User Account

All Pages

Create the necessary ruleset to use within snort to fire

Assignment Help Computer Engineering
Reference no: EM131291771

Computer: Intrusion Prevention Snort

The Scenario: Assume that you are a security analyst working for a medium-sized company where many employees use computers connected to the Internet (as well as to the internal company LAN of course) as part of their daily job functions. Your company has implemented an acceptable-use policy for all employees that includes a general prohibition on using company computing resources to conduct inappropriate activities, such as downloading copyrighted music and videos, participating in online gambling, visiting "adult-oriented" web sites, and posting sensitive company information to blogs, message boards, or similar sites. Your company is considering deploying content-filtering software to help enforce this policy, but is not sure whether the cost and potentially over-broad restrictions imposed by the software would be justified. As a knowledgeable security analyst, you voice an educated opinion that you can use Snort, the company's chosen NIDS tool, to help monitor network activity and provide information that might support a decision about whether content filtering software is warranted.

The Assignment: Pick a web site that fits one or more of the prohibited categories above (or something similarly likely to fall on the wrong side of "acceptable use"), and create the necessary ruleset to use within Snort to fire an alert whenever an attempt is made to connect to, access, browse, or otherwise visit the site you have chosen. Stated simply, you want to be alerted if any internal network user tries to access the site you have chosen. Set up your ruleset and your Snort configuration to load the rule in Snort. Then, with Snort running and including your ruleset, open a browser and visit the prohibited site you have chosen. Verify that your rule fires when this happens. Your completed homework assignment should contain the following:

1. The "unacceptable" site you selected.

2. The ruleset created to detect attempts to visit the site.

3. The Snort output produced when the rule fired and the alert was generated (a screenshot of the terminal window showing Snort running with console output or a copy of the ASCII log file is sufficient).

Reference no: EM131291771

Questions Cloud

Summarize the article an area of psychology : Explain how this career aligns with your professional interests.Describe how you would develop your skills in this field based on the information in the article and your readings.
Locate a recent report discussing an internet sex crime : Locate a recent report discussing an internet sex crime. Describe the report in detail, along with your reaction to the event.
Application and database services to users : Please read this in its entirety before answering. Please provide references also. Many organizations are using cloud services to provide application and database services to their users and their customers.
Prepare a swot matrix and a space matrix : Prepare a SWOT Matrix, a SPACE Matrix, BCG Matrix, IE Matrix, and Grand Strategy Matrix for the assigned company.
Create the necessary ruleset to use within snort to fire : Create the necessary ruleset to use within Snort to fire an alert whenever an attempt is made to connect to, access, browse, or otherwise visit the site you have chosen.
Discuss about the counseling psychology : Discuss about the Counseling Psychology.Comparison of salaries at the entry level to the tenured employee level Field: Counseling Psychology
Type of architecture the new payroll application : Explain what type of architecture the new payroll application should use and why. Identify what types of technology will be involved in the architecture and explain the purpose of each technology. Create a graphical representation of your recommended..
Calculate and display mortgage payments : Let the user decide on the down payment percentage amount to use. Calculate and display mortgage payments for both a 20-year and a 30-year loan, to allow the user to compare them.
Create an organizational chart to represent ideal structure : Create an organizational chart to represent the ideal structure for your current organization.- The benefits of the selected structure.

Reviews

Write a Review

Computer Engineering Questions & Answers

  Questionwrite down a function that creates a cell array and

questionwrite down a function that creates a cell array and structure array and populate them with data about element

  Create a function to print valid phone book entries

Create a function to print valid phone book entries. Do not display phone book entries that are invalid or NULL (0). You can assume that all people have unique names.

  Define the ietf approach achieved ascendancy

express advantages/disadvantages of open vs. proprietary approaches to developing Internet protocol standards.

  What is the break-even point for the upgrades

What is the break-even point for the upgrades? That is, what price would be charged for both upgrades to make their cost and performance improvement equal?

  Detecting hidden files on suspect drive with forensics tools

What procedures are used by the suspect in order to hide the files on suspect drive, or formatted media and how does computer forensics investigator examine the hidden, password protected or the encrypted files with forensics tools?

  Problem 1consider two different machines the first has a

problem 1consider two different machines. the first has a single cycle datapath i.e. a single stage non-pipelined

  List several of the technical requirements placed

List several of the technical requirements placed on software applications (§ 1194.21) and web-based applications (§ 1194.22), then explain the purpose each serves.

  Shows how the it and biblical concepts are related

Create a document which shows how the IT and Biblical concepts are related. (What are the similarities between these ideas?)

  Write a step-by-step plan including comments that reflect

write a step-by-step plan including comments that reflect changes to the machine state to solvequestion 1. input a b

  Desktop computers in a small company of 32 employees

Your job is to support desktop computers in a small company of 32 employees. A consulting firm is setting up a private Web server to be used internally by company employees.

  Give a real-life application in which you manipulate the

question 1 provide a real-life application in which you manipulate data in string or array format. describe the

  Define how contextual links would benefit the site

One of the most powerful hypertext capabilities is the the contextual link. Wikipedia.com is a great example of a site that utilizes contextual links. Provide the link for a site that successfully uses contextual links, and find one site that does..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd