DOCSLIB.ORG

Dissertation

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Securing the Internet by Analysing and Controlling DNS Traffic: Email Worm Detection and Mitigation vorgelegt von Diplom-Ingenieur Nikolaos Chatzis von der Fakult¨atIV - Elektrotechnik und Informatik der Technischen Universit¨atBerlin zur Erlangung des akademischen Grades Doktor der Ingenieurwissenschaften { Dr.-Ing. { genehmigte Dissertation Promotionsausschuss: Vorsitzender: Prof. Dr. Hans-Ulrich Heiß Berichter: Prof. Dr. Radu Popescu-Zeletin Berichter: Prof. Dr. Jean-Pierre Seifert Berichter: Prof. Dr. Dimitrios Serpanos Tag der wissenschaftlichen Aussprache: 17. November 2010 Berlin 2010 D 83 ii iii Abstract The Domain Name System (DNS) is a critical infrastructure of the Internet because almost all applications that run on Internet-connected machines depend on the name resolution service it provides to work. The DNS consists of three components: the domain name space, the name servers, and the clients, formally referred to as resolvers. Due to its critical nature, the domain name space and the name servers have been for many years very attractive targets for attackers seeking to inflict widespread damage. To deal with this state of affairs, substantial attention and investment have been directed at enhancing the security of and protecting the DNS to ensure its continuous, reliable and efficient operation. This, in conjunction with a notable shift in the motivation and profile of attackers have led in recent years to a considerable change in the Internet attack landscape. Attacks have gradually become more sophisticated and focused, and financial gain has evolved into the major driving force behind them. In this new era, attackers have realised that misusing the name servers or exploiting the name resolution service comes with greater damage or economic profit than directly attacking the components of the DNS or disrupting the name resolution service. As an immediate consequence, the vast majority of Internet attacks nowadays produce an observable effect on the DNS traffic that traverses the Internet, the operation of the name servers, or in some cases on both. In the present study, it is shown that this observation opens a new and very promising perspective for effectively detecting and mitigating a wide variety of Internet attacks. To demonstrate the value of this perspective, the present study is devoted to detecting and mitigating Internet worms that along with bot software are the two major Internet threats network operators and end users face. The focus is particularly on email worms, which have been, and remain, a very popular medium for attackers to achieve their ends and, therefore, the most prevalent type of Internet worms and malicious software in general. The attackers' ends include installing bot software designed to distribute unsolicited emails or launch targeted distributed denial of service attacks, stealing private information and destroying key data. In this thesis, a method for detecting user machines that are compromised by email worms on the local name servers is introduced. The method uses clustering and similarity search over time series derived from the DNS query streams of user machines. It is demonstrated that the method overcomes the limitations of the existing methods, exhibits remarkable accuracy and negligible false alarm rate, and can be effective in the long run. In addition, a method for containing email worms is introduced. The method uses a traffic control mechanism to regulate the DNS response streams that the local name servers return to user machines and, thereby, limit the rate at which compromised user machines spread email worms further. It is shown that the method has the potential to slow down the epidemics of email worms and contribute to reducing the illegitimate email and DNS traffic compromised user machines send to the Internet with minimally, if at all, affecting their legitimate traffic. iv v Zusammenfassung Das Domain Name System (DNS) ist eine fur¨ das Internet unentbehrliche Infrastruk- tur, weil fast alle Anwendungen, die auf mit dem Internet verbundenen Maschinen laufen, von der Namensaufl¨osung, die es zur Verfugung¨ stellt, abh¨angen. Das DNS besteht aus drei Komponenten: dem Domain-Namensraum, den Nameservern und den Klienten, formal Resolver genannt. Wegen seiner kritischen Natur waren der Domain-Namensraum und die Nameserver jahrelang sehr attraktive Ziele fur¨ Angreifer, die versuchen, weit verbreiteten Schaden zuzufugen.¨ Um diesen Stand der Dinge zu uberwinden,¨ wurde große Aufmerk- samkeit auf die Verbesserung der Sicherheit sowie den Schutz des DNS gerichtet, und bedeutende Investitionen get¨atigt, um seinen durchgehenden, zuverl¨assigen und effizienten Betrieb sicherzustellen. In Verbindung mit einer bemerkenswerten Verschiebung in der Motivation und im Profil der Angreifer hat dies in den letzten Jahren zu einer betr¨achtlichen Anderung¨ in der Internet-Angriffslandschaft gefuhrt.¨ Die Angriffe wurden schrittweise verfeinert und fokussiert, und finanzieller Gewinn hat sich zur ihrer treibenden Hauptkraft entwickelt. In dieser neuen Ara¨ haben die Angreifer festgestellt, dass der Missbrauch der Nameserver oder die Ausnutzung des Namensaufl¨osungdienstes gr¨oßeren wirtschaftlichen Schaden verspricht, als direkte Angriffe auf die DNS-Komponenten oder das St¨oren des Namensaufl¨osungdienstes. Als direkte Konsequenz hat heutzutage die uberwiegende¨ Mehr- heit von Internet-Angriffen einen sichtbaren Effekt auf den DNS-Verkehr, der das Internet durchquert, auf den Betrieb der Nameserver, oder in einigen F¨allen auf beides. In dieser Studie wird demonstriert, dass diese Beobachtung eine neue und sehr viel versprechende Perspektive bietet, um viele Internet-Angriffe effektiv zu erkennen und abzuschw¨achen. Um den Wert dieser Perspektive zu demonstrieren, behandelt die vorliegende Studie die Erkennung und Abschw¨achung von Internet-Wurmern,¨ die zusammen mit Bot-Software die zwei Hauptbedrohungen fur¨ die Netzwerk-Betreiber und Endbenutzer im Internet sind. Der Fokus liegt besonders auf Email-Wurmern,¨ die ein sehr popul¨ares Mittel sind, damit Angreifer ihre Zwecke erreichen, und deshalb die uberwiegende¨ Auspr¨agung der Internet-Wurmer¨ und Schadprogramme im Allgemeinen gewesen sind und bleiben. Diese Zwecke umfassen die Installation von Bot-Software, entworfen um unaufgefordert Emails zu verteilen und gezielte verteilte Leistungsverweigerungsangriff zu starten, den Diebstahl von privaten Informationen und das Zerst¨oren von sensitiven Daten. In dieser Arbeit wird eine Methode fur¨ die Erkennung von Benutzermaschinen, die mit Email-Wurmern¨ angesteckt sind, auf dem lokalen Nameserver vorgestellt. Die Methode benutzt Clustering und Ahnlichkeitssuche¨ uber¨ Zeitreihen, abgeleitet aus DNS-Anfragestr¨omen, die Benut- zermaschinen erzeugen. Es wird gezeigt, dass sie die Beschr¨ankungen der vorhandenen Methoden uberwindet,¨ bemerkenswerte Genauigkeit und eine unwesentliche Rate von Falsch-Positiv-Meldungen erreicht und langfristig wirkungsvoll sein kann. Zus¨atzlich wird eine Methode fur¨ die Eingrenzung von Email-Wurmern¨ eingefuhrt.¨ Die Methode benutzt einen Verkehrssteuerungsmechanismus, um die DNS-Antwortstr¨ome zu regulieren, die lokale Nameserver zu den Benutzermaschinen zuruckschicken¨ und dadurch die Rate, mit der infizierte Benutzermaschinen Email-Wurmer¨ weiter verbreiten. Es wird gezeigt, dass sie das Potenzial hat, Email-Wurmepidemien zu verlangsamen und zur Verringerung von ille- gitimem Email-und DNS-Verkehr, den angesteckte Benutzermaschinen ins Internet senden, zu beitragen, mit keinem bis minimalem Einfluss auf den legitimen Benutzerverkehr. vi vii Acknowledgements Working toward a PhD is a lonely and difficult task, yet one that cannot be successfully completed without the assistance of others. My own experience was no different, and there are some people to whom I owe a great debt of gratitude. First, I would like to express my profound and most sincere gratitude to my adviser, Professor Radu Popescu-Zeletin, for his time, guidance and for offering me the opportunity to carry out my PhD research work at the Fraunhofer Institute FOKUS as well as the freedom to pursue a research topic of my own interest. I am also very thankful to Professors Jean-Pierre Seifert and Dimitrios Serpanos for their critical review and valuable suggestions on earlier versions of this thesis. I owe my deepest thanks to Associate Professor Nevil Brownlee for believing in my ideas, accepting to co-author my papers and providing constructive feedback. During my time at the Fraunhofer Institute FOKUS, I have had the pleasure and privilege to closely interact with two great students, Enric Pujol and Silke Peters. I would like to thank them for all the stimulating discussions, invaluable input and their companionship, patience and understanding in the course of this work. My appreciation and respect go to three current and former colleagues at the Fraunhofer Institute FOKUS, Ranganai Chaparadza, Thomas Hirsch and Mikhail Smirnov. Without their invaluable advice, encouragement and support in various ways and times, it would have taken me much longer to complete this work. Finally, this work would never have been possible without the unconditional love and support of my friends and family. I am particularly indebted to Ilias, Enric, Angelos, Evgenia and last, but not least, to Eleni for always being there for me as a constant source of inspiration, motivation and strength over the past years. viii Contents I Introduction, Background and Motivation1 1 Introduction3 1.1 Research Objectives............................3
Recommended publications
  • Configuring DNS

    Configuring DNS

    Configuring DNS The Domain Name System (DNS) is a distributed database in which you can map hostnames to IP addresses through the DNS protocol from a DNS server. Each unique IP address can have an associated hostname. The Cisco IOS software maintains a cache of hostname-to-address mappings for use by the connect, telnet, and ping EXEC commands, and related Telnet support operations. This cache speeds the process of converting names to addresses. Note You can specify IPv4 and IPv6 addresses while performing various tasks in this feature. The resource record type AAAA is used to map a domain name to an IPv6 address. The IP6.ARPA domain is defined to look up a record given an IPv6 address. • Finding Feature Information, page 1 • Prerequisites for Configuring DNS, page 2 • Information About DNS, page 2 • How to Configure DNS, page 4 • Configuration Examples for DNS, page 13 • Additional References, page 14 • Feature Information for DNS, page 15 Finding Feature Information Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module. Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
  • Adopting Encrypted DNS in Enterprise Environments

    Adopting Encrypted DNS in Enterprise Environments

    National Security Agency | Cybersecurity Information Adopting Encrypted DNS in Enterprise Environments Executive summary Use of the Internet relies on translating domain names (like “nsa.gov”) to Internet Protocol addresses. This is the job of the Domain Name System (DNS). In the past, DNS lookups were generally unencrypted, since they have to be handled by the network to direct traffic to the right locations. DNS over Hypertext Transfer Protocol over Transport Layer Security (HTTPS), often referred to as DNS over HTTPS (DoH), encrypts DNS requests by using HTTPS to provide privacy, integrity, and “last mile” source authentication with a client’s DNS resolver. It is useful to prevent eavesdropping and manipulation of DNS traffic. While DoH can help protect the privacy of DNS requests and the integrity of responses, enterprises that use DoH will lose some of the control needed to govern DNS usage within their networks unless they allow only their chosen DoH resolver to be used. Enterprise DNS controls can prevent numerous threat techniques used by cyber threat actors for initial access, command and control, and exfiltration. Using DoH with external resolvers can be good for home or mobile users and networks that do not use DNS security controls. For enterprise networks, however, NSA recommends using only designated enterprise DNS resolvers in order to properly leverage essential enterprise cybersecurity defenses, facilitate access to local network resources, and protect internal network information. The enterprise DNS resolver may be either an enterprise-operated DNS server or an externally hosted service. Either way, the enterprise resolver should support encrypted DNS requests, such as DoH, for local privacy and integrity protections, but all other encrypted DNS resolvers should be disabled and blocked.
  • Chapter 2. Application Layer Table of Contents 1. Context

    Chapter 2. Application Layer Table of Contents 1. Context

    Chapter 2. Application Layer Table of Contents 1. Context ........................................................................................................................................... 1 2. Introduction .................................................................................................................................... 2 3. Objectives ....................................................................................................................................... 2 4. Network application software ....................................................................................................... 2 5. Process communication ................................................................................................................. 3 6. Transport Layer services provided by the Internet ....................................................................... 3 7. Application Layer Protocols ........................................................................................................... 4 8. The web and HTTP .......................................................................................................................... 4 8.1. Web Terminology ................................................................................................................... 5 8.2. Overview of HTTP protocol .................................................................................................... 6 8.3. HTTP message format ...........................................................................................................
  • Analysis of Malware and Domain Name System Traffic

    Analysis of Malware and Domain Name System Traffic

    Analysis of Malware and Domain Name System Traffic Hamad Mohammed Binsalleeh A Thesis in The Department of Computer Science and Software Engineering Presented in Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy at Concordia University Montréal, Québec, Canada July 2014 c Hamad Mohammed Binsalleeh, 2014 CONCORDIA UNIVERSITY Division of Graduate Studies This is to certify that the thesis prepared By: Hamad Mohammed Binsalleeh Entitled: Analysis of Malware and Domain Name System Traffic and submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy complies with the regulations of this University and meets the accepted standards with respect to originality and quality. Signed by the final examining committee: Chair Dr. Christian Moreau External Examiner Dr. Nadia Tawbi Examiner to Program Dr. Lingyu Wang Examiner Dr. Peter Grogono Examiner Dr. Olga Ormandjieva Thesis Co-Supervisor Dr. Mourad Debbabi Thesis Co-Supervisor Dr. Amr Youssef Approved by Chair of the CSE Department 2014 Dean of Engineering ABSTRACT Analysis of Malware and Domain Name System Traffic Hamad Mohammed Binsalleeh Concordia University, 2014 Malicious domains host Command and Control servers that are used to instruct in- fected machines to perpetuate malicious activities such as sending spam, stealing creden- tials, and launching denial of service attacks. Both static and dynamic analysis of malware as well as monitoring Domain Name System (DNS) traffic provide valuable insight into such malicious activities and help security experts detect and protect against many cyber attacks. Advanced crimeware toolkits were responsible for many recent cyber attacks. In order to understand the inner workings of such toolkits, we present a detailed reverse en- gineering analysis of the Zeus crimeware toolkit to unveil its underlying architecture and enable its mitigation.
  • Internet Domain Name System

    Internet Domain Name System

    IINNTTEERRNNEETT DDOOMMAAIINN NNAAMMEE SSYYSSTTEEMM http://www.tutorialspoint.com/internet_technologies/internet_domain_name_system.htm Copyright © tutorialspoint.com Overview When DNS was not into existence, one had to download a Host file containing host names and their corresponding IP address. But with increase in number of hosts of internet, the size of host file also increased. This resulted in increased traffic on downloading this file. To solve this problem the DNS system was introduced. Domain Name System helps to resolve the host name to an address. It uses a hierarchical naming scheme and distributed database of IP addresses and associated names IP Address IP address is a unique logical address assigned to a machine over the network. An IP address exhibits the following properties: IP address is the unique address assigned to each host present on Internet. IP address is 32 bits 4bytes long. IP address consists of two components: network component and host component. Each of the 4 bytes is represented by a number from 0 to 255, separated with dots. For example 137.170.4.124 IP address is 32-bit number while on the other hand domain names are easy to remember names. For example, when we enter an email address we always enter a symbolic string such as [email protected]. Uniform Resource Locator URL Uniform Resource Locator URL refers to a web address which uniquely identifies a document over the internet. This document can be a web page, image, audio, video or anything else present on the web. For example, www.tutorialspoint.com/internet_technology/index.html is an URL to the index.html which is stored on tutorialspoint web server under internet_technology directory.
  • 2 | 2013 2 | Volume Issue ISSN 2190-3387 Law

    2 | 2013 2 | Volume Issue ISSN 2190-3387 Law

    2 | 2013 Volume 4 (2013) Issue 2 ISSN 2190-3387 Law and Electronic Commerce Information Technology, Intellectual Property, Journal of Articles Online Sexual Harassment: Issues & Solutions by Mohamed Chawki, Yassin el Shazly Breathing Space for Cloud-Based Business Models: Exploring the Matrix of Copyright Limitations, Safe Harbours and Injunctions by Martin Senftleben A Model Framework for publishing Grey Literature in Open Access by Matěj Myška, Jaromír Šavelka Injunctions against innocent Third Parties: The Case of Website Blocking by Martin Husovec Evaluation of the Role of Access Providers Discussion of Dutch Pirate Bay Case Law and Introducing Principles on Directness, Effectiveness, Costs, Relevance and Time by Arno R. Lodder, Nicole S. van der Meule Das Verhältnis zwischen Urheberrecht und Wissenschaft: Auf die Perspektive kommt es an! by Alexander Peukert Editors: Thomas Dreier Axel Metzger Gerald Spindler Lucie Guibault Miquel Peguera Journal of Intellectual Property, Information Technology and Table Of Contents Electronic Commerce Law Volume 4 Issue 2, August 2013 Articles www.jipitec.eu [email protected] Online Sexual Harassment: Issues & Solutions A joint publication of: by Mohamed Chawki, Yassin el Shazly 71 Prof. Dr. Thomas Dreier, M. C. J., Karlsruhe Institute of Technology, Vincenz-Prießnitz-Str. 3, Breathing Space for Cloud-Based Business Models: 76131 Karlsruhe Exploring the Matrix of Copyright Limitations, Safe Prof. Dr. Axel Metzger, LL. M., Harbours and Injunctions Exploring the Matrix of Institute for Legal Informatics,
  • Secure Shell- Its Significance in Networking (Ssh)

    Secure Shell- Its Significance in Networking (Ssh)

    International Journal of Application or Innovation in Engineering & Management (IJAIEM) Web Site: www.ijaiem.org Email: [email protected] Volume 4, Issue 3, March 2015 ISSN 2319 - 4847 SECURE SHELL- ITS SIGNIFICANCE IN NETWORKING (SSH) ANOOSHA GARIMELLA , D.RAKESH KUMAR 1. B. TECH, COMPUTER SCIENCE AND ENGINEERING Student, 3rd year-2nd Semester GITAM UNIVERSITY Visakhapatnam, Andhra Pradesh India 2.Assistant Professor Computer Science and Engineering GITAM UNIVERSITY Visakhapatnam, Andhra Pradesh India ABSTRACT This paper is focused on the evolution of SSH, the need for SSH, working of SSH, its major components and features of SSH. As the number of users over the Internet is increasing, there is a greater threat of your data being vulnerable. Secure Shell (SSH) Protocol provides a secure method for remote login and other secure network services over an insecure network. The SSH protocol has been designed to support many features along with proper security. This architecture with the help of its inbuilt layers which are independent of each other provides user authentication, integrity, and confidentiality, connection- oriented end to end delivery, multiplexes encrypted tunnel into several logical channels, provides datagram delivery across multiple networks and may optionally provide compression. Here, we have also described in detail what every layer of the architecture does along with the connection establishment. Some of the threats which Ssh can encounter, applications, advantages and disadvantages have also been mentioned in this document. Keywords: SSH, Cryptography, Port Forwarding, Secure SSH Tunnel, Key Exchange, IP spoofing, Connection- Hijacking. 1. INTRODUCTION SSH Secure Shell was first created in 1995 by Tatu Ylonen with the release of version 1.0 of SSH Secure Shell and the Internet Draft “The SSH Secure Shell Remote Login Protocol”.
  • GEMINI Fixed Dome IP Network Camera, 2-Megapixel, H.265, 60Fps HFR, 4.3X Optical Zoom, IR Leds, Indoor/Outdoor

    GEMINI Fixed Dome IP Network Camera, 2-Megapixel, H.265, 60Fps HFR, 4.3X Optical Zoom, IR Leds, Indoor/Outdoor

    FCS-3406 Version: 1 GEMINI Fixed Dome IP Network Camera, 2-Megapixel, H.265, 60fps HFR, 4.3X Optical Zoom, IR LEDs, Indoor/Outdoor The LevelOne FCS-3406 is a fixed-position outdoor camera offering an ultra-reliable, cost-effective solution for outdoor IP surveillance networks, and is rated at IP67 to operate within rain, extreme heat, snow, dust and humid conditions. Offering clear, sharp imagery with 2-Megapixel resolution and the versatility of 802.3af standard PoE to transfer power and data via a single Cat.5 cable, the LevelOne FCS-3406 should be an essential part of any security deployment that requires smart, reliable outdoor cameras. Key Features - 60 fps High Frame Rate (HFR) video in 1080p - Video compression: H.264, H.265 - Supports 4.3X optical zoom - Features WDR (Wide Dynamic Range) to enhance visibility under extremely bright or dark environments - Vandal-proof IK10-rated housing - Weatherproof IP67-rated housing - Built-in infrared LEDs for night viewing up to 30m - Built-in Micro SDHC/SDXC card slot for local storage Specifications System Specifications Standards: TCP/IP, ICMP, HTTP, HTTPS, FTP, DHCP, DNS, DDNS, RTP, RTSP, RTCP, PPPoE, NTP, UPnP, SMTP,SNMP,IGMP, 802.1X, QoS, IPv6, Bonjour Image Sensor: 1/1.8" Progressive Scan CMOS Lens: 2.8 to 12 mm motorization Port: 10/100Mbps (100Base-T) RJ45 Ethernet interface Power Connector Audio:In/Out I/O terminal block (1 DI/1 DO) 1 x MicroSDHC/ MicroSDXC card slot www.level1.com1 RS-485 interface Page 1 of 4 Button/Knob: Reset Button IR Cut Filter: Support IR LED: Up to 30m Shutter Time: 1 s to 1/100,000 s Angle of View: Horizontal field of view: 103°to 38° Vertical field of view: 54°to 21° Diagonal field of view: 124°to 44° Video Format: H.265/H.264/MJPEG Resolution: 50Hz: 50fps (1920 × 1080, 1280 × 960, 1280×720) 60Hz: 60fps (1920 × 1080, 1280 × 960, 1280×720) Output Video Format: MPEG-4 Audio Compression: G.711/G.722.1/G.726/MP2L2, 64 Kbps (G.711)/16 Kbps (G.722.1)/16 Kbps (G.726)/32 to 128 Kbps (MP2L2 Power Input: 12V DC±10%, PoE (802.3af) Power Consumption: With extra load: 12 VDC, 0.8 A, max.
  • A Diversified Set of Security Features for XMPP Communication Systems

    A Diversified Set of Security Features for XMPP Communication Systems

    International Journal on Advances in Security, vol 6 no 3 & 4, year 2013, http://www.iariajournals.org/security/ 99 A Diversified Set of Security Features for XMPP Communication Systems Useful in Cloud Computing Federation Antonio Celesti, Massimo Villari, and Antonio Puliafito DICIEAMA, University of Messina Contrada di Dio, S. Agata, 98166 Messina, Italy. e-mail: facelesti, mvillari, apuliafi[email protected] Abstract—Nowadays, in the panorama of Cloud Computing, Presence Protocol (XMPP), i.e., an open-standard commu- finding a right compromise between interactivity and security nications protocol for message-oriented middleware based is not trivial at all. Currently, most of Cloud providers base on the XML (Extensible Markup Language). On one hand, their communication systems on the web service technology. The problem is that both Cloud architectures and services the XMPP is able to overcome the disadvantages of web have started as simple but they are becoming increasingly services in terms of performance, but on the other hand complex. Consequently, web services are often inappropriate. it lacks of native security features for addressing the new Recently, many operators in both academia and industry are emerging Cloud computing scenarios. evaluating the eXtensible Messaging and Presence Protocol for In this paper, we discuss how the XMPP can be adopted the implementation of Cloud communication systems. In fact, the XMPP offers many advantages in term of real-time capa- for the development of secure Cloud communication sys- bilities, efficient data distribution, service discovery, and inter- tems. In particular, we combine and generalize the assump- domain communication compared to web service technologies. tions made in our previous works respectively regarding how Nevertheless, the protocol lacks of native security features.
  • Gemini Broadband Ku/Ka/C Satellite Router

    Gemini Broadband Ku/Ka/C Satellite Router

    Corporate Waves Primary colors Secondary colors -C Gemini Broadband Ku/Ka/C Satellite Router Enabling High Speed Broadband Services SkyEdge II-c Gemini is a compact high-throughput VSAT, designed to enable high speed broadband services while meeting cost efficiencies required by residential customers and small businesses. Gemini enables fast web browsing, video streaming, IPTV, VoIP, and other bandwidth-intensive services. Gemini is a full-featured IP router, eliminating the need for an external router via support of enhanced IP routing features such as DHCP, NAT/PAT and IGMP. Advanced application-based QoS guarantees the performance of real-time applications such as VoIP and video streaming, while also supporting other data applications. Gemini also supports next generation IPv6 networking. Gemini includes a full set of protocol optimization and application acceleration features. TCP and HTTP protocol acceleration and payload compression ensure fast Web browsing and high user Benefits experience. Gemini provides the highest level of transmission security supporting • Fast web browsing with web acceleration AES-256 bit link layer encryption with dynamic key rotation to protect and compression all user traffic, and standard IP-Sec providing end to end network layer • High quality VoIP and video security. • Simple DIY installation and automatic service activation Simple, Do-It-Yourself Installation and Service Activation • DVB-S2 ACM and DVB-RCS adaptive transmission standards Gemini is designed to support quick and reliable installation, and automatic service activation. The process requires no prior VSAT • Central monitoring and service management installation skills or technical support. • C/Ku/Ka bands The outdoor electronics and antenna are designed to simplify the assembly and mounting, and shorten the antenna pointing procedure.
  • 1 the Internet Internet Levels of Access to the Internet

    1 the Internet Internet Levels of Access to the Internet

    The Internet DS 4250 - Business Data Communications Slide 1 Internet z Collection of interconnected networks with a common protocols. 4TCP/IP z The networks are linked through various high-speed backbones. z Routing method is hierarchical. z Can follow the packet movement on Gemini 4$ mu trace www.dell.com DS 4250 - Internet Slide 2 Levels of Access to The Internet NAP National Backbone Regional Network Internet Service Provider Consumer and Business Market ¾http://www.ispworld.com/isp/bb/n_america.htm DS 4250 - Internet Slide 3 1 Internet Structure Local ISP Local ISP Regional ISP National ISP Regional ISP National ISP NAP National ISP NationalNational ISP ISP Regional ISP National ISP NationalNational ISP ISP NAP NationalNational ISP ISP NationalNational ISP ISP Regional ISP Regional ISP Local ISP Regional ISP Regional ISP Regional ISP Regional ISP Regional ISP Regional ISP MAE Local ISP Regional ISP Regional ISP Local ISP Regional ISP Local ISP Local ISP Local ISP Local ISP Local ISP Local ISP Local ISP Local ISP Figure 9-1 Basic Internet Architecture DS 4250 - Internet Slide 4 Concerns in Choosing an ISP z Examine the backbone of the provider 4Does the backbone include needed areas 4Check the speed of the network 4Examine the redundancy of the network 4What power back-ups do they have 4Connections to other providers • At least three network access points 4What is the guarantee of performance DS 4250 - Internet Slide 5 Internet Addressing z Based on the software address for each device 4A unique number for each device z Used to designate
  • Gemini Quick Start Guide 70090630

    Gemini Quick Start Guide 70090630

    Gemini Intercom Quick Start Guide 2 Gemini Quick Start Guide Contents Contents ......................................................................................... 1 Overview ......................................................................................... 3 First Step – unpack and inspect ...................................................... 3 Network plan and IP addresses ...................................................... 4 Management PC ............................................................................. 5 Install Software ............................................................................... 6 Configure the firewall ..................................................................... 7 Gateway – the Configuration Editor ............................................... 8 Gateway – Networked DSP ............................................................ 9 File Management ............................................................................ 9 Gemini – Setting the basics .......................................................... 10 Gemini – setting the identity (EDH address) ................................ 12 Restart to apply changes .............................................................. 12 Connect to your network ............................................................. 13 Active Clients Form ....................................................................... 13 Repeat for each Gemini in your system ....................................... 14 Gemini Web Browser ..................................................................