FREE Trial
Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Install Snort and Wireshark. They are free software and can be downloaded from their official sites. 2. Copy the Snert Data pcap to Snort home

image text in transcribed
Install Snort and Wireshark. They are free software and can be downloaded from their official sites. 2. Copy the Snert Data pcap to Snort home directory, for Windows, usually it is c:lsnortibin. 3. Create a folder "log" under c:snortbin. 3. Start Wireshark to open Snert Data pcap, which is a previously captured tracefile. There are several distinct packet signatures in the packet trace file. In the trace file, there are 30 packets total. 4. Many packets contain suspicious information, analyze each packet and try to find the suspicious information in it. Then write SIX snort rules to alert them. 6. There are at least 6 types of packets with different suspicious information. Each rule only alerts one type of packets with the same suspicious information. Each packet cannot be alerted by 2 or more rules. 2 Install Snort and Wireshark. They are free software and can be downloaded from their official sites. 2. Copy the Snert Data pcap to Snort home directory, for Windows, usually it is c:lsnortibin. 3. Create a folder "log" under c:snortbin. 3. Start Wireshark to open Snert Data pcap, which is a previously captured tracefile. There are several distinct packet signatures in the packet trace file. In the trace file, there are 30 packets total. 4. Many packets contain suspicious information, analyze each packet and try to find the suspicious information in it. Then write SIX snort rules to alert them. 6. There are at least 6 types of packets with different suspicious information. Each rule only alerts one type of packets with the same suspicious information. Each packet cannot be alerted by 2 or more rules. 2

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image_2

Step: 3

blur-text-image_3

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Ontologies Based Databases And Information Systems First And Second Vldb Workshops Odbis 2005/2006 Trondheim Norway September 2005 Seoul Korea September 2006 Revised Papers Lncs 4623

Ontologies Based Databases And Information Systems First And Second Vldb Workshops Odbis 2005/2006 Trondheim Norway September 2005 Seoul Korea September 2006 Revised Papers Lncs 4623

Authors: Martine Collard

2007th Edition

3540754733, 978-3540754732

More Books

Students also viewed these Databases questions

Question

In Problem 13.6 on page 470, you used the total worldwide revenue ($ millions) and full time voluntary turnover (%) stored in BestCompanies to predict the number of full time jobs added. a. Perform a...

Answered: 1 week ago

Question

giv me an exammple for Structural design patterns Adapter Match interfaces of different classes Bridge Separates an object s interface from its implementation Composite A tree structure of simple and...

Answered: 1 week ago

Question

15.71 In the study of Exercise 15.70, information on the cellular phone system was also shown to MBA students. Part of the analysis of variance table for their quality assessments is shown here....

Answered: 1 week ago

Question

A partial adjusted trial balance for Orlando Company is given in E4-13. Instructions Prepare the closing entries at January 31, 2010.

Answered: 1 week ago

Question

Install Snort and Wireshark. They are free software and can be downloaded from their official sites. 2. Copy the Snert Data pcap to Snort home directory, for Windows, usually it is c:lsnortibin. 3....

Answered: 1 week ago

Question

Write a paragraph to your boss explaining how the issue price of the bons (the next amount borrowed) is affected by the state interest rate on the bonds. Include an explanation of how interest costs...

Answered: 1 week ago

Question

Question: What does the transient keyword in Java do when applied to a variable? A) It indicates that the variable should not be serialized during the serialization process. B) It prevents the...

Answered: 1 week ago

Question

Question: How does the instanceof operator in Java determine if an object is an instance of a specific class or interface? A) It checks whether the object belongs to the specified class or implements...

Answered: 1 week ago

Question

Question: What will be the result of executing the following Java code if an object of a class implementing Runnable is passed to a Thread constructor and the start() method is called? A) The run()...

Answered: 1 week ago

Question

Question: What is the result of trying to synchronize on a String literal in Java? A) The synchronization will work as expected, and each thread will be able to lock the String literal independently....

Answered: 1 week ago

Question

Question: What is the result when invoking the hashCode() method on two different objects that are considered equal according to the equals() method in Java? A) Both objects will have different hash...

Answered: 1 week ago

Question

5. Keep a log of how you listen with technology. Is it easieror more difficult for you to select, attend, remember, understand, and respond? Compare your experiences with friends. Do some of your...

Answered: 1 week ago

Question

A Should you tell Jamie the truth? Is it ethical to hide your true feelings from a friend? What might happen if you just say, Im embarrassed to say that Im feeling a bit jealous. Im feeling bummed...

Answered: 1 week ago

Question

B What are Jamies ethical responsibilities here? Has your friend been listening to you? Should Jamie have been able to sense your sensitivity about the situation from the way youve responded?

Answered: 1 week ago

Previous Question Next Question