Intrusion Detection System (IDS) Lab

docx

School

Grand Canyon University *

*We aren’t endorsed by this school

Course

525

Subject

Information Systems

Date

Feb 20, 2024

Type

docx

Pages

15

Uploaded by MajorMandrillPerson974

Report
Intrusion Detection System (IDS) Lab Lee Chauworn Houston II Sean Atkinson CYB – 525 February 5, 2024
Part 1 : Right off the bat we began with a problem. I was trying to Suricata installed and kept approaching this error saying it was not stable. When I would research the issue, it seemed the version of Suricata I was installing was not suitable for the Ubuntu version I had.
What I went ahead and did next was update Ubuntu, close out and restart. From there I was able to get it installed and it was a successful start.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
I also ran a ping to ensure everything was still running and in tact. I went ahead and used Nano to edit. I was trying to use the VI but it was just honestly to difficult. I would be able to get to the line no problem but when trying to edit it, was just not going for me so I switched over to Nano which is a bit more
straightforward process when it comes to editing and was able to get it.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Now after successfully editing Suricata. I had to make sure it was up to date again and make sure everything was fine which it was. On to the next step, you can see where I ran tail -f command to tail the logs. First attempt did not work as the log was not reading back from the intrusion so I had to clear everything and make a new one and that one went perfect. I have included both results with the most
successful being the final screenshots.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Part 2 : In this lab, we explored the intricacies of setting up and configuring an Intrusion Detection System (IDS) using Suricata on an Ubuntu platform. The journey was fraught with challenges, but it culminated in a series of valuable learning experiences and successes. Issues Encountered, Lessons Learned, and Successes: Encountered issues with software compatibility and initial configuration missteps highlighted the necessity for thorough preparation and understanding of system requirements. Adaptation to alternative tools and overcoming initial hurdles demonstrated resilience and the ability to learn from mistakes, ensuring eventual success in the IDS setup. The successful deployment of Suricata, following proper configuration and troubleshooting, showcased the practical application of theoretical knowledge and the effectiveness of perseverance in the face of technical difficulties. The document includes pivotal screenshots that illustrate: The error messages that were initially encountered, emphasizing the troubleshooting process. Steps taken to resolve compatibility issues, including system updates and successful Suricata installation. The process of editing configuration files with Nano, showcasing practical skills in system administration. The successful detection of intrusions, highlighting the IDS's operational success in monitoring and identifying malicious activities.
Methodologies Used in Network Forensics: The lab's approach to network forensics involved several key methodologies, crucial for the effective analysis and monitoring of network traffic. Packet capture and deep packet inspection were employed to scrutinize network traffic in detail, while analysis of protocols provided insights into the nature of the communications across the network (Stallings & Brown, 2018). These techniques are foundational to identifying and mitigating threats in real-time. Analysis of Network Traffic and Anomalous Activity: By applying these methodologies, we were able to decipher network traffic and identify anomalous or malicious activities. This analysis was instrumental in understanding the impact of these activities on the system, enabling us to formulate strategies for their mitigation. Leveraging Analytic Methodologies with IDS: The integration of qualitative and quantitative analytic methodologies can significantly enhance the predictive capabilities of an IDS. Qualitative analysis, through heuristic and behavioral analysis, alongside quantitative analysis, using statistical models, enables the identification of deviations from normal network behavior, thereby predicting and communicating potential network anomalies (Scarfone & Mell, 2007).
References Stallings, W., & Brown, L. (2018). Computer Security: Principles and Practice. Pearson. Scarfone, K., & Mell, P. (2007). Guide to Intrusion Detection and Prevention Systems (IDPS). NIST Special Publication 800-94.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

CITC 2326_Case Project 13-4.docx
Benchmark .docx
View.docx
baker week 8.docx
PMGT701 Group Term Project Instructions - PART 12.pdf
Access Control Firewall Assessment Lab.docx
Assignment 3 - Feasibility Assessment (1).docx
CITC 2326_Case Project 14-5.docx
MIS 111 Fall 2011 Project 4 111016.pdf
Arteriosclerotic_acrobates_kaolinite.docx
Appendix FINAL V2.0.docx
MIS417 Project Review Instructions.doc