forensics capability relevant to a honeynet server, Computer Engineering

A local government organisation needs to deploy a honey net. To this end you are to deploy a honeynet based on the supplied network diagram (separate download) that should give sophisticated emulation of the network infrastructure and its servers and client PCs. You have to use the honeyd (www.honeyd.org) honeypot for the exercise.

The honeynet server has also be running an IDS and full forensic level logging. There is remote log server available on 192.168.1.1 for secured logging.

You honeynet should as a minimum

a) Emulate the network topology reliably

b) Correctly fingerprint the OS upon interrogation for every particular device

c) Have a high level of forensic integrity

d) Have appropriate countermeasures like firewalling controlling outbound connections and no outbound connection should be able to transmit more than 5MB of data in any given 24hr period

e) Have in-built reporting and escalation of suspicious events

 

Task:

a. Deploy a secured Linux Server that will run as a honeynet server having the setup and configuration of network countermeasures and forensics capability relevant to a honeynet server

b. Create the associated documentation associated with the policies and procedures relating to the deployment of the server

 

Posted Date: 3/18/2013 2:14:12 AM | Location : United States







Related Discussions:- forensics capability relevant to a honeynet server, Assignment Help, Ask Question on forensics capability relevant to a honeynet server, Get Answer, Expert's Help, forensics capability relevant to a honeynet server Discussions

Write discussion on forensics capability relevant to a honeynet server
Your posts are moderated
Related Questions
State the advantages of Bespoke Software -  specifically designed for application and hence more efficient and will only contain the features wanted; as it will be devoid of

Q.  Develop a program, which reads Hexadecimal number from an input file & convert it into Octal, Binary, and Decimal. The O/P should be written to a file & displayed accordingly.

How many address bits are required to represent 4K memory ? Ans. 12 address bits are required for representing 4K memory, as 4K = 2 2 x 2 10   = 2 12 Therefore 1K = 1024


Application layer (layer 4) in TCP/IP model corresponds to? In OSI model, application layer (layer 4) in TCP/IP model corresponds to layer 6 and layer 7.

Address translation with dynamic partition : Given figure shows the address translation process with dynamic partitioning, where the processor provides hardware support for

What is the advantage of buffering? Is buffering always effective? Justify your answer with help of an example. I/O buffer: One type of input-output requirement arises from d

Q. Using Library methods returns number of threads? #include void subdomain(float x[ ], int istart, int ipoints) { int i; for (i = 0; i x[istart+i] = 123.456;

Address 192.5.48.3 belongs to? Address 192.5.48.3 belongs to class C.

Explain the term- Cycle Based Simulator This is a Digital Logic Simulation method which eliminates unnecessary calculations to achieve huge performance gains in verifying Bool