An intrusion detection system (IDS) is a device or software application that monitors network and/or system activities for malicious activities or policy violations and produces reports to a Management Station.
Objective
- Install and configure Snort IDS
- Run Snort as a service
- Machine names, network resources, and services
- Store snort log files to two output sources simultaneously
- Policies and passwords
Scenario
According to Amoroso, intrusion detection is a process of identifying and responding to malicious activity targeted at computing and networking resources. In addition, IDS tools are capable of distinguishing between insider attacks originating from inside the organization (coming from its own employees or customers) and external ones (attacks and the threat posed by hackers) (Source: http://www.windowsecurity.com)
In order to become an expert penetration tester and security administrator, you must possess sound knowledge of network Intrusion Prevention System (IPSes), IDSes, malicious network activity, and log information.
IDS Penetration Testing
The Security Analyst Exercises / IDS Penetration Testing contains the following Exercises:
- Detecting Intrusions Using Snort
- Intrusion Detection Using KFSensor Honeypot IDS
The Virtual Private Cloud for this Lab set utilizes:
Security Analyst Exercises are available as part of the following subscription:
Lab exercises are included for:
- TCPIP Packet Analysis
- Information Gathering
- Vulnerability Analysis
- External Penetration Testing
- Internal Network Penetration Testing
- Firewall Penetration Testing
- IDS Penetration Testing
- Password Cracking Penetration Testing
- Social Engineering Penetration Testing
- Web Application Penetration Testing
- SQL Penetration Testing