Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

write the following two rules, and test in Snort (restart bat file). Find the sn

ID: 3857563 • Letter: W

Question

write the following two rules, and test in Snort (restart bat file). Find the snort Signature/rules.

Description

Snort Signature

Alert for any ICMP traffic coming from any IP addresses and any port to your host computer (any port)

??

Alert for any TCP traffic coming from any IP addresses and any port to your host computer (any port)

??

Drop packet for any UDP traffic coming from any IP address and any port to your host computer (any port)

??

Description

Snort Signature

Alert for any ICMP traffic coming from any IP addresses and any port to your host computer (any port)

??

Alert for any TCP traffic coming from any IP addresses and any port to your host computer (any port)

??

Drop packet for any UDP traffic coming from any IP address and any port to your host computer (any port)

??

Explanation / Answer

Snort is a Free and Open Source Network Intrusion Prevention and Detection System.
It is capable of performing real time traffic analysis and packet logging on IP networks.
Alert rules – It generates an alert using alert method.
Pass rules – It ignore the packet and Drop it.
ICMP (Internet control message protocol) – It is used in windows to send network error messages
TCP (Transmission control protocol) – It is used to connect two different hosts and exchange data between them.
UDP (User datagram protocol) – It is used to broadcasting messages over the internet.


Alert for any ICMP traffic coming from any IP addresses and any port to your host computer (any port)
alert icmp 192.168.1.35 any -> any any (msg:"Traffic from 192.168.1.35";)

Alert for any TCP traffic coming from any IP addresses and any port to your host computer (any port)
alert tcp 192.168.1.35 any -> any any (msg:"Traffic from 192.168.1.35";)

Drop packet for any UDP traffic coming from any IP address and any port to your host computer (any port)
log udp any any -> 192.168.1.0/24 1:1024

Related Questions

write the asm code fragment that performs the indicated task or function. write
Question #3579912
write the assembly program Question 2 Transform the following “C” program into a
Question #3775290
write the assignment about the \" Omnidirectional (Bow tie) antenna\" MINI PROJE
Question #385313
write the asswer on a paper plz for the diee e1 Find 2. According to an article
Question #3396179
write the balance equation for the preparation of Tris(thiourea)copper(I)chlorid
Question #954731
write the balanced chemical equation for the oxidation of magnesium to form magn
Question #883822
write the balanced chemical reaction equation for the neutralization reaction th
Question #1030599
write the balanced formula, complete ionic, and net ionic equations for the reac
Question #606284

Navigate

Previous
write the following questions as queries in Relational Algebra. Use only operato
Next
write the formula of an ionic compound (using the symbols X and Y) derived from:

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.