Answered step by step
Verified Expert Solution
Question
1 Approved Answer
Internet TIR 10 252.1 204 10.252.151 10.252.1.75 10.252 247 DMZ 10/2824232 101214 10.159 HONE 10.2017 10.252.6.186 10 B 10 252.5.90 107252410 102526.161 10.22.13 1020204110 102528171
Internet TIR 10 252.1 204 10.252.151 10.252.1.75 10.252 247 DMZ 10/2824232 101214 10.159 HONE 10.2017 10.252.6.186 10 B 10 252.5.90 107252410 102526.161 10.22.13 1020204110 102528171 10.2007 10.252.9 101 BAHAGIAN LO 202430 10221 10252 SBO Internal OPS Receiving Shipping CH 10.252 539 10252.3.239 10.25293 102222 10 252 8.43 26T E ZSE OT MUN ( 10.252.9.95 1022294 10252 8 143 TOT E ZSZ OI 10.252.9.219 SAN 10.152 245 10252 8 207 10 252.3.230 10.252.9.137 10.2522221 10 252 2130 10 252 3.212 OSZ 6 ZSZ OT 10.2522.99 Shipping IT HR Finance Given the image above, complete the signature rule for the following: Write a snort rule that will ignore connection attempts from all network segments to the DMZ. Assume the use of IPv4 addresses. DO NOT use snort variables ($HOME_NET) as you would normally find in the snort.conf file. Include CIDR notation for a range of addresses when necessary. When a service supports both TCP and UDP assume TCP. Use Section 1 for the rule action Use Section 2 for the protocol Use Section 3 for the source IP address Use Section 4 for the source port number Use Section 5 for the direction symbol (->, ) Use Section 6 for the destination IP address Use Section 7 for the destination port number Internet TIR 10 252.1 204 10.252.151 10.252.1.75 10.252 247 DMZ 10/2824232 101214 10.159 HONE 10.2017 10.252.6.186 10 B 10 252.5.90 107252410 102526.161 10.22.13 1020204110 102528171 10.2007 10.252.9 101 BAHAGIAN LO 202430 10221 10252 SBO Internal OPS Receiving Shipping CH 10.252 539 10252.3.239 10.25293 102222 10 252 8.43 26T E ZSE OT MUN ( 10.252.9.95 1022294 10252 8 143 TOT E ZSZ OI 10.252.9.219 SAN 10.152 245 10252 8 207 10 252.3.230 10.252.9.137 10.2522221 10 252 2130 10 252 3.212 OSZ 6 ZSZ OT 10.2522.99 Shipping IT HR Finance Given the image above, complete the signature rule for the following: Write a snort rule that will ignore connection attempts from all network segments to the DMZ. Assume the use of IPv4 addresses. DO NOT use snort variables ($HOME_NET) as you would normally find in the snort.conf file. Include CIDR notation for a range of addresses when necessary. When a service supports both TCP and UDP assume TCP. Use Section 1 for the rule action Use Section 2 for the protocol Use Section 3 for the source IP address Use Section 4 for the source port number Use Section 5 for the direction symbol (->, ) Use Section 6 for the destination IP address Use Section 7 for the destination port number
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started