Skip to content

linux

CSCI-490: Web-Server Monitoring & Security

brief explanation

this page is a storyboard, documentation, and demonstration of my "CSCI-490, Information System Development" course project.

the process will depend on 3 virtual machines in a virtual NAT network: a server, an attacker, and a remote that monitors the server.

the goal of the project is to demonstrate the operation of an intrusion detection/prevention system (in this case, suricata) by simulating -- with moderate accuracy -- attacks on a web-server by a hacker, and the server's detection and prevention of these attacks.

the attacker will use custom scripts written in python (with pipenv) and bash to automate those attacks.

the defender detects the attacks through suricata, and demonstrates different ways to mitigate each attack.

a remote machine with grafana then analyzes the data from the server through prometheus and loki data sources.