Machine Project in Infosec

Objectives

■To be able to configure, implement an open-source security tool.

■To simulate a real-world attack scenario where the security tool can be used.

■To show how to configure necessary functionalities of the security tool.

Tasks

■Each group will be assigned a specific security tool. Each group will research about the topic and download an open-source version of the tool.

■The group can use a recommended tool or look for a preferred application as long as it is open source.

■The group will configure and deploy a working prototype and simulate the functionalities of the tool with the prescribed test/s in a lab environment.

■The group will demonstrate the output in the 12th week of the term.

Tools

■Network Firewall (PFSense)

■NIDS- Network Intrusion Detection System (Snort)

■HIDS- Host Intrusion Detection System (OSSEC)

■WAF- Web Application Firewall (Iron Bee)

■Honeypot (Honeyd)

■DLP- Data Loss Prevention (OpenDLP)

■Anti Spam (SpamAssassin)

Tests

Tool Test
Firewall Allow/Block Website based on IP/hostname

Allow/Block Website based on Category

NIDS Detect a port scan

Detect a backdoor connection

HIDS Detect a keylogger

Detect a port scan

WAF Prevent a SQLi attack.

Prevent a port scan.

Honeypot Log port scan to server.

Log remote access to server.

DLP Prevent sending of email based on message

Prevent sending of email based on file type

Anti-Spam Detect SPAM based on message

Detect SPAM based on quantity

Milestones

■Week 3 – Finalization of security tool

■Week 6 – Security tool configured

■Week 7- 10 – Testing

■Week 12/13 – Project Demo + Documentation Submission

Deliverables & Grading

■Working prototype 40%

■Tests completed 40%

■Documentation 20%

Paper Format

■Abstract – Summary of your project

■Introduction – Discuss what the tool is all about

■Results and Discussion – Discuss the tests done (include screen shots)

■Conclusion – Lessons learned

Sample Projects:

Video Links

IDS- SnortV1, SnortV2, SnortV3

Honeypot – Honeybot, KFSensor

Firewall – PFSense

Documentation

NIDS (Snort, Snorby and Barnyard Installation & Configuration) – comsecinstallation

HIDS (OSSEC Installation, Configuration & Testing) – USER MANUAL OF OSSEC

SPAM Filter (MailWasher) – INFOSEC_MachineProject_MailWasher

Honeypot (Honeybot) – INFOSEC_MachineProject_Honeypot

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s