Wazuh: An Intrusion Detection System

Wazuh is an open-source intrusion detection system that uses individual agents to monitor user and network activities on a host-basis. Suspicious activity is reported using alerts via email. Agents were deployed to the workstations in the Living Lab through the use of group policy management. The Auto-OSSEC tool developed by Binary Defense Systems provides automatically provisioning for agents in order to provide their authentication key. Kibana is a web interface that can manage agents and mine data.

Project Team Members: Andrew Smith, William Schene

Testimonials

The Living Lab is helpful because it exposed me to an environment similar to one I would face in a real IT job. Abdulrahaman Ahmed Banjar

Living Lab gave me a chance to experience working with real-world projects, not just books and notes like other classes. In addition, I got to learn new techniques (terminate network cables, set up switches and hubs), new software (ManageEngine EventLog Analyzer), and experience a corporate environment. Finally, Living Lab gave me a chance to work on my problem-solving skills as well as self-sufficiency, because I had to do a lot of research on my own to solve any issue that came up. Anh Pham

The Living Lab is like having an IT job in the field. You are pushed and pulled in many different directions with many different projects. You are thrown into situations that need to be figured out. The guidance is there, but nothing beats that feeling of figuring it out by yourself. Aaron Hook

The Living Lab has given me the chance to work on a project that I have yet to encounter in my six years of IT experience. It’s broadened my horizons and given me a great chance to work with other students in my field. I have also been able to pick up information from other fields of IT that I wouldn’t have been able to learn in my current job. Jerry Henderson

The Living Lab has been an enjoyable experience. It has provided new skills while strengthening old ones and has given me insight into the technical workplace. Wendell Matthew Klene

Living Lab is a great class to gain experience that you can apply to the real world. The small class means there is more one-on-one time with the lab instructor. The Living Lab also lets you get your hands dirty with hardware and not just focus on exams and homework. I can apply what I learned in other classes to real-world scenarios. My favorite thing about Living Lab is that I can put everything that I achieve in class on my resume, which puts me ahead of the curve with potential employers. Bhaumik Yashesh Pandya

I have definitely determined that this class could be just like a real life IT position. You never know how long a project might take, even a simple task. I’ve had some tasks take only a couple of hours, and I worked on one project for 36 hours straight. But I feel that Living Lab is helping to prepare me for what will come in the professional world. Eugene Gephart

The Living Lab was a great opportunity to gain different technical experience in the IT field. The projects were all challenging and simulated a real-world environment to deliver upon. Nick Barnett

Living Lab has been a great experience for me to learn daily obligations to maintain a healthy network. I’ve learned independent research is a very important process before network testing is conducted. I’ve also learned that you must have a process to monitor packets flowing in and out of the network. Working with packet sniffing programs has been helpful. In a team environment, I’ve also learned to install network cables, mount and install switches, and test networks. Charles Alan Stone

Throughout this class, I have learned a great deal of information. It gave me an idea of how how the IT world runs and prepared us for it. Abdulrahman Jassem M. Alzaman

Clay Hampton