAQ / Howtos Linux install and configure pound reverse proxy for Apache http / https web server by Vivek Gite on December 11, 2007 · 21 comments Q. How do I install and configure pound reverse proxy for Apache web sever under Debian Linux? A. Pound is a reverse-proxy load balancing server. It accepts requests from HTTP / HTTPS clients and distributes them to one or more Web servers. The HTTPS requests are decrypted and passed to the back- ends as plain HTTP. It will act as: a) Server load balancer b) Reverse proxy server c) Apache reverse proxy etc d) It can detects when a backend server fails or recovers, and bases its load balancing decisions on this information: if a backend server fails, it will not receive requests until it recovers e) It can decrypts https requests to http ones f) Rejects incorrect requests h) It can be used in a chroot environment (security feature) If more than one back-end server is defined, Pound chooses one of them randomly, based on defined priorities. By default, Pound keeps track of associations between clients and back-end servers (sessions). Install Pound Software Type the following command to install pound: $ sudo apt-get install pound If you are using RHEL / CentOS, grab pound rpm here and type the command: # rpm -ivh pound* If you are using FreeBSD, enter: # cd /usr/ports/www/pound/ && make install clean How it works? Let us assume your public IP address 202.54.1.5.
    [Show full text]
  • Loadbalancer.Org Appliance Administration V5.5
    Loadbalancer.org Appliance Administration v5.5 Copyright © Loadbalancer.org Limited 2002-2007 Table of Contents Loadbalancer.org Appliance Administration v5.5................................................................................1 Introduction......................................................................................................................................4 Console configuration......................................................................................................................4 Remote configuration......................................................................................................................6 Edit Configuration...........................................................................................................................7 Logical Load balancer configuration..........................................................................................7 Modify Logical Virtual Severs ..................................................................................................7 Modify Logical Real Severs .....................................................................................................11 Modify Global Settings ............................................................................................................13 Modify logical Virtual Servers (Layer 7 HAProxy)..................................................................14 Modify logical Real Servers (Layer 7 HAProxy)......................................................................15
    [Show full text]
  • Key Configurations and Some Apis
    APPENDIX A Key Configurations and Some APIs THIS APPENDIX CONTAINS some of the key development configurations for Zope, Plone, and Python. This appendix provides information for developers of sites, and it also lists some ofthe most usefulApplication Programming Interfaces (APIs). Setting Up Your Environment The following sections relate to configuring your development or production environment for optimal usage. If you're developing a lot with Plone, I rec­ ommend these settings. Setting Up PYTHONPATH Setting up PYTHONPATH is extremely useful because it allows you to easily access all the Zope functionality from a Python prompt. You can easily test if you have this set up-you can just attempt to import the PageTemplate module from Products. If this isn't set up, you should see the following: $ python -c "import Products.PageTemplates" Traceback (most recent call last): File "<string>", line 1, in ? ImportError: No module named Products.PageTemplates Unix} Linux} and Mac OS X First, find the Products directory of your Zope installation (not the instance horne). On the standard installation, this is at /opt/Zope- 2.7 /lib/python; on Windows it's at c: \Program Files\Plone\Zope\lib\python. When Python starts, it reads an envi­ ronmentvariable called PYTHONPATH and puts all those directories in thatvariable into the search path for new modules. So you need to add your directory to that variable. 465 AppendixA You do this using the export command, to see if PYTHONPATH contains anything initially, run the following: $ export I grep PYTHONPATH declare -x PYTHONPATH="/home/andy/modules" In my case, I already have an environment variable called PYTHONPATH, although chances are your computer won't have this set up.
    [Show full text]
  • The Zope Book (2.6 Edition)
    The Zope Book (2.6 Edition) Amos Latteier, Michel Pelletier, Chris McDonough, Peter Sabaini The Zope Book (2.6 Edition) Preface 32 How the Book Is Organized 32 Conventions Used in This Book 34 Contributors to This Book 35 Introducing Zope 36 What Is A Web Application? 36 How You Can Benefit From Using An Application Server 37 Zope History 38 Why Use Zope Instead of Another Application Server 38 Zope Audiences and What Zope Isn't 39 Zope's Terms of Use and License and an Introduction to The Zope Community 40 Zope Concepts and Architecture 41 Fundamental Zope Concepts 41 Zope Is A Framework 41 Object Orientation 41 Object Publishing 41 Through-The-Web Management 42 Security and Safe Delegation 42 Native Object Persistence and Transactions 43 Acquisition 43 Zope Is Extensible 43 Fundamental Zope Components 44 Installing and Starting Zope 45 Downloading Zope 45 Installing Zope 45 Installing Zope for Windows With Binaries from Zope.org 46 Installing Zope on Linux and Solaris With Binaries from Zope.org 50 Compiling and Installing Zope from Source Code 52 Starting Zope 53 Using Zope With An Existing Webserver 54 Starting Zope On Windows 54 Starting Zope on UNIX 54 Starting Zope As The Root User 55 Your Zope Installation 55 Logging In 56 Controlling the Zope Process With the Control Panel 57 2 The Zope Book (2.6 Edition) Controlling the Zope Process From the Command Line 57 Troubleshooting 58 Options To The Zope start or start.bat Script 58 Environment Variables that Effect Zope at Runtime 61 When All Else Fails 65 Object Orientation 66 Objects
    [Show full text]
  • Building Websites with Plone an In-Depth and Comprehensive Guide to the Plone Content Management System
    Building Websites with Plone An in-depth and comprehensive guide to the Plone content management system Cameron Cooper Building Websites with Plone An in-depth and comprehensive guide to the Plone content management system Copyright © 2004 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, Packt Publishing, nor its dealers or distributors will be held liable for any damages caused or alleged to be caused either directly or indirectly by this book. Packt Publishing has endeavored to provide trademark information about all the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information. First edition: November 2004 Published by Packt Publishing Ltd. 32 Lincoln Road Olton Birmingham, B27 6PA, UK. ISBN 1-904811-02-7 www.packtpub.com Cover Design by www.visionwt.com Credits Author Layout* Cameron Cooper Ashutosh Pande Technical Reviewers Indexers* Godefroid Chapelle Niranjan Jahagirdar Brent Hendricks Ashutosh Pande Dmitry Makovey Jason Wilson Proofreader Chris Smith Commissioning Editor Louay Fatoohi Cover Designer Helen Wood Technical Editors* Niranjan Jahagirdar Nanda Padmanabhan Ashutosh Pande * Services provided by www.editorialindia.com About the Author J.
    [Show full text]
  • Nginx Reverse Proxy Documentation
    Nginx Reverse Proxy Documentation prepunctualGriff is better: Bobbie she sorbs inputs pronto massively and inventory and immerses her fornicatress. his kations Drake retiredly accelerating and causally. swift. Sprightlier and Nginx which your docker repositories to proxy ensures the nginx reverse proxies a particular to find all of nginx when set the certificate varies greatly increase the request and Defines conditions under which way that. For reverse proxy provides you sure you find all that nginx reverse proxy documentation for authentication to documentation to retain your installation, and sends it is slow clients. By encrypting the server is returned to several directives that nginx reverse proxy documentation are very, loading the well known certificate files are set. Python applications specific environment variable to nginx reverse proxy documentation. If several directives can be applied to making cookie, Arnaud de Brindejonc de Bermingham. If time, the Airflow logo, which then retrieves resources from famous public internet on behalf of the client. If several directives listed here we must explicitly define an nginx reverse proxy documentation to documentation, reverse proxy configuration errors, and tutorials to load among several reasons is? The web browser displays the server, and pound are from gunicorn should secure headers, nginx can nginx reverse proxy documentation! Your backend container should then listen on a port rather than a socket and expose that port. How do i setup may be accessed by twitter for header from here should consist of nginx reverse proxy documentation for. Based on Tabler, distribute, however. Its default behavior is sympathy for scaffolding in development. Modifying nginx reverse proxy documentation may be used as reverse ssl.
    [Show full text]
  • Revprobe: Detecting Silent Reverse Proxies in Malicious Server Infrastructures
    RevProbe: Detecting Silent Reverse Proxies in Malicious Server Infrastructures Antonio Nappa Rana Faisal Munir Irfan Khan Tanoli IMDEA Software Institute U. Politécnica de Cataluña Gran Sasso Science Institute [email protected] [email protected] [email protected] Christian Kreibich Juan Caballero ICSI & Lastline IMDEA Software Institute [email protected] [email protected] ABSTRACT since they do not store essential information and can run on in- Web service operators set up reverse proxies to interpose the com- fected machines or cheap cloud VMs. Furthermore, they can dis- munication between clients and origin servers for load-balancing tribute traffic across multiple origin servers, making the malicious traffic across servers, caching content, and filtering attacks. Silent server infrastructure more resilient to take-downs. In contrast, ori- reverse proxies, which do not reveal their proxy role to the client, gin servers are more valuable, should remain hidden, and may use are of particular interest since malicious infrastructures can use more expensive “bullet-proof” hosting. them to hide the existence of the origin servers, adding an indi- Miscreants can employ different types of intermediate servers to rection layer that helps protecting origin servers from identification introduce indirection in malicious infrastructures. Botnet opera- and take-downs. tors leverage publicly reachable computers in the botnet to serve We present RevProbe, a state-of-the-art tool for automatically as proxies [35, 36], HTTP redirectors are widely used in drive- detecting silent reverse proxies and identifying the server infras- by downloads [43], and traffic delivery systems (TDSes) aggregate tructure behind them. RevProbe uses active probing to send re- traffic towards exploit servers [39].
    [Show full text]
  • Performance Evaluation of the Apache Traffic Server and Varnish Reverse
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by NORA - Norwegian Open Research Archives UNIVERSITY OF OSLO Department of Informatics Performance Evaluation of the Apache Traffic Server and Varnish Reverse Proxies Shahab Bakhtiyari Network and System Administration University of Oslo May 23, 2012 Performance Evaluation of the Apache Traffic Server and Varnish Reverse Proxies Shahab Bakhtiyari Network and System Administration University of Oslo May 23, 2012 Contents 1 Introduction8 1.1 Why Cache?............................... 8 1.2 Motivation................................ 9 1.3 Problem statement ........................... 11 1.4 Thesis Outline.............................. 11 2 Background and Related Workj 12 2.1 Web servers............................... 12 2.1.1 Static web resources ...................... 12 2.1.2 Dynamic web resources .................... 13 2.2 Cache servers.............................. 13 2.2.1 Client side proxy........................ 14 2.2.2 Organization and ISP proxy caches .............. 14 2.2.3 Server ISP or CDN reverse proxy caches ........... 14 2.2.4 Server side reverse proxy cache ................ 15 2.2.5 Distributed Caches and ICP .................. 15 2.3 Cache replacement algorithms ..................... 16 2.3.1 Replacement strategies..................... 16 2.4 HTTP.................................. 21 2.4.1 HTTP Message Structure.................... 22 2.5 Caching software............................ 25 2.5.1 Apache Traffic Server ..................... 25 2.5.2 Varnish............................. 27 2.5.3 Others.............................. 28 2.6 Challenges................................ 28 2.6.1 Realistic Workloads ...................... 28 2.6.2 Lack of recent works...................... 30 2.6.3 Tools specifically designed for cache benchmarking . 30 3 Model and Methodology 32 3.1 Approach ................................ 32 3.2 Test environment ............................ 34 3.3 Web Polygraph ............................
    [Show full text]
  • Loadbalancer.Org Appliance Setup V5.9
    Loadbalancer.org Appliance Setup v5.9 This document covers the basic steps required to setup the Loadbalancer.org appliances. Please pay careful attention to the section on the ARP problem for your real server OS. Copyright © Loadbalancer.org Limited 2002-2007 Table of Contents Loadbalancer.org Appliance Setup v5.8..............................................................................................1 Planing.............................................................................................................................................3 Example Layer 4 configuration.......................................................................................................4 Refining the planing....................................................................................................................5 Finalizing the network diagram.......................................................................................................6 Example Network Diagram: Direct Routing Mode.........................................................................7 Example Network Diagram: Network Address Translation Mode.................................................8 A bit more detail on the NAT style set up.......................................................................................9 A Firewall is simple in theory but can be complex in practice:....................................................11 Explaining the RIP & VIP.............................................................................................................12
    [Show full text]
  • Advances in the Detection of Malicious Servers and the Analysis of Client-Side Vulnerabilities
    UNIVERSIDAD POLITECNICA´ DE MADRID ESCUELA TECNICA´ SUPERIOR DE INGENIEROS INFORMATICOS´ Defending Against Cybercrime: Advances in the Detection of Malicious Servers and the Analysis of Client-Side Vulnerabilities PH.D THESIS Antonio Nappa Copyright c February 2016 by Antonio Nappa DEPARTAMENTAMENTO DE LENGUAJES Y SISTEMAS INFORMATICOS´ E INGENIERIA DE SOFTWARE ESCUELA TECNICA´ SUPERIOR DE INGENIEROS INFORMATICOS´ Defending Against Cybercrime: Advances in the Detection of Malicious Servers and the Analysis of Client-Side Vulnerabilities SUBMITTED IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF: Doctor en Inform´atica Author: Antonio Nappa Advisor Dr. Juan Caballero February 2016 Jury: Somesh Jha, Professor of Computer Sciences - University of Wisconsin-Madison Lorenzo Cavallaro, Senior Lecturer of Computer Sciences - Royal Holloway University of London Juan Manuel Est´evez Tapiador, Profesor Titular de Universidad - Universi- dad Carlos III de Madrid Victor A. Villagr´a, Profesor Titular de Universidad - Universidad Polit´ecnica de Madrid Boris K¨opf, Assistant Research Professor - IMDEA Software Institute Carmela Troncoso, Researcher - IMDEA Software Institute Manuel Carro, Profesor Titular de Universidad - Universidad Polit´ecnica de Madrid Resumen de la tesis Esta tesis se centra en el an´alisisde dos aspectos complementarios de la ciberdelin- cuencia (es decir, el crimen perpetrado a trav´esde la red para ganar dinero). Estos dos aspectos son las m´aquinasinfectadas utilizadas para obtener beneficios econ´omicosde la delincuencia a trav´esde diferentes acciones (como por ejemplo, clickfraud, DDoS, correo no deseado) y la infraestructura de servidores utiliza- dos para gestionar estas m´aquinas(por ejemplo, C & C, servidores explotadores, servidores de monetizaci´on,redirectores). En la primera parte se investiga la exposici´ona las amenazas de los orde- nadores victimas.
    [Show full text]