Already have an account? Get multiple benefits of using own account!
Login in your account..!
Remember me
Don't have an account? Create your account in less than a minutes,
Forgot password? how can I recover my password now!
Enter right registered email to receive password!
The project idea is: Analyze Snort or PCAP data from a public WIFI hotspot (describe traffice seen and what it is, protocols, ports, etc).
This is what is expected. Initially runt the PCAP data into snort. Analyze the results (how many alerts, what type of alerts) Further analyze each alert (if alerts are redundant you don't have to reanalyze) to determine if it is a false positive or a real attack detected. If real why. List what resources you used to come up with that determination. Also to help with analysis you can send the same PCAP file to Netwitness to get another view...for instance what was the bad client doing 1-2 minutes BEFORE the alert went off? Is it related to the alert, can you map out a drive-by web attack for instance. Wireshark can also help in this space as SNORT will only tell you bad things...and not always the root CAUSE of the alert. Documenting the analysis and outcomes of alerts should reach the paper minimums...
Anyway I went to Starbucks and I captured PCAP data from their public WIFI by using Wireshark, so you will work on it. I have uploaded it.
Then, you need to use Backtrack 4 to analyze this data and you will get 12unique alerts (I am going to show how to do this).
First step after start backtrack is the following:
Go to start menu in backtrack, choose Services , Snot then click on Setup and Initialise Snort
Then The following window will appear.
What is mesh network? A network in which there are many network links among computers to provide multiple paths for data to travel.
Hardware requirement for an intranet To setup a WAN, one would need to have some type of communication between different sites. National ISDN, Very Small Aperture Terminal (VSA
Q. Show the TCP connections? Connection establishment Three-way handshake Why is two-way handshake not enough? Connection termination Four steps
Q. Quality of Service - multiplicative decrease? Quality of Service The collective consequence of service performance which determines the degree of satisfaction of a
Geo stationary satellite The satellite which is known as earth-orbiting satellite is called geo stationary satellite. The geo stationary satellite is placed directly over the e
Determine the benefits of security on internet or intranet Security has long been seen as a major threatening point in the implementation of the Internet or of Intranet technolog
Question: (a) Describe briefly the difference between flow control and congestion control in relation to a connection-oriented protocol such as TCP. (b) What is the initia
Virtual Private Network ( VPNs) When we use the internet or the risks to the security of our data arise. The solve the security problem a virtual private network used for
What is OSPF? It is an Internet routing protocol that scales well, can route traffic with multiple paths, and uses knowledge of an Internet's topology to make precise routing de
What is piggybacked ACK The protocol will be incorrect. Suppose that 3-bit sequence numbers we are using. Consider following situation: A just send frame 7. B gets frame
Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!
whatsapp: +91-977-207-8620
Phone: +91-977-207-8620
Email: [email protected]
All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd