Analyze snort or pcap data from a public wifi hotspot, Computer Networking

Assignment Help:

The project idea is: Analyze Snort or PCAP data from a public WIFI hotspot (describe traffice seen and what it is, protocols, ports, etc).

This is what is expected. Initially runt the PCAP data into snort. Analyze the results (how many alerts, what type of alerts) Further analyze each alert (if alerts are redundant you don't have to reanalyze) to determine if it is a false positive or a real attack detected. If real why. List what resources you used to come up with that determination. Also to help with analysis you can send the same PCAP file to Netwitness to get another view...for instance what was the bad client doing 1-2 minutes BEFORE the alert went off? Is it related to the alert, can you map out a drive-by web attack for instance. Wireshark can also help in this space as SNORT will only tell you bad things...and not always the root CAUSE of the alert. Documenting the analysis and outcomes of alerts should reach the paper minimums...

Anyway I went to Starbucks and I captured PCAP data from their public WIFI by using Wireshark, so you will work on it. I have uploaded it.

Then, you need to use Backtrack 4 to analyze this data and you will get 12unique alerts (I am going to show how to do this).

First step after start backtrack is the following:

Go to start menu in backtrack, choose  Services , Snot then click on Setup and Initialise Snort 

2042_Analyze Snort or PCAP data from a Public WIFI Hotspot.png

Then The following window will appear.


Related Discussions:- Analyze snort or pcap data from a public wifi hotspot

Explain in detail about wireless network, Explain in detail about wireless ...

Explain in detail about wireless network Think about unseen terminal problem. Imagine a wireless network consist of five stations, A through E, such that each one them is in r

eigrp finds its successor and feasible successor, Describe how EIGRP finds...

Describe how EIGRP finds its successor and feasible successor?

Memory pools-input and output pool-pci pool, Memory Pools IOS manages a...

Memory Pools IOS manages available free memory thorugh  memory pool series, which are essentially heaps in the generic sense; each pool is a set of memory blocks that can be al

What is data link of osi model, Q. What is data link of osi model? - Th...

Q. What is data link of osi model? - The data link layer offers access to the networking media and physical transmission across the media and this enables the data to locate it

Prepare the network of spanning tree protocol -ccna, Prepare the Network  ...

Prepare the Network  Step 1: Disable all ports by using the shutdown command. Ensure that the initial switch port states are inactive with the shutdown command. Use the inter

#incident response scenario, assignment is for incident response In this ...

assignment is for incident response In this final week, you will provide a short procedures document (2–3 pages) concerning the steps by which to prepare for and execute expert te

The world wide web http, The World  Wide Web HTTP The Hyper text Tran...

The World  Wide Web HTTP The Hyper text Transfer Protocols( HTTP) is a protocols  used mainly to  access data on the world  wide  web. HTTP functions as a carbonation of FTP(

Shortest path - network layer and routing , Shortest path  The  dijkst...

Shortest path  The  dijkstra algorithms  four steps to discover what it called  the shortest path  tree . a.The algorithm  beings  to build  the tree identifying  its root.

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd