The purpose of this project is to determine if a free, open-source program can function in the role of a Security Operations Center for a Fortune 500 Company. This program is needed to analyze a network, or multiple networks, for a variety of threats. It also needs to be able to display alerts from the threats on a centralized server.
Security Onion is the program currently being examined for this project. It meets the necessary requirements, while also being a free, open-source solution. The interfaces included in Security Onion can also display alerts in real-time. Security Onion has been tested on VLANs and is able to collect data from multiple networks. Security Onion’s Elsa program contains dashboards on web interfaces to visually show alerts and other types of information that has been collected.
Project Student: Michael Thomas
This project incorporates many facets of security for computer systems and the network they are on. The client wanted the possible vulnerabilities and threats to their network and systems documented. If any are found, the job is to find solutions to mitigate and or remove those possible problems.
Many security tools such as OpenVAS and GRR Rapid Response were used in the vulnerability finding process. Using these tools among others gives a nice basis to find, document, and find solutions to, any possible problems that may arise.
Along with the implementation of theses programs, setting up and installing servers and the troubleshooting also goes along with the project.
Project Student: Ryan Stav
The purpose of this project was to implement iTALC on a pair of labs’ workstations. The problem was that professors needed a presentation tool to control what can be done on each lab computer. Each lab computer, and both instructor stations, were set up with the iTALC software. Now professors can view a live feed of all students’ lab computers, control what students can see during a presentation, and prevent cheating during testing.
Project Student: Jamey Owens
The project was to solve the issues a WSUS server had with client communication to workstations. The main issue was that the batch cloning of the workstations left them all with the same GUIDs. Following the fix, a single workstation connected to download the updates, and double checked that nothing broke, before sending the updates to the rest of the workstations. The server is now running normally, with no apparent issues.
Project Student: Kinnon Roudebush
A lab’s workstations needed to be able to use wake-on-LAN and remote tools, but were not able to load after reboot using their prior bootloader. Previously, the lab workstation would be prompted with a nag screen making each workstation inaccessible until a button was physically pressed. GAG bootloader can now be used to boot into the multiple operating systems that are used on each lab workstation, with a graphical interface that allows for wake-on-LAN and remote services.
Project Student: Jamey Owens
An educational entity requested a solution that is capable of auditing their workstations. Their primary goal is to monitor logins to ensure that workstations are not being accessed after open hours. The ideal solution would also generate and send emails as alerts.
Expanding on the original scope of the solution, LibreNMS was chosen for its capability to monitor events at a system level through syslogs as well as provide a centralized, web-accessible platform to analyze overall network traffic, addressing information, and system specifications. Batch scripts were written to automate the configuration of the workstations’ SNMP and syslogs. A combination of batch scripts and task scheduling were used to identify workstation logins at specific times.
Project Student: Keith Cornell
A transparent proxy server was created and implemented. The purpose of the transparent proxy is to reduce bandwidth and increase download speed. A virtual machine utilizing pfSense (a Linux based firewall) with a Squid transparent proxy add-on was created to provide easier manageability. Reports can be generated to show details regarding web traffic as well. pfSense has additional features that can be utilized to consolidate various programs into one server with a web interface. These features include, but are not limited to, Wake-on-LAN, OpenVPN, and ClamAV anti-virus. Currently the proxy server is incomplete, as additional VLANs need to be added.
Project Student: Heather Bullard
A local not-for-profit needed a Logical Map of their entire network, since the Physical was already completed. The logical network included the names of the desktop computers, as well as which network they were connected to. These were based on the IYG assets that were in an Excel document, then grouped based on different categories from a Word document. Some of the categories were: Operating System, Type of BIOS, Model Number, and IP address. Lucidchart was used to document the network based on this categorization of assets.
Project Team Members: Clay Hampton, Randall Huber
The purpose of our project is to configure a secure cloud server to operate using OpenStack Juno on Ubuntu. We have four nodes that will operate together at the end of the project. When everything is complete you will be able to launch multiple instances and expand your network rapidly while managing your resources efficiently. You will also be able to monitor traffic, detect and prevent internet intruders.
Project Students: Nichole McFarland, Justin Salyer, Khalid Alsufayan
Living Lab onsite networking for non-profit organizations that have come for tech support and network support in there small business areas. We are currently working on repairing a network for a non-profit organization and we will be on backing up a whole system for another.
After a long semester of hard work the projects for the selected clients are complete and their networks are running optimally for their needs. There are no longer any infections and they are secured for the reminder of the year.
Students: John Stipe and Alec Hawes