Intentional threats are when it is premeditated and the entity knows what it’s doing and doing it for a specific reason usually personal gain. Threats may or may not be intentional, and passive or active. This means that there is a need for security to keep out people who might steal or damage resources. The risk of threats is generally proportional to how important, valuable or useful the system or information accessed through the system is. Security Threats So there are security threats. So tools need to be developed to be able to study what Black Hats are doing to be able to protect valuable resources. People that fight Black Hats are called White Hats. People who use computers to gain access to resources illegally are called Black Hats. As with most resources there are people who exploit this connectivity for personal gain. Also networking has allowed easier access to resources such as services, information and devices connected to networks. So networking has become a very important and valuable resource which is well used by society today. A few examples are business, commerce, information transfer, advertising, banking, entertainment, shopping and education. Many everyday things that people do can be done on or enhanced by the internet. This communication between computers has allowed fast communications and easy access to information and services. This connectivity means that any computer in the world connected to the internet can potentially communicate with every other computer in the world connected to the internet. One area that most computers are used for now is networking, in the form of the internet and local networks. However there is still room to install more tools to record more data and also systems are needed to automatically integrate the data from different sources and extract useful information.įrom when computers were invented, up to today, the capabilities of computers have grown from standalone machines doing basic computations that your calculator can do, to a huge range of applications. In the end I have accomplished this and have been able to record and identify some intrusion attempts. There is also a need to collate data from different tools to be able produce summaries of events such as intrusion attempts. There is a need to expand to use a Windows system and to install tools for extensive data capture to extend the type of information that it can gather. A Honeynet has been set up at Massey University which is limited to Linux bases Honeypots. Such a network is called a Honeynet and a Honeypot is the computer that the outside world can interact with thinking it’s a normal computer. Summary There is a need to study how hackers and viruses interact with computers and so small networks can be set up to let the outside world interact with a computer while recording it undetected. Illustration index Illustration 1: Honeynet Architecture Illustration 2: vSphere Client Illustration 3: Walleye Interface Illustration 4: Windows Honeypot Illustration 5: Local Area Connection Properties Illustration 6: Internet Protocol Properties Illustration 7: Advanced Tab Illustration 8: Windows Firewall Illustration 9: Windows Firewall Illustration 10: Advanced Settings Illustration 11: ICMP Settings Illustration 12: ICMP Settings Illustration 13: WinSCP Login Illustration 14: WinSCP Illustration 15: Sebek Deployment Illustration 16: OSSEC Install Log Illustration 17: Enabling Audit Policies Illustration 18: Event Viewer Illustration 19: Event Properties Illustration 20: Log Settings Illustration 21: OSSEC Notification Example Illustration 22: Windows log Example Illustration 23: Windows Firewall Log Example Illustration 24: Wiresharkġ. OSSEC Windows security logs Firewall logs Sebek and network traffic ExampleĪppendices Appendix 1 - Project Proposal Appendix 2 - Reflections Appendix 3 - Data How to see more in your Windows box 4.5.6.1. Ossec as a intrusion detection system 4.5.5.1. Data Acquisition 4.4.3 Obtaining Information 4.5. MASSEY UNIVERSITY SCHOOL OF ENGINEERING AND ADVANCED TECHNOLOGY Engineering Project Submitted as part requirement for B.Eng (Hons).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |