An Intrusion Detection System (IDS) is a device or software application that monitors network and/or system activities for malicious activities or policy violations and produces reports to a Management Station. Some systems may attempt to stop an intrusion attempt but this is neither required nor expected of a monitoring system.
Objective
- Install and configure Snort IDS
- Run Snort as a service
- Log snort log files to Kiwi Syslog server
- Store snort log files to two output sources simultaneously
Scenario
One key feature of intrusion detection systems is their ability to provide a view of unusual activity and issue alerts notifying administrators and/or block a suspected connection. According to Amoroso, intrusion detection is a process of identifying and responding to malicious activity targeted at computing and networking resources. In addition, IDS tools are capable of distinguishing between insider attacks originating from inside the organization (coming from its own employees or customers) and external ones (attacks and the threat posed by hackers) (Source: http://www.windowsecurity.com)
In order to become an expert penetration tester and security administrator, you must have a solid understanding of network intrusion prevention system (IPSes), IDSes, malicious network activity, and log information.
Evading IDS, Firewalls and Honeypots Exercises
Ethical Hacking Exercises / Evading IDS, Firewalls and Honeypots contains the following Exercises:
- Detecting Intrusions using Snort
- Detecting Intruders and Worms using KFSensor Honeypot IDS
The Virtual Private Cloud for this Lab set utilizes:
Ethical Hacking Exercises are available as part of the following subscription:
The Exercises in this lab map to the Certified Ethical Hacker V10 Course. Each subscription provides 6 months of access to 107 Different Exercises. Each exercise contains a Scenario, Objectives, and individual step by step tasks to guide the user through all steps necessary to complete the exercise.
Lab exercises are included for:
- Footprinting and Reconnaissance
- Scanning Networks
- Enumeration
- Vulnerability Analysis
- System Hacking
- Malware Threats
- Sniffing
- Social Engineering
- Denial of Service
- Session Hijacking
- Evading IDS Firewalls and Honeypots
- Hacking Web Servers
- Hacking Web Applications
- SQL Injection
- Hacking Wireless Networks
- Hacking Mobile Platforms
- Cloud Computing
- Cryptography