MIS 5213 Summer 2015

All,

I want to make sure you all have received an email regarding tonight’s webex.  Please confirm you have received it.

I had also attached the powerpoint for tonight’s lecture with that.  That is also attached here.

Deval

Lecture Slides

Intrusion Detection11

All,

Please check your grades at

http://community.mis.temple.edu/gradebook/

I want to everyone has been graded for an assignment they have submitted.  If you do not see a grade, then I don’t have an assignment for you that is missing the grade.  Please contact me if there is a discrepancy.

Thanks

Deval

All,

Please ensure that you read chapter 17 of the Incident Response & Computer Forensics books for monday.  Along with the following SANS publication.

http://www.sans.org/reading-room/whitepapers/intrusion/intrusion-detection-prevention-in-sourced-out-sourced-32854.

See you on Monday.

Deval

This is just a friendly reminder for the remainder of the course.  The research paper is due on Sunday at 11:59 PM.  Please make sure you get them to me by the time.  Tomorrow we will continue with the Splunk configuration.  As we spend some time incorporating the PCAP data into Splunk along with the tutorial data from the Splunk’s website.  We will continue with the tutorial to understand how we can manipulate the data.

On Monday we will be discussing managing intrusions with our (organizations’) outsourcer.

And next Wednesday is the final.  See you all tomorrow.  Please bring in your laptops.

Deval

In light of the recent breach with federal employee information, we will be discussing this breach.  We will discuss what it means for federal employees, United States as a whole, and what could have happened

http://www.npr.org/2015/06/05/412305556/security-experts-warn-opm-breach-could-help-hackers-attack-more-u-s-targets

http://www.engadget.com/2015/06/06/opm-hack-details-revealed/

You can also use the document below to help guide our discussion today.

CyberAttacks 

-Deval

Here are the powerpoints slides from last week.Intrusion Detection7

All,

I wanted to take a moment to remind you that there  is paper due on June 10th.  That is 10 days away.  Here is the information on the paper from the syllabus.

Intrusion Detection and Management comprises of several phases. Each phase consists of its own issues. Following are some of the examples and issues that need to be considered. Please pick one of the following as your topic of the paper.  You may decided to do something not listed below.  If you decide to pick something different please check with me.

• Legal issues with the use of IDS Logs and Packet Capture Data.
• Financial Implications of not having an Intrusion Detection and Management program.
• Technical Obstacles with the deployment of IDS
• Effectiveness of Intrusion Detective Systems
• Pros and Cons of sharing the details of a cyber-attack with the government or other entities.
• Identify several metrics that you would consider developing to highlight the success of a Cyber Incident Security Response Centers.

All papers need to have the following requirements.

• APA formatting, – Paper should be properly cited for appropriate references.
• A minimum of 5 professional references (Def: professional references are those that have been published in journals or industry publications. Websites and Blogs will not be considered professional references)
• A minimum of 6 – 8 pages.

-Deval

Since we had difficulty getting you the “rules” files and “snort.conf” file, i have added them to my dropbox and sent you an invite.  Please let me know if you have trouble with it.  Enjoy your weekend, but also don’t forget to take a look at the videos.  The links are listed in the schedule tab.

We will explore the rules more on Wednesday.

Deval

Here are the slides for today’s lecture.  We can discuss more in class.  Also – don’t forget to bring your laptops. We will be discussing SNORT and installing snort.Intrusion Detection4