forensics capability relevant to a honeynet server, Computer Engineering

Assignment Help:

A local government organisation needs to deploy a honey net. To this end you are to deploy a honeynet based on the supplied network diagram (separate download) that should give sophisticated emulation of the network infrastructure and its servers and client PCs. You have to use the honeyd (www.honeyd.org) honeypot for the exercise.

The honeynet server has also be running an IDS and full forensic level logging. There is remote log server available on 192.168.1.1 for secured logging.

You honeynet should as a minimum

a) Emulate the network topology reliably

b) Correctly fingerprint the OS upon interrogation for every particular device

c) Have a high level of forensic integrity

d) Have appropriate countermeasures like firewalling controlling outbound connections and no outbound connection should be able to transmit more than 5MB of data in any given 24hr period

e) Have in-built reporting and escalation of suspicious events

 

Task:

a. Deploy a secured Linux Server that will run as a honeynet server having the setup and configuration of network countermeasures and forensics capability relevant to a honeynet server

b. Create the associated documentation associated with the policies and procedures relating to the deployment of the server

 


Related Discussions:- forensics capability relevant to a honeynet server

Differentiate between $display and $strobe, Differentiate between $display ...

Differentiate between $display and $strobe These commands have similar syntax, and display text on screen during simulation. $display and $strobe display once every time they a

Importance of spectrum to the mobile sector, (a) The statement "Standards ...

(a) The statement "Standards create markets or markets create standards" has been the subject of considerable debate. Discuss the advantages and disadvantages to having multiple

Describe clusters in cellular systems, Question: a) With the help of a...

Question: a) With the help of a diagram, describe clusters in cellular systems. b) Describe the role of the following components in the GSM architecture Radio Sub-Sy

What is an unsigned integer constant, What is an unsigned integer constant?...

What is an unsigned integer constant? An integer constant is the number in the range of - 32768 to + 32767; because an integer constant always gets two bytes in memory and in t

Personal computing environment, Reply and discuss the role of the SAS 70 re...

Reply and discuss the role of the SAS 70 report in reviewing internal controls. Provide publicly available examples of SAS 70 reports and explain. Problem Discuss the

Which 802 standard provides for a collision free protocol, Which 802 standa...

Which 802 standard provides for a collision free protocol? 802.5 standard gives for a collision free protocol.

Illustration of disk formatting, Q. Illustration of disk formatting? An...

Q. Illustration of disk formatting? An illustration of disk formatting is displayed in Figure below. In this case every track comprises 30 fixed-length sectors of 600 bytes eac

In virtual memory system addresses used by the programmer, In a virtual mem...

In a virtual memory system, the addresses used by the programmer refers to  (A) Memory space.               (B) Physical addresses.   (C) Address space.                (D) M

Why object oriented development not only allows reuse, Why object oriented ...

Why object oriented development not only allows reuse In a wider way we can say that object oriented development not only allows reuse and information sharing within an applica

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd