Already have an account? Get multiple benefits of using own account!
Login in your account..!
Remember me
Don't have an account? Create your account in less than a minutes,
Forgot password? how can I recover my password now!
Enter right registered email to receive password!
The project idea is: Analyze Snort or PCAP data from a public WIFI hotspot (describe traffice seen and what it is, protocols, ports, etc).
This is what is expected. Initially runt the PCAP data into snort. Analyze the results (how many alerts, what type of alerts) Further analyze each alert (if alerts are redundant you don't have to reanalyze) to determine if it is a false positive or a real attack detected. If real why. List what resources you used to come up with that determination. Also to help with analysis you can send the same PCAP file to Netwitness to get another view...for instance what was the bad client doing 1-2 minutes BEFORE the alert went off? Is it related to the alert, can you map out a drive-by web attack for instance. Wireshark can also help in this space as SNORT will only tell you bad things...and not always the root CAUSE of the alert. Documenting the analysis and outcomes of alerts should reach the paper minimums...
Anyway I went to Starbucks and I captured PCAP data from their public WIFI by using Wireshark, so you will work on it. I have uploaded it.
Then, you need to use Backtrack 4 to analyze this data and you will get 12unique alerts (I am going to show how to do this).
First step after start backtrack is the following:
Go to start menu in backtrack, choose Services , Snot then click on Setup and Initialise Snort
Then The following window will appear.
FDDI Media Access Control Unlike CSMA/CD networks such like Ethernet token-passing networks are deterministic--you are able to calculate the maximum time that will pass before
master construct #include extern float average(float,float,float); void master_construct ( float* x, float* xold, int n, float tol ) { int c, i, toobig; floa
Suppose that frames are 1250 bytes long including 25 bytes of overhead. Also assume that ACK frames are 25 bytes long. Calculate the efficiency of stop-and-wait ARQ (a) Transmits a
What is NOS? NOS, or Network Operating System, are specialized software whose major task is to give network connectivity to a computer in order for it to be able to converse wi
Disadvantages of IP sec Tunnelling mode IP sec tunnelling mode has the following disadvantage a.Encryption of small packets generates a lot networks over head thu
Introduction To Parallel Programming After getting an enormous breakthrough in the serial programming and figuring out its limitations, academicians and computer professionals
Link State Packet When a router floods the network with information about its neighbourhood. It is said to be advertising. The basis of this advertising is a short pack
Determine the working of LAN within a corporate network It should be very clear right from the beginning that a firewall is not simply for protecting a corporate network from u
Q. Describe Differential Manchester? - Inversion at middle of bit interval is utilized for synchronization - Presence or else absence of additional transition at beginning o
Q. Explain physical layer of Osi reference model? - The physical layer deals among the physical characteristics of the transmission medium. - It defines the mechanical, elec
Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!
whatsapp: +91-977-207-8620
Phone: +91-977-207-8620
Email: [email protected]
All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd