onsdag den 27. oktober 2010

Project ITS (IDS/IPS setup) 2

Group:
Simon Arndal, David Herreborg and Georgi Petrov

Content (Project ITS - IDS/IPS setup):
Todays demonstration covered a basic review of the project and it's different parts, with focus on the internal network. After a brief presentation of the content and idea so far, a demonstration was conducted. This demo involved an apache server, PHPmyadmin, MySql, a switch and the software HSLAB. The below screenshots shows some examples from the demonstration:

Screenshot of HSLAB HTTP Monitor Lite working (in some way)
---This piece of software didn't work as we would like it to. Therefore another software is being searched for and will eventually be implementet when found.























Screenshot of Apache server running









Screenshot of MySQL database working














Timeline (PROGRESS):
Done so far:
- Hardware requirements fullfilled (except one missing NIC)
- Software required installed (open source programs used)
- pfSense installed (Router/firewall software)
- Apache and MySQL are up and running (Webserver and Database)
- phpMyAdmin installed and works (Graphical User Interface for the MySQL database)
- HSLAB HTTP Monitor Lite installed (Apache monitoring software)
- Set up HSLAB HTTP Monitor Lite
- Done research about snort + snort together with pfSense
- Presentation of work so far and basic idea. 27/10-2010 kl. 09:56
- Setup Weblog Expert Lite (Software that replaces the HSLAB) and it is working.

What to do: (new tasks: output in green)
- Find another solution for monitoring the Apache server traffic internally (Simon)
- Make the Apache and MySQL more reliable (Simon)
- Add a Network Interface Card to the pfSense machine (David)
- Install snort package for pfSense (Georgi)
- Add rules to the snort IPS system (Common task)
- Decide on whether pfSense is the right system for us to use (Common task)
- Search for another piéce of software to monitor the apache server. (Simon)
- Make a installation in virtualbox and try setting up and add rules to Pfsense. (common task)

Presentation(s):
Upcomming presentation: 28th of October 2010
About: Demonstration of the rules added in the "virtual setup" Pfsense and show the new monitoring software for the apache server(Weblog Expert Lite).

Indsendt af kl.

2 kommentarer:

  1. Anonym27. oktober 2010 kl. 07.48

    Good stuff. This is status as I understand it.
    And a list of upcoming stuff. nice.

    Does green signify stuff that will be described in a blog entry?

    SvarSlet
  2. Simon Arndal27. oktober 2010 kl. 11.24

    Yaaaay!

    Well, the green stuff signifies new tasks added compared to the last blog entry. The black describes tasks mentioned earlier but still not solved.
    So yes, the green stuff actually decribes what ever we are going to write about in the upcomming blog entries.

    SvarSlet

Abonner på: Kommentarer til indlægget (Atom)