forensics capability relevant to a honeynet server, Computer Engineering

A local government organisation needs to deploy a honey net. To this end you are to deploy a honeynet based on the supplied network diagram (separate download) that should give sophisticated emulation of the network infrastructure and its servers and client PCs. You have to use the honeyd (www.honeyd.org) honeypot for the exercise.

The honeynet server has also be running an IDS and full forensic level logging. There is remote log server available on 192.168.1.1 for secured logging.

You honeynet should as a minimum

a) Emulate the network topology reliably

b) Correctly fingerprint the OS upon interrogation for every particular device

c) Have a high level of forensic integrity

d) Have appropriate countermeasures like firewalling controlling outbound connections and no outbound connection should be able to transmit more than 5MB of data in any given 24hr period

e) Have in-built reporting and escalation of suspicious events

 

Task:

a. Deploy a secured Linux Server that will run as a honeynet server having the setup and configuration of network countermeasures and forensics capability relevant to a honeynet server

b. Create the associated documentation associated with the policies and procedures relating to the deployment of the server

 

Posted Date: 3/18/2013 2:14:12 AM | Location : United States







Related Discussions:- forensics capability relevant to a honeynet server, Assignment Help, Ask Question on forensics capability relevant to a honeynet server, Get Answer, Expert's Help, forensics capability relevant to a honeynet server Discussions

Write discussion on forensics capability relevant to a honeynet server
Your posts are moderated
Related Questions
Explain about unix file system architecture

Structural Classification Flynn's classification explains the behavioural idea and doesn't take concern into the computer's structure. Parallel computers can be categorized bas


mine sweeper algorithm.

Types of Addressing Modes: Each instruction of a computer mentions an operation on certain data. There are many ways of specifying address of the data to be operated on. These

Assembler directives: An assembler directive is a statement to give direction to the assembler to perform the task of assembly process. Assembler directives control organizati

Define dynamic linking.  Dynamic linking is same to dynamic loading, rather that loading being postponed unless execution time, linking is postponed. This feature is usually us

Define Hit ratio. The performance of cache memory is frequently measured in terms of quantity called hit ratio. Hit-Find a word in cache. Miss-Word is not found in cache.

What is the function of in network access layer in TCP/IP protocol stack? Function of Network Access Layer: The network access layer is the lowest layer within Internet

Write Hit Policies: Write through o   Update next level on every write o   Cache is always clean o   A lots of traffic to next level (mostly write) Write