An intrusion detection system (IDS) is a device or software application that monitors network and/or system activities for malicious activities or policy violations and produces reports to a Management Station.

Objective

The objective of this lab is to help students learn and detect intrusions in a network, log, and view all log files. In this lab, you will learn how to:
IDS Penetration Testing
  • Install and configure Snort IDS
  • Run Snort as a service
  • Machine names, network resources, and services
  • Store snort log files to two output sources simultaneously
  • Policies and passwords

Scenario

Due to a growing number of intrusions and since the Internet and local networks have become so ubiquitous, organizations are increasingly implementing various systems that monitor IT security breaches. Intrusion Detection Systems (IDSes) are those that have recently gained a considerable amount of interest. An IDS is a defense system that detects hostile activities in a network. The key is then to detect and possibly prevent activities that may compromise system security, or a hacking attempt in progress including reconnaissance/data collection phases that involve, for example, port scans. One key feature of intrusion detection systems is their ability to provide a view of unusual activity and issue alerts notifying administrators and/or block a suspected connection.

 

According to Amoroso, intrusion detection is a ¬úprocess of identifying and responding to malicious activity targeted at computing and networking resources. In addition, IDS tools are capable of distinguishing between insider attacks originating from inside the organization (coming from its own employees or customers) and external ones (attacks and the threat posed by hackers) (Source: http://www.windowsecurity.com)

 

In order to become an expert penetration tester and security administrator, you must possess sound knowledge of network Intrusion Prevention System (IPSes), IDSes, malicious network activity, and log information.


IDS Penetration Testing

The Security Analyst Exercises / IDS Penetration Testing contains the following Exercises:

  • Detecting Intrusions Using Snort
  • Intrusion Detection Using KFSensor Honeypot IDS

The Virtual Private Cloud for this Lab set utilizes:


Security Analyst Exercises are available as part of the following subscription:

CEHproductimage
Each subscription provides 6 months access to 15 Different Exercises. Each exercise contains a Scenario, Objectives, and individual step by step tasks to guide the user through all steps necessary to complete the exercise. The Penetration Testing Exercises are designed to give the user an ultimate hands-on experience. Each exercise category above has it’s own Virtual Private Cloud that comes preconfigured with Vulnerable websites, Victim Machines, and the environment is LOADED with tools. Included in your network share are all the supporting tools required to practice in the Cyber Range / Lab environment.

Lab exercises are included for:

  • TCPIP Packet Analysis
  • Information Gathering
  • Vulnerability Analysis
  • External Penetration Testing
  • Internal Network Penetration Testing
  • Firewall Penetration Testing
  • IDS Penetration Testing
  • Password Cracking Penetration Testing
  • Social Engineering Penetration Testing
  • Web Application Penetration Testing
  • SQL Penetration Testing
Price: $199
Add to Cart
View Cart