User Account

All Pages

How ddos attacks may be detected and alerted using snort

Assignment Help Computer Engineering
Reference no: EM131744091

Assignment

1. Describe how Distributed Denial-of-service (DDoS) attacks such as smurf attack may be detected and alerted using Snort.

2. Explain the following Snort rule. What sort of attack is it intended to detect? What network traffic pattern information is it looking for?

3. Write a rule using Snort syntax to detect an internal user executing a Windows "tracert" command to identify the network path to an external destination. What changes, if any, would you need to make to this rule to make it also work for a Unix/Linux "traceroute"?

4. Most network IDS tools are designed to optimize performance analyzing traffic using a variety of protocols specific to TCP/IP wired networks. Describe at least two intrusion detection scenarios where specialized types of monitoring and analysis are called for, explaining what limitations exist in conventional NIDS that make them insufficient to provide effective intrusion detection in the environments corresponding to these scenarios.

5. What is a multi-event signature? Provide at least two examples of multi-event signature activities or patterns that might be monitored with an intrusion detection system.

6. Snort rule has a metadata field, with zero or more policy values. Describe currently available policy values along with explanations.

7. Describe what the "fast_pattern" modifier means in Snort rules. Also, explain the differences between "fast_pattern" and "fast_pattern:only" modifiers with examples.

8. Describe the meaning of the following content options used in a Snort rule with matching and unmatching examples:

content:"GET"; depth:3; content:"downloads"; distance:10; within:9;

9. Define and differentiate false positive and false negative. Which is worse, and why? Give one example of each, drawn from any context that demonstrates your understanding of the terms.

Reference no: EM131744091

Questions Cloud

Statements regarding the classroom management : statements regarding the classroom management as a whole
Describe the products sold by the company to consumers : Select a business involved in e-commerce and create a written report addressing the following about the company's business model.
How the inventory process relates to the revenue : Describe how the inventory process relates to the revenue and purchasing processes
Discuss the organizations internal strength and weaknesses : Your observation of the organization's Internal Strength and Weaknesses, External Opportunities and Threats
How ddos attacks may be detected and alerted using snort : Describe how Distributed Denial-of-service (DDoS) attacks such as smurf attack may be detected and alerted using Snort.
3d printing in the supply chain : List three opportunities for 3D printing in the supply chain. List three threats for 3D printing in the supply chain.
What is the future value on december : What is the future value on December 31, 2022, of 6 annual cash flows of $50,000 with the first cash flow being made on December 31, 2016
Discuss security implications and provide a brief overview : Discuss security implications, and provide a brief overview of the HIPAA Privacy Rule in your presentation
One of the barriers of communication : Describe an example of a time when you experienced one of the barriers of communication. For example, have you tried to communicate with someone

Reviews

Write a Review

Computer Engineering Questions & Answers

  Mathematics in computing

Binary search tree, and postorder and preorder traversal Determine the shortest path in Graph

  Ict governance

ICT is defined as the term of Information and communication technologies, it is diverse set of technical tools and resources used by the government agencies to communicate and produce, circulate, store, and manage all information.

  Implementation of memory management

Assignment covers the following eight topics and explore the implementation of memory management, processes and threads.

  Realize business and organizational data storage

Realize business and organizational data storage and fast access times are much more important than they have ever been. Compare and contrast magnetic tapes, magnetic disks, optical discs

  What is the protocol overhead

What are the advantages of using a compiled language over an interpreted one? Under what circumstances would you select to use an interpreted language?

  Implementation of memory management

Paper describes about memory management. How memory is used in executing programs and its critical support for applications.

  Define open and closed loop control systems

Define open and closed loop cotrol systems.Explain difference between time varying and time invariant control system wth suitable example.

  Prepare a proposal to deploy windows server

Prepare a proposal to deploy Windows Server onto an existing network based on the provided scenario.

  Security policy document project

Analyze security requirements and develop a security policy

  Write a procedure that produces independent stack objects

Write a procedure (make-stack) that produces independent stack objects, using a message-passing style, e.g.

  Define a suitable functional unit

Define a suitable functional unit for a comparative study between two different types of paint.

  Calculate yield to maturity and bond prices

Calculate yield to maturity (YTM) and bond prices

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd