Download Intrusion Detection Labs

To download the contents for each lab please send an e-mail to ia@mgt.unm.edu and the school where you teach or research.

The following Information Assurance labs are available for download:

Intrusion Detection

• Honeynets
• Honey Pot and Vulnerability Scanner
• Intro to a Windows-based Intrusion Detection System (IDS)

Honeynets

Honeynets
Author: Joel Sikora, Fall 2006
Revised: Joel Nunes and Alessandro Seazzu, June 2007

CNSS/NSTISSI Mapping: n/a

Abstract:
This lab is designed to help students understand the workings of a honeynet. This will be accomplished by deploying a virtual honeywall with one honeypot and assessing the responses from the honeywall to an attack.

Requirements:
The requirements include using VMWare with Microsoft Windows XP, the Honeywall CDROM Roo, and NMAP port scanner. The software and tools required for this tutorial(s) are open source, freeware, shareware, trial version or a combination thereof. As such, some tools or software might expire or will be outdated by the time this lab is executed. If the executables accompanying this lab do not work, please download the latest version from the website provided in this lab. It is recommended that the user take a few minutes to read the entire tutorial before starting any computer interactions.

Download Honeynets (316,835.889 KB)
SHA1: 3982a18751c0c28d50afc25bdffefbc15a91db11

Honey Pot and Vulnerability Scanner

Author: Phuong Tran, Spring 2007
Revised: Joel Nunes and Alessandro Seazzu, June 2007

CNSS/NSTISSI Mapping: n/a

Abstract:
This lab presents to the student a security tool that is designed to thwart intruders away from any critical information on a network by setting up a lure. The student will also set up a port scanner to remotely scan another system for vulnerability points.

Requirements:
The requirements include using VMWare with Windows XP and Windows 2000. You should have the ability to revert your systems to a “pre-lab” snapshot. The software and tools required for this tutorial(s) are open source, freeware, shareware, trial version or a combination thereof. It is recommended that the user take a few minutes to read the entire tutorial before starting any computer interactions. As such, some tools or software might expire or will be outdated by the time this lab is executed. If the executables accompanying this lab do not work, please download the latest version from the website provided in this lab. It is recommended that the user take a few minutes to read the entire tutorial before starting any computer interactions.

Download Honey Pot and Vulnerability Scanner (15,834.748 KB)
SHA1: 95593c513e8d1c411cbc7cfff305054357320fd4

Intro to a Windows-based Intrusion Detection System (IDS)

Author: Jeff Bland, Spring 2007
Revised: Joel Nunes and Alessandro Seazzu, June 2007

CNSS/NSTISSI Mapping: n/a

Abstract:
There are multiple ways to protect a system. An intrusion detection system is one of them. This lab was designed to present the use of a Windows-based open source IDS to help protect a system from attack.

Requirements:
In this lab you will use VMWare to host a session of Windows XP and a Windows 2003 Server which can be reverted after the lab is completed along with some custom files to implement the intrusion detections system. The software and tools required for this tutorial(s) are open source, freeware, shareware, trial version or a combination thereof. It is recommended that the user take a few minutes to read the entire tutorial before starting any computer interactions.

This lab archive contains code that is considered malicious by most antivirus applications. It is strongly recommended that you store this file in an isolated test system away from any production environments.

Download Intro to a Windows-based Intrusion Detection System (IDS) (10,295.219 KB)
SHA1: f7e5364ce71c78b0ce8cf4ab1b8b654bfb445251