Virtual Appliance Marketplace

Features

Collegiate:
No

One-line Description:
Snort Network Intrusion Detection Appliance

Filename:
NIDA_SBoudreaux.zip

Size Compressed:
428 MB

Allocated Memory:
256

Username:
root

Password:
vmchallenge

VMware Tools Installed?:
No

Operating System:
CentOS v4.0

Torrent?:
No

Applications:
Snort 2.4.3, GNU General Public License
Apache 2.0.52, GNU General Public License
PHP 4.3.9, GNU General Public License
MySQL 14.7, GNU General Public License
BASE (Basic Analysis and Security Engine) 1.2, GNU General Public License
PCRE 5.0, GNU General Public License
ADODB 4.62, GNU General Public License
OinkMaster 1.2, GNU General Public License

Last Updated:
October 27, 2006 - 15:00

Description:
What does this appliance do?
This appliance is designed to alert a system security professional of intrusion attempts on the network segment on which the appliance is installed.
Alerts must be monitored using the BASE (Basic Analysis and Security Engine) Web Console.
Monitor web can be visited at https://applianceIP/base. Username: base Password: base
Intended audience:
This appliance is intended for use by advanced systems security professionals with in-depth knowledge of network intrusion detection. This appliance in no way provides user training or help with respect to the CentOS operating system, TCP/IP network protocol, or network security.
What are benefits?
Allow security administrators to monitor potential network attacks on network.
How was the appliance built?
CentOS 4.0 installed with minimum software necessary for functionality
OS was updated with latest patches and updates
Running Services: httpd, mysqld, cron (cron daemon updates Snort rules daily)
Snort, PCRE, ADODB, BASE, and OinkMaster downloaded, installed, and configured
cron job defined to update Snort rules using OinkMaster every day at 5:30 AM
Management Network Interface (eth0)
IP Address: 10.1.4.51
Subnet: 255.255.255.0
Gateway: 10.1.4.254
Hostname: pig.vm
Username: root
Password: vmchallenge
Username: snort
Password: skydeve85
Instructions to start using the appliance:
Modify NIC configuration at /etc/sysconfig/network-scritps/ifcfg-eth?, where ? is the NIC you wish to modify.
Example:
DEVICE=eth?
BOOTPROTO=none
HWADDR=00:AA:11:BB:22:CC
ONBOOT=yes
TYPE=Ethernet
HOSTNAME=pig.domain.com
IPADDR=11.22.33.44
NETMASK=255.255.255.0
USERCTL=no
PEERDNS=yes
GATEWAY=11.22.33.254
IPV6INIT=no
Plug promiscuous NIC into DMZ.
Plug NIC with IP address into Management Network. Management network is separate subnet/VLAN set aside to manage the Snort Sensor.
Monitor alerts using https://IPAddr/base
Username: base
Password: base
Manage the sensor using SSH.
Username: root
Password: vmchallenge
Names of licensed operating systems & applications:
CentOS 4.0, GNU General Public License
Snort 2.4.3, GNU General Public License
Apache 2.0.52, GNU General Public License
PHP 4.3.9, GNU General Public License
MySQL 14.7, GNU General Public License
BASE (Basic Analysis and Security Engine) 1.2, GNU General Public License
PCRE 5.0, GNU General Public License
ADODB 4.62, GNU General Public License
OinkMaster 1.2, GNU General Public License

Technical Specifications

Operating System:

CentOS v4.0

VMware Tools installed: No

Size: 428MB

Allocated Memory (RAM): 256MB

Applications Installed:

Snort 2.4.3, GNU General Public LicenseApache 2.0.52, GNU General Public LicensePHP 4.3.9, GNU General Public LicenseMySQL 14.7, GNU General Public LicenseBASE (Basic Analysis and Security Engine) 1.2, GNU General Public LicensePCRE 5.0, GNU General Public LicenseADODB 4.62, GNU General Public LicenseOinkMaster 1.2, GNU General Public License

Virtual Appliance Account Information