Question: Snort also allows us to write custom rules. Open the file /etc/snort/rules/local.rules and add one rule that detects each visit to www.google.com that is made

Snort also allows us to write custom rules. Open the file /etc/snort/rules/local.rules and add one rule that detects each visit to www.google.com that is made by the virtual machine. The rule should look for any outbound TCP traffic that is going to port 80 and contains the pattern "www.google.com" in the URL and trigger an alert when it gets a match. Give the rule an SID of 1000000 or higher. Then visit Google with a web browser and check if your rule triggered an alert.

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

Need help with the document attached. The company that this paper is about is Nvidia. Project Descriptions SEC 10-K Paper You will be asked to select a company that is publically traded. You must...

I have to create a program in C and I can't figure it out. The program has to read a source file. Please help. /******************************************************************** PROJECT: Glossary...

Any help with this would be greatly appreciated! An HR Payroll System Computers are great at storing and manipulating data. For this project, you will write code that keeps track of Human Resources...

can someone solve this Modern workstations typically have memory systems that incorporate two or three levels of caching. Explain why they are designed like this. [4 marks] In order to investigate...

Question: Snort - Network Intrusion Detection & Prevention System Using two computers on the same network that also can see the Internet, set up the Snort IDS software on one of these computers....

Overview of the case. What do you think of the particular assignment given to Browning? TEXTBOOK : Brown, C.V., DeHayes, D.W., Hoffer, J.A., Martin, E.W., and Perkins, W.C. Managing Information...

For the exclusive use of F. Ortolano, 2015. 9-910-036 REV: APRIL 11, 2011 BENJAMIN EDELMAN THOMAS R. EISENMANN Go oogle In nc. Go oogle's mission is to organize the world's inf n nformation and make...

For the exclusive use of S. Setiawan, 2015. 9-910-036 REV: APRIL 11, 2011 BENJAMIN EDELMAN THOMAS R. EISENMANN Go oogle In nc. Go oogle's mission is to organize the world's inf n nformation and make...

write a page answer the questions, references the accounting code As the CFO of General Dynamo, you are very excited as you have just completed the negotiations related to the purchase of Apex...

Question 1 Morality is Select one: A. Universal and basic to human relationships. B. Established by the common law. C. The system that protects property and people. D. The application of ethics to...

Overhead control in a nonmanufacturing business can be achieved through departmentalization. Explain.

Preserving cultural heritage is an important factor in the prosecution of major projects such as wind farms. Describe how to quantify the cultural importance of the project site and some of the steps...

On January 1 , 2 0 2 5 , Crane Corp, changed its inventory method to FIFO from LIFO for both financial and income tax reporting purposes. The change resulted in a $ 9 2 0 0 0 0 increase in the...

Compared with half a century ago, adoption has become _ _ _ _ _ _ _ _ _ common, but it is more open and acceptabl e , so we probably discuss it _ _ _ _ _ _ _ . fill in the blanks more or much less or...

How do Dimensional Database Models differ from Relational Models?

What type of processing do Relational Databases support?

Describe several aggregation operators.