The goal for this project is to be able to monitor multiple networks with a program called Snort. Snort is an intrusion detection system that can be used for monitoring network traffic. It’s a signature-based IDS that uses rules or signatures to alert an administrator when unwanted traffic matches a signature. We’re using a Linux-based operating system called Security Onion for monitoring network security. Security Onion comes preconfigured with Snort and other useful monitoring tools that will aid us in accomplishing in our goal to test and configure the system in order for it to perform efficiently and effectively.
Update: We configured Snort to run on a virtual machine that used multiple network interface cards so that it could monitor multiple networks. Unfortunately, we were unable to sniff local traffic due to an unconfigured switch, thus putting the project on hold indefinitely.
Project Students: Nicholas Luedeman, Rushabh Vyas
