Project ITS (IDS/IPS setup)

Group:
Simon Arndal, David Herreborg and Georgi Petrov

Basic idea (Project ITS - IDS/IPS setup):
The main purpose of this project is for us to set up a system containing an Intrusion Dection System and an Intrusion Prevention System.
We have chosen to use the pfSense system as our Gateway and DHCP server, which also contains the IDS and IPS at the same time.
Furthermore we will implement a switch in the network layout to be able to monitor the system parallel with a running server (more specific an Apache Web Server and a MySQL database).



Timeline (PROGRESS):
Done so far:
- Hardware requirements fullfilled (except one missing NIC)
- Software required installed (open source programs used)
      - pfSense installed (Router/firewall software)
      - Apache and MySQL are up and running (Webserver and Database)
      - phpMyAdmin installed and works (Graphical User Interface for the MySQL database)
      - HSLAB HTTP Monitor Lite installed (Apache monitoring software)

What to do:
- Set up HSLAB HTTP Monitor lite                                   (Simon)
- Add a Network Interface Card to the pfSense machine    (David)
- Research about snort                                                       (Georgi / David)
- Install snort package for pfSense                                      (Georgi)
    - Add rules to the snort IDS/IPS system                         (Common task)


Presentation(s):
Upcomming presentation: The 27th of October 2010
                            About: This presentation will contain a demonstration of the "Internal network" in
                                       operating mode and monitoring the traffic.