User Account

All Pages

Create the necessary ruleset to use within snort to fire

Assignment Help Computer Engineering
Reference no: EM131291771

Computer: Intrusion Prevention Snort

The Scenario: Assume that you are a security analyst working for a medium-sized company where many employees use computers connected to the Internet (as well as to the internal company LAN of course) as part of their daily job functions. Your company has implemented an acceptable-use policy for all employees that includes a general prohibition on using company computing resources to conduct inappropriate activities, such as downloading copyrighted music and videos, participating in online gambling, visiting "adult-oriented" web sites, and posting sensitive company information to blogs, message boards, or similar sites. Your company is considering deploying content-filtering software to help enforce this policy, but is not sure whether the cost and potentially over-broad restrictions imposed by the software would be justified. As a knowledgeable security analyst, you voice an educated opinion that you can use Snort, the company's chosen NIDS tool, to help monitor network activity and provide information that might support a decision about whether content filtering software is warranted.

The Assignment: Pick a web site that fits one or more of the prohibited categories above (or something similarly likely to fall on the wrong side of "acceptable use"), and create the necessary ruleset to use within Snort to fire an alert whenever an attempt is made to connect to, access, browse, or otherwise visit the site you have chosen. Stated simply, you want to be alerted if any internal network user tries to access the site you have chosen. Set up your ruleset and your Snort configuration to load the rule in Snort. Then, with Snort running and including your ruleset, open a browser and visit the prohibited site you have chosen. Verify that your rule fires when this happens. Your completed homework assignment should contain the following:

1. The "unacceptable" site you selected.

2. The ruleset created to detect attempts to visit the site.

3. The Snort output produced when the rule fired and the alert was generated (a screenshot of the terminal window showing Snort running with console output or a copy of the ASCII log file is sufficient).

Reference no: EM131291771

Questions Cloud

Summarize the article an area of psychology : Explain how this career aligns with your professional interests.Describe how you would develop your skills in this field based on the information in the article and your readings.
Locate a recent report discussing an internet sex crime : Locate a recent report discussing an internet sex crime. Describe the report in detail, along with your reaction to the event.
Application and database services to users : Please read this in its entirety before answering. Please provide references also. Many organizations are using cloud services to provide application and database services to their users and their customers.
Prepare a swot matrix and a space matrix : Prepare a SWOT Matrix, a SPACE Matrix, BCG Matrix, IE Matrix, and Grand Strategy Matrix for the assigned company.
Create the necessary ruleset to use within snort to fire : Create the necessary ruleset to use within Snort to fire an alert whenever an attempt is made to connect to, access, browse, or otherwise visit the site you have chosen.
Discuss about the counseling psychology : Discuss about the Counseling Psychology.Comparison of salaries at the entry level to the tenured employee level Field: Counseling Psychology
Type of architecture the new payroll application : Explain what type of architecture the new payroll application should use and why. Identify what types of technology will be involved in the architecture and explain the purpose of each technology. Create a graphical representation of your recommended..
Calculate and display mortgage payments : Let the user decide on the down payment percentage amount to use. Calculate and display mortgage payments for both a 20-year and a 30-year loan, to allow the user to compare them.
Create an organizational chart to represent ideal structure : Create an organizational chart to represent the ideal structure for your current organization.- The benefits of the selected structure.

Reviews

Write a Review

Computer Engineering Questions & Answers

  While initially the focus was on implementation of the

you have been hired by a large company with branch offices around the country to assist with rollout of a new

  Explain what is an xml element

How can I make my existing HTML files work with XML?explain What is an XML element.

  Explain two specific products from different vendors

At this point, you have been introduced to various security tools. You are to take one of the five identified categories of tools and identify two specific products from different vendors.

  Make a local area network plan for taylor & sons

make a plan to set up a local area network based on the scenario presented in Appendix A.

  Visual logic assignment

Write down a program having a procedure that draws a shape of your choice. The program must call the procedure 10 times in order to draw the shape at 10 random locations.

  Use a one-dimensional array to solve

make Use of a one-dimensional array to solve the following problem: Write an application that inputs five numbers, each of which is between 10 and 100, inclusive.

  Design a dedicated datapath for inputting three 8-bit

design a dedicated datapath for inputting three 8-bit unsigned numbers and then output the. largest number followed by

  Algorithm for computing a topological ordering of a dag

But assume that we're given an arbitrary graph that may or may not be a DAG. Extend the topological ordering algorithm so that given an input directed graph G it outputs one of two thing.

  Explain how could a trusted computing base tcb function in

the bloom design group similarly to other company which uses computer systems in day to day functions would

  Explain the difference between source and object code

When negotiating with a vendor of a package, one of the stipulations you may make is that the vendor supply the source code.

  How to plan a wan network linking a toy manufacturing plant

How to plan a WAN network linking a toy manufacturing plant? Plan a WAN network linking a toy manufacturing plant (located in Dallas Texas) with two division centres (Los Angeles, California and Pittsburgh, Pennsylvania)

  Identify each of the standard code sets for diagnoses

Identify and briefly describe each of the standard code sets for diagnoses, laboratory tests, procedures, medications and clinical reasoning including the purpose of the codeset.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd