Group:
Simon Arndal, David Herreborg and Georgi Petrov
Status 10/11-2010
Timeline (PROGRESS):
Done so far:
--> 27/10-2010 <--
- Hardware requirements fullfilled (except one missing NIC)- Software required installed (open source programs used)
- pfSense installed (Router/firewall software)
- Apache and MySQL are up and running (Webserver and Database)
- phpMyAdmin installed and works (Graphical User Interface for the MySQL database)
- HSLAB HTTP Monitor Lite installed (Apache monitoring software)
- Set up HSLAB HTTP Monitor Lite.
- Done research about snort + snort together with pfSense.
- Presentation of work so far and basic idea. --> kl. 09:56
--> 28/10-2010 <--
- Network interface card has been inserted to the pfSense PC.
- Presentation of the progress and the setup of "Caps WebDesign" --> kl. 12:23
- Find another solution for monitoring the Apache server traffic internally (Simon)
- Make the Apache and MySQL more reliable (Simon)
--> 01/11-2010 <--- Add rules to the snort IPS system (Common task)
- Decide on whether pfSense is the right system for us to use (Common task)- Add a Network Interface Card to the pfSense machine (David)
- Install snort package for pfSense (Georgi)
- Setup Weblog Expert Lite (Software that replaces the HSLAB) and it is working.
--> 01/11-2010 <--
- We have chosen to move on with pfSense and Snort together.
- Get snort to work probberaly
-->02/11-2010<--
- Tested where the snort was placed in the setup. (before the firewall)
- Figured out how the blocked function operates (update time)
- Proved that the setup is now reliable
-->03/11-2010<--
- Demonstration of the progress 09:05
- Search for common server vulnerbilities
- Search for metasploits
- Find interesting metaspoilts
-->05/11-2010<--
- Installed the Apache Tomcat web server version 5.5
- Find out what is metasploit
- Found a metasploit and tested with succes
-->08/11-2010<--
- Become more familiar with the exploits and cary out more tests.
- Agree of a concept we want to use realted to the intruders social engineering part
-->10/11-2010<--
- Encountered troubles with snort and its rules setup
- Decided on a alternative prevention technique involving the software FSecure
- Installed FSecure software on Apache Tomcat Machine
- Did capturing of the different stages of the system
- Decided on the social engineering concept
- Set up a internal mail server
- Tested mail server with a PHP trick script containing a mail formular
- Try different methods of using the Apache Tomcat exploit (eg. retrieve data)
- Prepare the final demonstration (The Director's Cut)
Demonstration:
- The 12th of November 2010
- Final result of the project. A guided journey through our well-done project containing both good and bad stories.
Ingen kommentarer:
Send en kommentar