What you'll learn:
- You will be able to install and deploy honeypots and IDS systems.
Cyberhacker Series: Honeypots, IDS and FW's: Honeypots, IDS and FW's
This course is for beginners and IT pros looking to learn more about Honeypots, IDS and Firewalls.Each chapter closes with exercises putting your new learned skills into practical use immediately.
What are the pre-requisites for this course?
- Students should have a working understanding of TCP/IP and networking concepts.
What will you be able to do after taking this course?
- Honey drive -HoneyDrive is the premier honeypot Linux distro. It is a virtual appliance (OVA) with Xubuntu Desktop 12.04.4 LTS edition installed. It contains over 10 pre-installed and pre-configured honeypot software packages such as Kippo SSH honeypot, Dionaea and Amun malware honeypots, Honeyd low-interaction honeypot, Glastopf web honeypot and Wordpot, Conpot SCADA/ICS honeypot, Thug and PhoneyC honeyclients and more. Additionally it includes many useful pre-configured scripts and utilities to analyze, visualize and process the data it can capture, such as Kippo-Graph, Honeyd-Viz, DionaeaFR, an ELK stack and much more. Lastly, almost 90 well-known malware analysis, forensics and network monitoring related tools are also present in the distribution.
- Kippo -Kippois a medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker.
- Snort -Snortis an open-source, free and lightweight networkintrusion detection system( NIDS) software for Linux and Windows to detect emerging threats.
- DNSSec -Domain Name System Security Extensions (DNSSEC) is a suite of extensions that add security to the Domain Name System (DNS) protocol by enabling DNS responses to be validated. Specifically,DNSSECprovides origin authority, data integrity, and authenticated denial of existence.