The desired outcome of this project was to get the Snort server configured and operational.  Snort is an open source network intrusion detection system. In order to complete this project the student finalized all configurations on the rules and settings for the server. However, during the semester the Snort server temporarily went down due to a change in the IP address.  The group made configurations to restore function of the server.  The students tried using Ubuntu as an operating system but were unable to use it.  Next, they tried using CentOS and were successful.  They downloaded Snort, installed it and the prerequisites.  The students also downloaded and installed the most up to date Snort rules, Barnyard2 files and setup network cards.  Next, they updated the system, configured the MySQL database and installed BASE (Basic Analysis and Security Engine. The final step was to get the rules in place and normalize what traffic was already running across the network.  Finally the students let Snort run for a week and had over 1 million alerts.

  Student Team Members. Cameron Relford, Daniel Hoge, Redah Alshwkhan, James Reid

Author