IDS, SYSLOG, and NTP Lab

An Intrusion Detection Systems (IDS) is a software application that can be used to detect threats within a network. Syslog is a software application that can send and store events based on classification. Both of them provide system/network visibility and be crucial in finding past, present, and potentially future threats. In this lab, we are going to install an IDS on the host (IDS-DMZ.urbank.com) using SNORT software and configuring it to send messages to a Syslog server. In this lab we will also configure the host (urbank.com) to take the Syslog server role using the RSYSLOG software utility. Lastly, we install the and configure the ntp package on both IDS-DMZ.urbank.com and urbank.com to ensure sychronized logging.

Overview

An Intrusion Detection Systems (IDS) is a software application that can be used to detect threats within a network. Syslog is a software application that can send and store events based on classification. Both of them provide system/network visibility and be crucial in finding past, present, and potentially future threats. In this lab, we are going to install an IDS on the host (IDS-DMZ.urbank.com) using SNORT software and configuring it to send messages to a Syslog server. In this lab we will also configure the host (urbank.com) to take the Syslog server role using the RSYSLOG software utility. Lastly, we install the and configure the ntp package on both IDS-DMZ.urbank.com and urbank.com to ensure sychronized logging.

Learning Partner
Infosec Learning
Infosec Learning
Infosec Learning provides businesses, colleges, governments, and K-12 school districts a feature rich information technology training and skill assessment service via an advanced, cloud based, virtual machine powered platform, capable of significant customization with unlimited scale and growth potential.