forensics capability relevant to a honeynet server, Computer Engineering

A local government organisation needs to deploy a honey net. To this end you are to deploy a honeynet based on the supplied network diagram (separate download) that should give sophisticated emulation of the network infrastructure and its servers and client PCs. You have to use the honeyd (www.honeyd.org) honeypot for the exercise.

The honeynet server has also be running an IDS and full forensic level logging. There is remote log server available on 192.168.1.1 for secured logging.

You honeynet should as a minimum

a) Emulate the network topology reliably

b) Correctly fingerprint the OS upon interrogation for every particular device

c) Have a high level of forensic integrity

d) Have appropriate countermeasures like firewalling controlling outbound connections and no outbound connection should be able to transmit more than 5MB of data in any given 24hr period

e) Have in-built reporting and escalation of suspicious events

 

Task:

a. Deploy a secured Linux Server that will run as a honeynet server having the setup and configuration of network countermeasures and forensics capability relevant to a honeynet server

b. Create the associated documentation associated with the policies and procedures relating to the deployment of the server

 

Posted Date: 3/18/2013 2:14:12 AM | Location : United States







Related Discussions:- forensics capability relevant to a honeynet server, Assignment Help, Ask Question on forensics capability relevant to a honeynet server, Get Answer, Expert's Help, forensics capability relevant to a honeynet server Discussions

Write discussion on forensics capability relevant to a honeynet server
Your posts are moderated
Related Questions
How do you turn off cookies for one page in your site?  Use the Cookie. Discard Property which Gets or sets the discard flag set by the server. When true, this property initiat


Execution of a full Instruction: Regard as the instruction: Add (R3), R1 Executing this particular instruction needed the below described actions: a) Fetch the

The message queue provides the information about sizes of queues under utilization of various processors. It points to size of every processor incoming message queue that would be

How are the applications of generic framework for electronic commerce performed? To perform applications, this is essential to have Supporting Information and Organizational In

Web server security through SSL (Secure Socket Layer) As it is well known that the Intranets and internet are purely based on use of powerful web servers to deliver information

Vector-Scalar Instructions In this category, when combination of vector and scalar are fetched and stored in vector register. These instructions are referred with the subsequen

How the temperature effecting the delays in a chip The delays are directly proportional to the temperature. As the temperature enhances the delays are enhances and chip wil

What are the modes in which any update tasks work? Synchronous and Asynchronous.

Explain the System Design of Object oriented modelling System Design : At this stage, the whole system model is designed. This is the phase where the complete system is divi