Pages

Thursday, April 25, 2013

Part 1: Installing & Configuring Snort

Snort is an open source network intrusion prevention system (IPS) capable of performing real-time traffic analysis and packet-logging on IP networks. It can perform protocol analysis, content searching,  matching, and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts and more.
Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that uses a modular plug-in architecture.

Snort has a real-time alerting capability as well, incorporating alerting mechanisms for syslog, a user-specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient. Snort has three primary uses. It can be used as a straight packet sniffer like tcpdump, a packet logger (useful for network traffic debugging and so), or as a full-blown network intrusion prevention system.  [Source: Snort Web site & Webopedia Web site]


Because Snort is an open source, each user has to tweak the Snort program for their use.  Below is a easy to follow PowerPoint presentation  to make your experience smoother.

.

My experience took me about a whole school day to complete and another day to document the process and create the above PowerPoint presentation.  Each step was an adventure in itself with a few pitfalls to challenge my patience.  However, the bigger the challenge the more committed I become in overcoming it.  

The assignment was to find Snort and follow the instructions to prepare, install and configure Snort for your computer.  Warning:  Snort can run on both Linux and Windows, so make sure you are following the correct instructions.

I began with the search-engine GOOGLE and searched for snort.  www.snort.org. 

     1st Pitfall was to click on download Snort and figure out the next steps.  I tried to install the installer but it did not work.  Did some research and found out I needed to add an .exe extension to install it because right now it was saved as a Linux installer.  However, I was caution to go back to the snort website to look at the requirements before I installed Snort, I would need to prepare my computer.  So back to Snort, I went. 
    
     At the Snort website, I looked at requirements for the first time and thought to myself.  Take the time to read instructions... I click on Requirements icon and found out a note for Windows user:  If you're downloading Snort binaries the only requirements are WinPCap and Barnyard.  I clicked on WinPcap, downloaded and installed it.  Easy, no problem....

     2nd Pitfall was installing Barnyard.  I scrolled down and saw Barnyard2 and tried downloading and installing it, but it would not work.  Oops, what's next?  Once again, I decided to search Google for the Barnyard for Windows  and looked through a few links and decided on the following site.  

http://napalmpiri.info/2009/06/10/windows-snort-and-barnyard/  

     It stated, "When installing Snort on Windows [...], the requirements include Winpcap and Barnyard..  Unfortunately Barnyard for Windows is not that easy to find: as you can read here, you can find a packaged Barnyard for Windows at  http://codecraftconsultants.com/Barnyard/, including source."  And, "It may be useful, although not ready for production deployment."

     I double-click on it and found the following link:  Barnyard_02_Build19_Installer.exe  downloaded, renamed it with an .exe extension and installed it.  Yes, Barnyard done.

     3rd Pitfall, I went back to the Snort website.  The next step was to download the rules, I did that however,  it did not work.  So, I went back to Google and searched for Rules for installing Snort on a Windows platform and I clicked on the pdf file for installing Snort 2.8.6.1.on Windows 7 link. 

 http://www.snort.org/assets/151/Installing_Snort_2.8.6.1_on_Windows_7.pdf

 This link provided me with the instructions to install and verify Snort is working correctly.  Some of the errors I dealt with pertained to changing instructions to a Windows format or placing a remark code (such as REM or # sign) in front of Linux only instructions.

I hope my experience helps you to avoid some of the pitfalls in setting up Snot. Please feel free to add any comments or suggestions below:








Thursday, April 18, 2013

IT ITECH PENNY STOCK LEAGUE



Penny stocks, also known as cent stocks in some countries, are common shares of small public companies that trade at low prices per share. In the United States, the SEC defines a penny stock as one that trades below $5 per share. Such stocks can be highly volatile and present a high risk for investors, who are often lured by the hope of large and quick profits. Penny stocks in the USA are often traded over-the-counter on the OTC Bulletin Board, or Pink Sheets. (From Wikipedia, the free encyclopedia)


Goal:  Is to learn how to buy and sell publicly traded stock,  research and choose emerging technologies that may be the next Apple, MS or Google.
Action Plan: 
1.  Join the IT ITech League.
2.  We are given $100,000 dollars to invest in emerging technology companies that we think will do well.
3.  Study and follow our predictions future success.

So far, I have chosen the following companies:












Merge HealthcareIncorporated (Merge) develops software solutions that facilitate the sharing of images to create an electronic healthcare experience for patients and physicians. Its solutions are designed to help solve some of the challenges in health information exchange, such as the incorporation of medical images and diagnostic information into broader health information technology (IT) applications and the interoperability of software solutions. It provides enterprise imaging solutions for radiology, cardiology, orthopaedics and eye care; a suite of products for clinical trials; software for financial and pre-surgical management, and applications that fuel some of the modality vendors worldwide. It provides enterprise imaging solutions for radiology, cardiology, orthopaedics and eye care; a suite of products for clinical trials; software for financial and pre-surgical management, and applications. On August 4, 2011, it acquired Ophthalmic Imaging Systems (OIS). 


CollabRx, Inc., formerly Tegal Corporation, is a data analytics company. The Company uses cloud-based systems to inform healthcare decision-making. CollabRx develops products that inform treatment planning. The Company’s product, Therapy Finder-Professional, is a series of Web-based system applications, as of September 28, 2012, which was available for melanoma, colorectal cancer, and lung cancer. CollabRx cloud-based products are available on-demand in a customizable, software-as-a-service (SaaS) delivery model. CollabRx provides project-based consulting to life science companies. CollabRx develops digital content using tools and processes that combine aggregation of public databases with knowledge obtained from the clinical experts. CollabRx solutions are designed for patients, physicians, payers, national government services (NGS) providers, biotech and pharma, laboratories, healthcare and publishers.
 Silicon Image, Inc. (Silicon Image) is a provider of wireless and wired connectivity solutions that enable the reliable distribution and presentation of high-definition (HD) content for consumer electronics (CE), mobile, and personal computer (PC) markets. The Company delivers its technology via semiconductor and intellectual property (IP) products and services. Silicon Image has driven the creation of high-definition multimedia interface (HDMI) and digital televisions (DVI) industry standards, as well as the standards for mobile devices-serial port memory technology (SPMT) and mobile high-definition link (MHL). Silicon Image has also created High-Definition Multimedia Interface (HDMI) and Digital Visual Interface (DVI) industry standards. It has also established the Serial Port Memory Technology (SPMT), a memory interface standard for mobile devices. In February 2011, the Company acquired Anchor Bay Technologies and acquired SiBEAM, Inc. in May 2011.


RadiSys Corporation (RadiSys) is a provider of embedded wireless infrastructure solutions for telecom, aerospace, defense and public safety applications. The Company also provides Advanced Telecommunications Computing Architecture (ATCA), Internet Protocol (IP) Media Server, Computer-on-Module (COM) Express, Rackmount Server platforms and Trillium software coupled with professional services. Its solutions are used in a variety of Third generation (3G) & fourth generation (4G) / Long-Term Evolution (LTE) mobile network applications including: Radio Access Networks (RAN) solutions from femtocells to picocells and macrocells, wireless core network applications, Deep Packet Inspection (DPI) and policy management, conferencing and media services including voice, video and data, as well as customized mobile network applications that support the aerospace, defense and public safety markets. On July 8, 2011, the Company acquired Continuous Computing Corporation.

STOCK STATS:




Thursday, April 11, 2013

Personal Growth Plan


 

My Personal Growth Plan


               Goals:
               1.  Take the A-Plus exam.
               2.  Network with professional technology groups and get involved in a project.
               3.  Attend job fairs and meet future employers
               4.  Apply for internships..
 
 I give myself two months to accomplish the above goals.  I do appreciate any suggestions and/or comments.
 
              

Monday, April 8, 2013

Class Project: Setting up a wireless network

Step 1:  Choosing equipment for a wireless network.  We choose a wireless router, 2 wireless notebooks, and 3 RJ45 cables.
Step 2:  We proceeded to connect the two wireless notebooks to the wireless router, then connect wireless router to the RJ45 port.  




Step 3:  Then, configured both wireless notebooks to the router and tested connections and documented findings.  It was fun participating in this project.

Wednesday, April 3, 2013

ITech Helpline


Role Playing Scenario:

A customer calls into ITech Helpline and explains that her computer is all dark.



First, it is best to check the obvious, check out all connections and as you see in this scenario the electrical cord was connected to a surge protector which was off.  Once, she turned on the surge protector the computer turned on.  Also, you should verify with the customer that all is up and running and that she is satisfied. 

Do you agree with this scenario? If not, please share your suggestions and comments.