Machine Project in Infosec

Posted on by Justin PinedaIn Academic, Blogs, INFOSEC, Research1 Minute Read

Objectives

■To be able to configure, implement an open-source security tool.

■To simulate a real-world attack scenario where the security tool can be used.

■To show how to configure necessary functionalities of the security tool.

Tasks

■Each group will be assigned a specific security tool. Each group will research about the topic and download an open-source version of the tool.

■The group can use a recommended tool or look for a preferred application as long as it is open source.

■The group will configure and deploy a working prototype and simulate the functionalities of the tool with the prescribed test/s in a lab environment.

■The group will demonstrate the output in the 12th week of the term.

Tools

■Network Firewall (PFSense)

■NIDS- Network Intrusion Detection System (Snort)

■HIDS- Host Intrusion Detection System (OSSEC)

■WAF- Web Application Firewall (Iron Bee)

■Honeypot (Honeyd)

■DLP- Data Loss Prevention (OpenDLP)

■Anti Spam (SpamAssassin)

Tests

Tool Test
Firewall Allow/Block Website based on IP/hostname

Allow/Block Website based on Category
NIDS Detect a port scan

Detect a backdoor connection
HIDS Detect a keylogger

Detect a port scan
WAF Prevent a SQLi attack.

Prevent a port scan.
Honeypot Log port scan to server.

Log remote access to server.
DLP Prevent sending of email based on message

Prevent sending of email based on file type
Anti-Spam Detect SPAM based on message

Detect SPAM based on quantity

Milestones

■Week 3 – Finalization of security tool

■Week 6 – Security tool configured

■Week 7- 10 – Testing

■Week 12/13 – Project Demo + Documentation Submission

Deliverables & Grading

■Working prototype 40%

■Tests completed 40%

■Documentation 20%

Paper Format

■Abstract – Summary of your project

■Introduction – Discuss what the tool is all about

■Results and Discussion – Discuss the tests done (include screen shots)

■Conclusion – Lessons learned

Sample Projects:

Video Links

IDS- SnortV1, SnortV2, SnortV3

Honeypot – Honeybot, KFSensor

Firewall – PFSense

Documentation

NIDS (Snort, Snorby and Barnyard Installation & Configuration) – comsecinstallation

HIDS (OSSEC Installation, Configuration & Testing) – USER MANUAL OF OSSEC

SPAM Filter (MailWasher) – INFOSEC_MachineProject_MailWasher

Honeypot (Honeybot) – INFOSEC_MachineProject_Honeypot

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.