Embedded Files
Scenario
Scenario
The trade of the intrusion detection analyst is to find possible attacks against their network. The past few years have witnessed significant increases in DDoS attacks on the Internet, prompting network security to become a great concern. Analysts do this by IDS logs and packet captures while corroborating with firewall logs, known vulnerabilities, and general trending data from the Internet. The IDS attacks are becoming more cultured, automatically reasoning the attack scenarios in real time and categorizing those scenarios becomes a critical challenge. These result in huge amounts of data and from this data they must look for some kind of pattern. However, the overwhelming flows of events generated by IDS sensors make it hard for security administrators to uncover hidden attack plans.
In order to become an expert penetration tester and security administrator, you must possess sound knowledge of network IPSes, IDSes, malicious network activity, and log information.
Lab Objectives
Lab Objectives
The objective of this lab is to familiarize students with IPSes and IDSes.
In this lab, you need to:
Install Snort and verify Snort alerts
Configure and validate snort.conf file
Test the working of Snort by carrying out an attack test
Perform intrusion detection
Lab Analysis
Lab Analysis
In this lab, you have learnt to familiarize students with IPSes and IDSes. Analyze and document the results related to this lab exercise. Give your opinion on your target’s security posture and exposure.
Report abuse