forensics capability relevant to a honeynet server, Computer Engineering

A local government organisation needs to deploy a honey net. To this end you are to deploy a honeynet based on the supplied network diagram (separate download) that should give sophisticated emulation of the network infrastructure and its servers and client PCs. You have to use the honeyd (www.honeyd.org) honeypot for the exercise.

The honeynet server has also be running an IDS and full forensic level logging. There is remote log server available on 192.168.1.1 for secured logging.

You honeynet should as a minimum

a) Emulate the network topology reliably

b) Correctly fingerprint the OS upon interrogation for every particular device

c) Have a high level of forensic integrity

d) Have appropriate countermeasures like firewalling controlling outbound connections and no outbound connection should be able to transmit more than 5MB of data in any given 24hr period

e) Have in-built reporting and escalation of suspicious events

 

Task:

a. Deploy a secured Linux Server that will run as a honeynet server having the setup and configuration of network countermeasures and forensics capability relevant to a honeynet server

b. Create the associated documentation associated with the policies and procedures relating to the deployment of the server

 

Posted Date: 3/18/2013 2:14:12 AM | Location : United States







Related Discussions:- forensics capability relevant to a honeynet server, Assignment Help, Ask Question on forensics capability relevant to a honeynet server, Get Answer, Expert's Help, forensics capability relevant to a honeynet server Discussions

Write discussion on forensics capability relevant to a honeynet server
Your posts are moderated
Related Questions
Episodes - artificial intelligence: If an agent's current choice of action not based on its past reactions, then the environment is known as episodic. In the non-episodic envi

what are the feasibility study of online result management system?

Many medium-to-large information services units for modern business have reorganized to be decentralized with an emphasis on dynamic teams andempowerment. In modern business system

The number and nature of registers is a major factor which distinguishes among computers. For illustration, Intel Pentium has about 32 registers. A number of these registers are sp

Q. What is Bus arbitration? In this technique, I/O interface first needs to control bus and only after that it can request for an interrupt. In this technique because only one

Q. Characteristics of input- output channels? The I/O channel represents an extension of DMA concept. An I/O channel has ability to execute I/O instructions that gives complete

Q. Origin of RISC? In the 1980s a new philosophy developed having optimizing compilers which could be used to compile 'normal' programming languages down to instructions which

Artificial intelligence ( AL) is a field of science and technology based on disciplines such as computer science biology psychology linguistics mathematics and engineering. The g

The field SY-STEPL refers to The index of the screen table row that is presently being processed.  The system variable SY-stepl only has a meaning within the confines of LOOP.

for calculating simple interest