forensics capability relevant to a honeynet server, Computer Engineering

A local government organisation needs to deploy a honey net. To this end you are to deploy a honeynet based on the supplied network diagram (separate download) that should give sophisticated emulation of the network infrastructure and its servers and client PCs. You have to use the honeyd (www.honeyd.org) honeypot for the exercise.

The honeynet server has also be running an IDS and full forensic level logging. There is remote log server available on 192.168.1.1 for secured logging.

You honeynet should as a minimum

a) Emulate the network topology reliably

b) Correctly fingerprint the OS upon interrogation for every particular device

c) Have a high level of forensic integrity

d) Have appropriate countermeasures like firewalling controlling outbound connections and no outbound connection should be able to transmit more than 5MB of data in any given 24hr period

e) Have in-built reporting and escalation of suspicious events

 

Task:

a. Deploy a secured Linux Server that will run as a honeynet server having the setup and configuration of network countermeasures and forensics capability relevant to a honeynet server

b. Create the associated documentation associated with the policies and procedures relating to the deployment of the server

 

Posted Date: 3/18/2013 2:14:12 AM | Location : United States







Related Discussions:- forensics capability relevant to a honeynet server, Assignment Help, Ask Question on forensics capability relevant to a honeynet server, Get Answer, Expert's Help, forensics capability relevant to a honeynet server Discussions

Write discussion on forensics capability relevant to a honeynet server
Your posts are moderated
Related Questions
Explain the Advantages of High Level Languages? The major advantage of high-level languages over low-level languages is that they are easier to write, read, and maintain. Ultim

any ideas about senior project topic

Explain the generic framework for electronic commerce along with suitable diagram? Generic Framework for electronic commerce comprises the Applications of EC (as like banking,

What are advantages and disadvantages of using EEPROM? The benefits are that EEPROM do not have to be removed for erasure. Also it is possible to delete the cell contents selec

Control Unit (CU)  : Every PEs are under the control of one control unit. CU controls the inter communication among the PEs. There is a local memory of CU also known as CY memory.

Dimensionality of Interconnection Network Dimensionality signify the arrangement of nodes or processing elements in an interconnection network. In linear network or one dimensi

Explain a macro Macro is a preprocessor directive, also called as macro definition takes the following general form:  #define identifier string

SCSI Bus:   Defined by ANSI - X3.131   50, 68 or 80 pins   Max. transfer rate - 160 MB/s, 320 MB/s. SCSI Bus Signals   Small Computer System Interface

Discuss about Simple Mail Transfer Protocol briefly. SMTP: It is sands for Simple Mail Transfer Protocol, is a protocol for sending e-mail messages among servers. Most e-

When Workday opened in 2005, the company had no idea it would be regarded as the most successful IPO of 2012. The introduction of cloud computing into the HR and financial systems