Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Please share screenshots if possible 2. Write 6 snort rules There are several distinct packet signatures in the packet trace file. In the trace file,

image text in transcribed
image text in transcribedPlease share screenshots if possible
2. Write 6 snort rules There are several distinct packet signatures in the packet trace file. In the trace file, there are 30 packets total. Your task is to create 6 new snort rules that will uniquely identify the 6 different packet signatures. ' : You should use Wireshark to open the source file, read these data packets carefully. Many packets contain suspicious information, and write snort rules to alert them. Do not write two or more rules on the same type of packets. (For example, only one rule is for HTTP packets. That means do not write two separated rules for HTTP packets.). You should use contents or flags (or both) in the rule. You are encourage to define variables. One snort rule is already shown as an example (i.e., alert icmp any any-> 192.168.10.2 any (msg"ping detected": itype:: sid:999:). Since you were already provided with the example snort rule, you need to "comment out" that the example rule in the CST4710_rules file by putting the "#" at the beginning of the line in front of the word "alert". Look though the packet

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Creating A Database In Filemaker Pro Visual QuickProject Guide

Authors: Steven A. Schwartz

1st Edition

0321321219, 978-0321321213

Students also viewed these Databases questions