forensics capability relevant to a honeynet server, Computer Engineering

A local government organisation needs to deploy a honey net. To this end you are to deploy a honeynet based on the supplied network diagram (separate download) that should give sophisticated emulation of the network infrastructure and its servers and client PCs. You have to use the honeyd ( honeypot for the exercise.

The honeynet server has also be running an IDS and full forensic level logging. There is remote log server available on for secured logging.

You honeynet should as a minimum

a) Emulate the network topology reliably

b) Correctly fingerprint the OS upon interrogation for every particular device

c) Have a high level of forensic integrity

d) Have appropriate countermeasures like firewalling controlling outbound connections and no outbound connection should be able to transmit more than 5MB of data in any given 24hr period

e) Have in-built reporting and escalation of suspicious events



a. Deploy a secured Linux Server that will run as a honeynet server having the setup and configuration of network countermeasures and forensics capability relevant to a honeynet server

b. Create the associated documentation associated with the policies and procedures relating to the deployment of the server


Posted Date: 3/18/2013 2:14:12 AM | Location : United States

Related Discussions:- forensics capability relevant to a honeynet server, Assignment Help, Ask Question on forensics capability relevant to a honeynet server, Get Answer, Expert's Help, forensics capability relevant to a honeynet server Discussions

Write discussion on forensics capability relevant to a honeynet server
Your posts are moderated
Related Questions
Define Google calendar Google Calendar is free, full featured, and easy to use. It lets the user create both personal and shared calendars, which makes it ideal for tracking bu

You are required to review the system-wide security settings on our SAP system. The data file RSPARAM contains an extract from the client's system. You are to produce a report (

Explain pass-1 algorithm of passes used in two-pass assembler? Pass I: (i) Separate the symbol, operand fields and mnemonic opcode (ii) Make the symbol table (iii)

Explain clearly the four stages in the Rapid Application Development

How numbering plan is achieved in modern telephony? Give the structure with example. The objective of numbering plan is to uniquely identify every subscriber connected to a tel

Q. Write a menu driven program to perform addition and subtraction in base 5. Check that entered numbers are in base 5 or not else error message should be displayed.

Q. Explain about Interrupt-Processing Sequence? The occurrence of an interrupt fires a numbers of events both in processor hardware and software. Figure below displays a sequen

Which of the memories stores the most number of bits ? Ans. 5Mx8 = 5 x 220 x 8 = 40M (max).

Give the decription of user case A use case is a description of the set of the sequence of actions which a system performs to produce an observable result which is of a value t

Class is a user-defined data type in C++. It can be formed to solve a particular kind of problem. After creation the user require not know the specifics of the working of a class.