I’m working with up to three other guys on a snort lab. So far we have had little progress in this project, but about 90% of that is due to technical difficulties outside of our control (such as the server going down for several hours). The project itself currently is to install and fine tune Snort on Debian. However, like I said that is going slowly because we have had technical difficulties beyond our control.
I am working with three other guys to configure a Snort server. Snort is an Intrusion Detection System, which is basically a computer that sits on a network and watches all of the network traffic over the network. It will watch for any suspicious activity that may be the result of hacking, virus or malware activity, or any potentially dangerous code going across the network. If a threat is detected, then information is obtained about the event and saved in a database. From here the database can be viewed from a web front end, such as BASE. Snort uses a set of rules to determine what traffic may be potentially dangerous.
For me, my job is to get the server up and running and configured and then hand it off to the other guys I am working with to handle the security portion, AKA the rules and their configuration. I will be able to assist as needed if any issues come up, but will also be working on other projects as well. As of right now the install has been delayed due to technical difficulties (the server NAS going down) which has put Snort at a standstill. We still did a test install to make sure that we could install everything with the version of Linux we chose (Debian) and found out that a particular version worked great (6.0.7). In the meantime we have been assigned a couple other side tasks, some that involve getting the connection back up with the failed NAS.
Snort is a program used to detect network attacks on the network. Our team’s assignment is to set up snort in the labs network in the basement of the ET building room007/005. We are going to create the database for snot and the pre req programs that needs to be set up before running snort on the network, we are going to test it on the network and trouble shoot it if there would be any problems while running it.