1.Examine the alert and understand the content such as source and destination IP addresses, the Alert (ICMP...
Question:
1.Examine the alert and understand the content such as source and destination IP addresses, the Alert (ICMP
packet found messages). Then interpret and analyze the triggered alert in the context of network security with
respect to inbound and outbound ICMP traffic to and from the Kali.
2.
Considering the run time for ICMP packet processing (200.767911 seconds), packets processed by Snort (2426),
Snort ran time of 3 minutes 20 seconds, and Pkts/min (808), and Pkts/sec (12), how can that that support your
interpretations and analysis above?
3.
Examine the FTP alert and understand the content such as source and destination IP addresses, the Alert (ICMP
packet found messages). Then interpret the triggered alert in the context of network security with respect to
ftp login attempt to the Kali.
4.
Examine the SSH alert and understand the content such as source and destination IP addresses, the Alert (ICMP
packet found messages), as well as the SSH command in the PowerShell command prompt.
5.
After using the ping command instead of nmap command in the previous task to ping the Kali VM, determine
why do you think no an alert was triggered with the ping utility in the context of intrusion detections
Computer Networking A Top-Down Approach
ISBN: 978-0136079675
5th edition
Authors: James F. Kurose, Keith W. Ross