A local government organisation needs to deploy a honey net. To this end you are to deploy a honeynet based on the supplied network diagram (separate download) that should give sophisticated emulation of the network infrastructure and its servers and client PCs. You have to use the honeyd (www.honeyd.org) honeypot for the exercise.

The honeynet server has also be running an IDS and full forensic level logging. There is remote log server available on 192.168.1.1 for secured logging.

You honeynet should as a minimum

a) Emulate the network topology reliably

b) Correctly fingerprint the OS upon interrogation for every particular device

c) Have a high level of forensic integrity

d) Have appropriate countermeasures like firewalling controlling outbound connections and no outbound connection should be able to transmit more than 5MB of data in any given 24hr period

e) Have in-built reporting and escalation of suspicious events

 

Task:

a. Deploy a secured Linux Server that will run as a honeynet server having the setup and configuration of network countermeasures and forensics capability relevant to a honeynet server

b. Create the associated documentation associated with the policies and procedures relating to the deployment of the server

 

Posted Date: 3/18/2013 2:14:12 AM | Location : United States

Ask an Expert

Related Discussions:- forensics capability relevant to a honeynet server, Assignment Help, Ask Question on forensics capability relevant to a honeynet server, Get Answer, Expert's Help, forensics capability relevant to a honeynet server Discussions

Write discussion on forensics capability relevant to a honeynet server
Your posts are moderated

Write your message here..

Related Questions

Determine the decimal equivalent of binary 1100 ?, The decimal equivalent o... The decimal equivalent of (1100) 2   is ? Ans. (1100) 2 = (12) 10

What is external interrupt, External Interrupt: Interrupt signal came ... External Interrupt: Interrupt signal came from input-output devices connected external to processor. These interrupts depend on external conditions that are independent of the

Explain what is internal modems, Q. Explain what is Internal Modems ? I... Q. Explain what is Internal Modems ? Internal Modems: Internal Modems plug in expansion slots in your PC. Internal Modems are efficient andcheap. Internal Modems are bus-specif

Create perl scripts, Create Perl scripts as required below: a) Create a ... Create Perl scripts as required below: a) Create a script named select_by_attribute.pl that accepts the name of a LibML documentand the name of a particular attribute from the c

Explain about the voice recognition system, Explain about the Voice recogni... Explain about the Voice recognition system These voice recognition systems recognise spoken words e.g. for disabled people who can't use keyboards where they speak commands rat

Explain about layout cells, Q. Explain about Layout Cells? In Layout vi... Q. Explain about Layout Cells? In Layout view you can draw layout cells and layout tables to define design areas of a document. This task is easier to accomplish if you prepare

What is hyper-threading, Hyper-threading officially known as Hyper-threadin... Hyper-threading officially known as Hyper-threading Technology (HTT) is Intel's trademark for their functioning of simultaneous multithreading technology on Pentium 4 micro-archite

What is the main function of a browser, The main function of a browser is t... The main function of a browser is to? The important function is to interpret HTML of a browser.

Components of a 3-tier client server, What are the essential components of ... What are the essential components of a 3-tier client server In a three-tier or multi-tier environment, the client executes the presentation logic (the client). The business log

How to convert binary to octal and hexadecimal, Q. How to convert Binary to... Q. How to convert Binary to Octal and Hexadecimal? Rules for these conversions are simple. For converting binary to octal binary number is splitted in groups of three, that are