You can now download the network diagram for the USMA internal network from the dataset website. Please note, this is the planning document used just prior to the execution of CDX 2009. There may have been changes made at the last minute to the network that were not annotated on the network diagram. USMA utilized NAT (double-NAT in some cases). We will be uploading the final router configurations within the next week. A combination of the configuration files and the network diagram should help most folks correlate IP addresses in PCAP files to actual host IP addresses on the network. Let me know if there is something else that would be of additional help in this regard.
Link to network diagram
Subscribe to:
Post Comments (Atom)
Could you possibly post the snort.conf to go along with the the snort log file?
ReplyDeleteRegards,
Will
I do think too it would be something nice to understand the datasets better.
ReplyDeleteThanks in advance
I'll get the snort.conf for you. Give me a couple of days as we're finishing up the semester here at the academy.
ReplyDeleteHi , i would be very interested in the Snort Config file too if it is still available.
DeleteRegards,
Riyanat
Could you send the information regarding the snort ruleset used and snort.conf to me also?
ReplyDeleteIs it possible to determine the precise subnets that were assigned to NSA and West Point, respectively?
ReplyDeleteFor the next exercise it would be good to get sFlow and NetFlow data sets live as well as the raw packets. The devices actually reporting tell you a lot more than just creating the flow data from the packets dumps locally. The inter-sample times and MAC addresses are useful above the raw data. Flow set data can be correlated across multiple devices which is also useful.
ReplyDelete