La relazione descrive le attività di penetration testing condotte in ottemperanza all'incarico conferito dal direttore dell'Istituto di Informatica e Telematica del CNR (IIT-CNR), con l'obiettivo di valutare la sicurezza delle risorse informatiche presso l'IIT-CNR (sede di Pisa), al fine di prevenire potenziali impatti negativi derivanti dalle minacce cibernetiche.

Optimal Quality of Service (QoS) and efficient traffic management in 5G Non-Terrestrial Networks (NTNs) rely on the effective orchestration of communication between the various network elements. Through real-time monitoring of the 5G infrastructure, we can derive signi

This document serves as a comprehensive overview of the 5G research infrastructure developed for the TRANTOR project, a 3-year initiative nanced by the HORIZON EUROPE program that concentrates on the forward trajectory of 5G Non-Terrestrial Network (NTN) evolution, heading towards 6G systems. The goal of the infrastructure is to facilitate and deeply investigate the Quality of Service (QoS) and traffic management in NTN associated with 5G systems and to develop new functionalities as foreseen by the TRANTOR project. The experimental network infrastructure is based on the open-source free5GC project, further complemented by a standalone implementation of a 5G RAN (Radio Access Network, also known as gNodeB) and multiple 5G UE (User Equipment) using UERANSIM, an open source state-of-the-art 5G UE and gNodeB simulator. Detailed overview and use cases of the deployed 5G infrastructure are also described.

The rapid advancements in Low Earth Orbit (LEO) satellite technologies promise high bandwidth and lower costs, making them crucial components for the future 6G networks. However, these orbits introduce a range of challenges not present in traditional Geosynchronous Orbit (GEO) systems, such as mobility issues, smaller coverage areas, and the need for inter-satellite communications. Within the scope of the TRANTOR project, we aim to investigate the complexities and peculiarities involved in utilizing LEO satellites for global communications. In this technical paper we will focus on reviewing the dynamic traffic and Quality of Service (QoS) management of NTN networks primarily being based on the 3GPP document "Technical Specification Group Radio Access Network; Solutions for NR to support non-terrestrial networks, NTN, Release 16" (3GPP TR 38.821 V16.1.0 (2021-05)).

This document explores control and monitoring mechanisms commonly employed in Ethernet-based network infrastructures, aiming to provide a comprehensive understanding of their functionality. It presents practical script examples that utilize scapy, a powerful and user-friendly Python library for sensing and manipulating network packets. The showcased scripts focus on essential functionalities such as ARP monitoring, IPv4 collision detection, and rogue DHCP server detection. By examining these examples, readers can gain a comprehensive understanding of how these mechanisms contribute to network control and maintenance. The main objective is to offer valuable insights and practical applications of these mechanisms within Ethernet-based network infrastructures.

The 2D Random Movement Simulator is a minimal web application for locally simulating the random movement of random points in a 2D space on a canvas. The application allows users to display distances between these points, with different colors indicating the level of safety: - green for okay distances; - yellow for alerting distances; - red for danger distances.

This document provides a comprehensive analysis of the MIRAI botnet, a sophisticated malware that specifically targets vulnerable Internet of Things (IoT) devices. The analysis focuses on the bot's infection process, key features, PRNG implementation, information storage, execution flows and loader's functionalities. The MIRAI botnet demonstrates a high level of automation and adaptability, employing scanning techniques and various attack vectors to compromise IoT devices. The PRNG implementation utilizes the Xorshift128 algorithm, optimized for resource-constrained IoT devices. The storage of crucial information within the bot is examined, highlighting the use of obfuscation techniques. The execution flows involve processes for network scanning, attack coordination and attempts to gain unauthorized access using default credentials. The loader component operates with a multi-threaded architecture, efficiently managing the infection process. Additionally, the document explores the loader's features, such as selecting appropriate executables based on hardware architectures and utilizing different file upload methods. These insights shed light on the complexity and versatility of the MIRAI botnet, emphasizing the need for robust security measures. Manufacturers and users are encouraged to prioritize strong passwords, regular firmware updates and network segmentation to mitigate the risks posed by this malicious botnet.

Con riferimento al mondo Ubuntu e ai sistemi basati su Debian, il prodotto fornisce una panoramica sui concetti fondamentali dei sistemi Linux. Successivamente, si concentra sulla descrizione del filesystem di un sistema Linux che è conforme allo standard Filesystem Hierarchy Standard. Infine, vengono introdotti e descritti oltre 50 comandi utilizzabili in un'interfaccia a riga di comando basata su Bash.

This document presents a comprehensive solution for deploying an open-source AAA infrastructure using MariaDB, FreeRADIUS and daloRADIUS on dedicated instances of Debian 11. The architecture overview provides a clear understanding of the interactions between each component, establishing a foundation for the implementation of an AAA infrastructure. The presented infrastructure is intended to fulfill the requirements of Internet Service Providers (ISPs) globally, offering a cost-effective and highly customizable alternative to proprietary solutions. By leveraging the advantages of open-source technology in network management, the infrastructure enables ISPs to manage remote hotspots and other use cases with high customizability. Additionally, this document seeks to encourage the adoption of open-source technology solutions in the field of network management.

kesire is a simple shell script (~200 lines of code) designed to simplify the process of generating a private key and a Certificate Signing Request (CSR) using OpenSSL. The script's name is derived from key signing request, as that is its primary purpose. By simply running the script, users can quickly generate a private key and a CSR with minimal input, making it easy to request a certificate from a Certificate Authority. The script is compatible with both Linux and macOS operating systems and requires OpenSSL to be installed on the user's machine.

La presente relazione fornisce un report dettagliato delle misure di sicurezza implementate per proteggere un'applicazione PHP pre-esistente ospitata su un server Apache 2. Le azioni intraprese comprendono la configurazione avanzata del server Apache, l'adozione di comunicazioni crittografate tramite il protocollo HTTPS, l'eliminazione di accessi secondari non necessari, la correzione di vulnerabilità nel codice PHP, la sicurezza dei cookie e la mitigazione dell'attacco Slowloris attraverso l'utilizzo del modulo di protezione antiloris di Apache. L'obiettivo principale di tali misure è garantire un ambiente applicativo sicuro, proteggendo l'applicazione da potenziali minacce e vulnerabilità. Questa relazione fornisce una panoramica completa delle modifiche apportate e delle soluzioni adottate per incrementare il livello di sicurezza informatica dell'applicazione.

Partecipazione in qualità di esperti alla 63-esima puntata della trasmissione radiofonica Alfabeto Digitale dell'emittente Punto Radio. La puntata, andata in onda Martedì 15 marzo 2022, era dedicata ad uno dei risvolti più preoccupanti e attuali della cyber security: la cyberwar.

Il presente report mostra i risultati derivanti dall'analisi dei certificati TLS/SSL server rilasciati dal servizio di emissione certificati digitali X.509 offerto dal CNR nel corso dell'anno 2022. Il CNR, in quanto ente membro della comunità GARR, fornisce ai propri utenti il servizio di emissione gratuita di certificati digitali X.509, garantiti da Sectigo Limited, una delle principali certification authorities commerciali con riconoscimento di trusted CA. Il report fornisce informazioni dettagliate sul numero di certificati rilasciati, scaduti e revocati mensilmente, la distribuzione dei domini inclusi nei certificati e la loro suddivisione in domini CNR e non CNR. Inoltre, il report analizza la distribuzione dei domini inclusi nei certificati sulla base del domain level. Il servizio offerto dal CNR è accessibile tramite un portale online dedicato. Un'assistenza tecnica via email è disponibile per supportare gli utenti nelle richieste di emissione dei certificati e in generale nell'uso del servizio. Benché il servizio offra una vasta gamma di certificati digitali, il report si concentra esclusivamente sulla presentazione delle statistiche relative ai certificati di tipo TLS/SSL server.

Il portale informativo fornisce informazioni sul servizio di emissione certificati SSL/TLS offerto agli utenti CNR

The article provides technical details on a security issue discovered in daloRADIUS (https://github.com/lirantal/daloradius), along with the patch to apply for correcting the issue. In particular, all versions of daloRADIUS prior to the master branch transmit the session cookie (i.e. PHPSESSID) without setting the HttpOnly flag. The problem could cause JavaScript (e.g., using document.cookies) to access the PHPSESSID cookie value on the browser side.

The goals of this presentation are: introduce file disclosure vulnerability (how can it impact on a system?), introduce paths, introduce path traversal attacks and discuss some possible fixes and mitigations.

The goal of this presentation is illustrate how server-side request forgery works.

The goals of this presentation are: outline the concept of injection from the perspective of web security, introduce common command injections techniques, introduce various coding injections techniques and discuss some possible fixes and mitigations.

The goals of this presentation are: list some useful tools commonly used in web security and introduce preliminary concepts for the use of the tools.

The goals of this presentation are: introduce the history of the HTTP, illustrate the key features of the protocol, provide a definition of web security and provide a classification of attacks.