forensics capability relevant to a honeynet server, Computer Engineering

A local government organisation needs to deploy a honey net. To this end you are to deploy a honeynet based on the supplied network diagram (separate download) that should give sophisticated emulation of the network infrastructure and its servers and client PCs. You have to use the honeyd (www.honeyd.org) honeypot for the exercise.

The honeynet server has also be running an IDS and full forensic level logging. There is remote log server available on 192.168.1.1 for secured logging.

You honeynet should as a minimum

a) Emulate the network topology reliably

b) Correctly fingerprint the OS upon interrogation for every particular device

c) Have a high level of forensic integrity

d) Have appropriate countermeasures like firewalling controlling outbound connections and no outbound connection should be able to transmit more than 5MB of data in any given 24hr period

e) Have in-built reporting and escalation of suspicious events

 

Task:

a. Deploy a secured Linux Server that will run as a honeynet server having the setup and configuration of network countermeasures and forensics capability relevant to a honeynet server

b. Create the associated documentation associated with the policies and procedures relating to the deployment of the server

 

Posted Date: 3/18/2013 2:14:12 AM | Location : United States







Related Discussions:- forensics capability relevant to a honeynet server, Assignment Help, Ask Question on forensics capability relevant to a honeynet server, Get Answer, Expert's Help, forensics capability relevant to a honeynet server Discussions

Write discussion on forensics capability relevant to a honeynet server
Your posts are moderated
Related Questions
Challenges Facing Operations Managers - Information Systems While information systems should be seen as tools that enable better performance their implementation also brings a

Difference between an interpreted language and a compiled language? Ans) A compiled language is written and then run by a compiler which checks its syntax and compresses it int

Artificial Neural Networks - Artificial intelligence: Decision trees, while strong, are a easy representation method. While graphical on the surface, they may be seen as disjun

What are the advantages of Hierarchical Networks? Hierarchical networks are able of handling heavy traffic where needed, and at similar time use minimal number of trunk groups

The constructed datatype of C is known as Structure is a constructed datatype of C.

Computer have many type of memory like primary memory , Auxiliary memory ,  Cache memory , buffer memory ,virtual memory , The work of all memory heterogeneously primary memory

Define user mode and Kernel mode Kernel is a private mode in that no limitation is imposed on the kernel of system. Kernel may be use all the information of the processor, oper

Give brief explanation about the keyboards Keyboards are generally not offered as the number of options is limited and owners of the system do not want customers keying in info

Assume that you are working in a software company as a programmer and a bank is your company's client. The Bank is a most popular and one of the leading banks in Malaysia. Your

Explain the Quantization error of an ADC. Ans. Quantization error- An analog voltage is within the range of 0 to 1V and for 3 bit output, the size of all intervals are