Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

In this section you will examine the traffic from the sniffer. Return to the Security Onion box and stop capturing packets. Note how many packets

In this section you will examine the traffic from the sniffer.

Return to the Security Onion box and stop capturing packets. Note how many packets were captured, and verify the capture file was saved with those packets. If the capture file has not yet been saved, save it now to the desktop as Capture.cap.

Switch to Security Onion

Next, analyze the capture file with Snort. Also, make sure to output the resulting alert file to the /home/student directory and use the correct snort.conf file.

Switch to Security Onion

After snort finishes its analysis, review the file generated by Snort for any suspicious events. Do you see any to note?

Switch to Security Onion

Next, continue your analysis and open the capture file with Wireshark to browse the captured packets. Play around with the filters to analyze the captured traffic. For instance, apply a filter to view all TCP reset packets.

Do you see anything indicating a network scan was run against boxes on your network?

Switch to Security Onion

Lastly, log into the Metasploitable box and view the web server logs. Specifically, use the command to view the most recent web server logs.

Notice what breadcrumbs are leftover from the network scan.

The snort.conf file is located at /etc/nsm/onion-dmz-eth0/snort.conf.

Step by Step Solution

There are 3 Steps involved in it

Step: 1

Task Breakdown The task involves capturing network trafficanalyzing it with Snort and Wiresharkand t... blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Sampling Design And Analysis

Authors: Sharon L. Lohr

2nd Edition

495105279, 978-0495105275

More Books

Students also viewed these Algorithms questions