Database System Concepts
7th Edition
ISBN: 9780078022159
Author: Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher: McGraw-Hill Education
expand_more
expand_more
format_list_bulleted
Related questions
Question
write a custom Snort rule to handle Inbound and Outbound HTTP traffic on the Private (Host-Only) network. Upload a screen shot of the Snort console displaying the alerts.
In this exercise, we are going to create two Snort monitoring rules that will be used to alert on HTTP
network traffic for both Inbound and Outbound traffic. Remember, Inbound rules are those rules whose
destination is to your internal network (HOME_NET), outbound rules are directed out of your internal
network (!HOME_NET). When you use “any” there is no distinction on whether a rule is Inbound or
Outbound. When using Inbound/Outbound to describe local traffic, traffic generated on the same
network (as in this lab on VMnet-1), the Inbound reference is to your client system that is running snort
the Outbound reference is to the HTTP server.
You should now understand a little bit about custom rules, so given the following rule:
alert tcp any any -> any 80 (msg:"TCP HTTP Testing Rule"; sid:1000004;)
You should be able to determine that it will alert on “any” client messages destined for “any” HTTP
server using port 80. In this exercise, you will write two rules, which will result in the following output
being displayed in the figure below:
To perform this exercise, you will do the following:
1. Create an Inbound HTTP rule for all clients to all servers
2. Create an Outbound HTTP rule for all servers to all clients
3. Use the exact alert message as listed in the figure above a. "TCP HTTP Inbound (from server) Testing Rule" b. "TCP HTTP outbound (from client) Testing Rule"
4. Apply these rules to the local.rules file
5. Startup your DSL server (configured for the VMNet1 adapter) and enable Monkey-Web
6. Start snort to listen on the VMNet1 network
7. Using your Windows client browser, go to the DSL Web page http://
8. Record your results in a screen shot that you will submit in the assignment quiz
Expert Solution
This question has been solved!
Explore an expertly crafted, step-by-step solution for a thorough understanding of key concepts.
This is a popular solution
Trending nowThis is a popular solution!
Step by stepSolved in 3 steps with 2 images
Knowledge Booster
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.Similar questions
- While in the Interactive mode of NETSH, we can switch between Contexts by simply typing the name of a context. For example, we can type Interface to go to the Interface Context or type Firewall to go to the Firewall Context. Group of answer choices True Falsearrow_forwardUse the winpractice file for the following exercises. Capture your filtered traffic to a file. Submit the file (with a .txt extension) and the full command you used. For Snort, submit the entire alert.1. Use Windump to filter on all echo reply packets.2. Use Windump to filter on all packets destined for 172.20.42.32. Do not use name resolution.3. Use Snort to alert on any tcp traffic with only the SYN and FIN flags set. Label the alert packets with an appropriate message.arrow_forwardMy final question on the day seems to be on properly slicing strings. Currently I have URL = input("Please enter the absolute URL: ")if URL.startswith("https"): print("Type: https")elif URL.startswith("http"): print("http") however I get stuck when trying to slice out the domain and path and the book is only showing simpler commands (startswith, endswith, find, count etc..), so I am unfamiliar with something more complex like URLParse which I saw elsewhere.arrow_forward
- Using traceroute write me a script that does the following, asks for your first name and last name, and asks you for an URL to a site on the Internet. perform a tracerroute to that address, then I want the program to indicate Hello <your name> The system <ip address> is alive (or) not alive. Attach the screenshots to your paper with three sentences about the screenshot. and post them to the thread.arrow_forwardIf you look at the docker-compose.yml file, you will find the following entries for the malicious router container. What are the purposes of these entries? Please change their value to 1, and launch the attack again. Please describe and explain your observation.arrow_forwardi am writing a nodejs login page ,that can read username and passeord from a json file . but my job cant work ,can someone help me see whats the problem in my code ? app.js const express = require('express'); const app = express(); const bodyParser = require('body-parser'); const fs = require('fs'); var createError = require('http-errors'); var express = require('express'); var path = require('path'); const session = require("express-session"); var cookieParser = require('cookie-parser'); var logger = require('morgan'); var app = express(); app.set('views', path.join(__dirname, 'views')); app.set('view engine', 'hbs'); app.use(logger('dev')); app.use(express.json()); app.use(express.urlencoded({ extended: false })); app.use(cookieParser()); app.use(express.static(path.join(__dirname, 'public'))); app.use(passport.initialize()); app.use(passport.session()); app.use(express.static('./public')); app.use(bodyParser.urlencoded({extended:false})) app.use(bodyParser.json());…arrow_forward
- Looking inside a script, you see this line: if [[ 'hostname' = 'bob' ]]; What is it doing? a) Nothing. It is trying to perform an integer comparison on a string. b) Checking to see whether the hostname command was successful. c) Changing the hostname to bob and checking to see whether that was successful. d) Checking to see whether the hostname is bob.arrow_forwardIn this programming assignment, you will implement the above ROS smart mobility system in city. create a service that the ROS service client node will send the GPS location of the autonomous vehicle. Consequently, the ROS service server will send back the current weather statusarrow_forwardAccomplish the following tasks involving SNORT rules: Add an appropriate rule options part to the following rule headeralert udp any any any 53 Add an appropriate rule header to the following rule options part(msg:”possible HTTP GET request”; sid:xxxxx; rev:y;) Write a complete rule header and rule options to detect an FTP connection attempt. Explain what the following rule does.alert tcp $HOME_NET 21 any any (msg:"FTP failed login";content:"Login or password incorrect"; sid:xxxxx; rev:y;)arrow_forward
- So my assignment is to display a chart as a webpage using phpMyAdmin running code out of visual studio code. When I try to run the page, which should display my chart, I get a mysqli_connect(): (HY000/1045): Access denied error message. Which I believe has something to do with the permissions in phpMyAdmin, but I don't know how to access that. Thoughts?arrow_forwardThis question is designed to gain more experience on symmetric encryption algorithms, encryption modes. The cryptographic library implemented by OpenSSL project will be used in this question. Using OpenSSL from the command line interface Create a new text file using a notepad or any other software, The text file contains your name(first 8 chars) and the file must be exactly 8 bytes in size only and name it “txt”. Print screen of your public ip address, repeat it twice and convert it to hexadecimal format then Create another text file and name it “key.txt” contains the doubled IP address in hexadecimal format. Encrypt the file “txt” using DES, using key.txt as a key and ECB mode of operation. The ciphertext should be in a file named “your_id.enc” and print screen your steps in details. [ Prove and explain by details that the avalanche effect is exist in DES algorithm. you don’t have check the existence of avalanche effect using different plaintext only you can use different keys to…arrow_forwardDuring CS 240, you developed a server for a family map. In order to make the server's functionality accessible to the client, you made use of a HttpServer object in conjunction with a collection of handlers. Which two AWS technologies have you found, when combined, to give functionality that is equal to that of the other technology? Briefly detail how these two technologies interact to allow clients to access functionality.arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Database System ConceptsComputer ScienceISBN:9780078022159Author:Abraham Silberschatz Professor, Henry F. Korth, S. SudarshanPublisher:McGraw-Hill Education
Starting Out with Python (4th Edition)Computer ScienceISBN:9780134444321Author:Tony GaddisPublisher:PEARSON
Digital Fundamentals (11th Edition)Computer ScienceISBN:9780132737968Author:Thomas L. FloydPublisher:PEARSON 
C How to Program (8th Edition)Computer ScienceISBN:9780133976892Author:Paul J. Deitel, Harvey DeitelPublisher:PEARSON
Database Systems: Design, Implementation, & Manag...Computer ScienceISBN:9781337627900Author:Carlos Coronel, Steven MorrisPublisher:Cengage Learning
Programmable Logic ControllersComputer ScienceISBN:9780073373843Author:Frank D. PetruzellaPublisher:McGraw-Hill Education
Database System Concepts
Computer Science
ISBN:9780078022159
Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:McGraw-Hill Education
Starting Out with Python (4th Edition)
Computer Science
ISBN:9780134444321
Author:Tony Gaddis
Publisher:PEARSON
Digital Fundamentals (11th Edition)
Computer Science
ISBN:9780132737968
Author:Thomas L. Floyd
Publisher:PEARSON
C How to Program (8th Edition)
Computer Science
ISBN:9780133976892
Author:Paul J. Deitel, Harvey Deitel
Publisher:PEARSON
Database Systems: Design, Implementation, & Manag...
Computer Science
ISBN:9781337627900
Author:Carlos Coronel, Steven Morris
Publisher:Cengage Learning
Programmable Logic Controllers
Computer Science
ISBN:9780073373843
Author:Frank D. Petruzella
Publisher:McGraw-Hill Education