forensics capability relevant to a honeynet server, Computer Engineering

Assignment Help:

A local government organisation needs to deploy a honey net. To this end you are to deploy a honeynet based on the supplied network diagram (separate download) that should give sophisticated emulation of the network infrastructure and its servers and client PCs. You have to use the honeyd (www.honeyd.org) honeypot for the exercise.

The honeynet server has also be running an IDS and full forensic level logging. There is remote log server available on 192.168.1.1 for secured logging.

You honeynet should as a minimum

a) Emulate the network topology reliably

b) Correctly fingerprint the OS upon interrogation for every particular device

c) Have a high level of forensic integrity

d) Have appropriate countermeasures like firewalling controlling outbound connections and no outbound connection should be able to transmit more than 5MB of data in any given 24hr period

e) Have in-built reporting and escalation of suspicious events

 

Task:

a. Deploy a secured Linux Server that will run as a honeynet server having the setup and configuration of network countermeasures and forensics capability relevant to a honeynet server

b. Create the associated documentation associated with the policies and procedures relating to the deployment of the server

 


Related Discussions:- forensics capability relevant to a honeynet server

Design a BCD to excess 3 code converter using NAND gates, Design a BCD to e...

Design a BCD to excess 3 code converter using minimum number of NAND gates. Hint: use k map techniques. Ans. Firstly we make the truth table: BCD no

Capacity and performance of storage - computer architecture, Capacity: ...

Capacity: Raw capacity Total amount of stored information that a medium or storage device can hold is expressed as a quantity of bytes and bits (for example 10.4 megabyte

Explain differences between folded and non-folded network, Explain differen...

Explain differences between folded and non-folded network. Folded network: While all the inlets/outlets are connected to the subscriber lines, the logical connection shows as

Explain the term- hacking, Explain the term- Hacking    Use of passwor...

Explain the term- Hacking    Use of passwords and ids to prevent illegal access to files. Also locking the computer itself or locking computer room can help here. Encryption s

What is missing offset, Q. What is Missing offset? The xxxx in machine ...

Q. What is Missing offset? The xxxx in machine language for instruction at line 0010 is there since the assembler doesn't know DATA segment location which will be determined at

Gralands robots, You have been contacted by Jean-Luc Picard commanding offi...

You have been contacted by Jean-Luc Picard commanding officer of Star Trek: The Next Generation. The Commander needs your support to develop a software routine to simulate the Robo

Explain deadlock detection algorithm for single instance, Explain deadlock ...

Explain deadlock detection algorithm for single instance of each resource type. For single instance of each resource type the deadlock detection algorithm: (i) Maintain a wa

Determine the output of T-flipflops in cascade, If  the input to T-flipflop...

If  the input to T-flipflop is 100 Hz signal, the final output of the three T-flipflops in cascade is ? Ans. The  final  output  of  the  three  T-flip-flops in cascade is 12.5 H

Resource management techniques, a company has 4 machines to do 3 jobs.each ...

a company has 4 machines to do 3 jobs.each job can be assigned to one and only machine.determine the job assignments which will minimize the total cost

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd