Re: Honours Project - Ideas?

On 24 Sep 2005 12:09:12 -0000, misa@hotmail.co.uk <misa@hotmail.co.uk> wrote:
> To the few who replied thank you. Because of my lack of knowledge I failed to 
> supply enough information. I believe that I will most likely use Apache for 
> this project unless there are other recommendations. I'd like to stick with 
> one form of server and platform so that I can concentrate on the attacks and 
> network hardening techniques. I think this may prove to be the best approach 
> as I can spend more time focusing on this.
>
> The advice given was great. It seems hardening documents may be the basis of 
> strengthening the network.
>
> I'd like to ask for more detailed thoughts from you guys if possible. Will 
> focusing on DoS attacks give me enough to play with or are other attack 
> methods worth looking at? Any in particular? Is Apache the best server to use 
> in this project? Do you guys have ideas as where I should look into for 
> research into attacks/solutions to attacks and research for my literature 
> review?

I would look for a paper called "Netfilter Performance Testing" by
Jozsef Kadlecsik, et al. It may not cover apache but it does go into
the methodology for their brute force testing netfilter on various
hardware platforms.

You may also want to let the list know the following:

What hardware platform you are going to use for the server? What OS
types are you looking to test (*BSD, Linux, Solaris, etc)? Are you
looking to test a local server firewall or a dedicated router/firewall
in between the server and the attackers?



--
Stephen J Smoogen.
CSIRT/Linux System Administrator