Question: Please share screenshots if possible 2. Write 6 snort rules There are several distinct packet signatures in the packet trace file. In the trace file,

Please share screenshots if possible

2. Write 6 snort rules There are several distinct packet signatures in the packet trace file. In the trace file, there are 30 packets total. Your task is to create 6 new snort rules that will uniquely identify the 6 different packet signatures. ' : You should use Wireshark to open the source file, read these data packets carefully. Many packets contain suspicious information, and write snort rules to alert them. Do not write two or more rules on the same type of packets. (For example, only one rule is for HTTP packets. That means do not write two separated rules for HTTP packets.). You should use contents or flags (or both) in the rule. You are encourage to define variables. One snort rule is already shown as an example (i.e., alert icmp any any-> 192.168.10.2 any (msg"ping detected": itype:: sid:999:). Since you were already provided with the example snort rule, you need to "comment out" that the example rule in the CST4710_rules file by putting the "#" at the beginning of the line in front of the word "alert". Look though the packet

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

Install Snort and Wireshark. They are free software and can be downloaded from their official sites. 2. Copy the Snert Data pcap to Snort home directory, for Windows, usually it is c:lsnortibin. 3....

A discrete sequence {xn} can be converted into a continuous representation x(t) = ts X n= (t n ts) xn, where ts is the sampling period. (a) State two characteristic properties of Dirac's function. [2...

INTRODUCING THE WIRESHARK NETWORK ANALYZER 1.1. Work description When diagnosing network problems and studying the behavior of network applications, traffic analysis data is an invaluable source of...

Wireshark Lab: UDP v8.1 Supplement to Computer Networking: A Top-Down Approach, 806 ed., J.F. Kurose and K. W. Ross "Tell me and I fonget. Show me and I remember tholve me' and / undersierd. "Chirese...

FACT SHEET FOR YOUR CONFERENCE ASSOCIATION NAME: Statistics Notes Name of Conference: List the name you are going to give your conference, this will be used in all of your marketing (HTM 2025 Annual...

pleas I need some help with this case study Henri Boulangerie: Creating and Using a Master Budget BACKGROUND PART I: CREATING THE BUDGET MEETINGS WITH DIVISIONAL MANAGERS Henri Boulangerie is a...

answer the question clearly You are building a flight-control system for which a convincing safety case must be made. Would you assign the tasks of safety requirements engineering, test case...

Objectives Performing tax research to find correct answers to a given tax situation and composing memorandums summarizing these findings are important parts of tax practice. As outlined in Chapter 2...

There are two problems due this week (each worth 35 points) as follows. Case 5-1David L. Miller: Portrait of a White-Collar Criminal (page 144). In comprehensive paragraphs, answerrequirements 1?6....

Question: Snort - Network Intrusion Detection & Prevention System Using two computers on the same network that also can see the Internet, set up the Snort IDS software on one of these computers....

Consider Theodore Roosevelt of your choosing that you felt you can look up to due to their leadership skills. Explain why you feel this? Include some background on his life, what did he contribute to...

What is speech analytics? How does it relate to sentiment analysis? Discuss.

A circular linked chain cannot represent a queue. True False

5. Develop a scenario comparing two PH programs and involving the use of a CBA.

(Appendices) Why does the accountant make an entry to record uncollectible account expense in the period of sale rather than in the period in which an account is determined to be uncollectible? LO25

(Appendices) Describe the documents that underlie the typical accounting system for sales. Give an example of a failure of internal control that might occur if these documents were not properly...

(Appendices) What are the components of cost of goods available for sale and of cost of goods sold? Assume that the firm uses the gross method of recording purchase discounts. LO45