Using the following snort rule as a model, write one rule that would detect all of the packets shown: alert tcp any 8O -> any any (msg:"LOCAL my message"; content:"my content"; nocase; sid:1000110; rev:1;) Write a rule which will match all the following: 1. 64.12.10.32:8437 -> 204.126.133.22:80 GET /item.php? id=2&and&1=1 2. 64.12.10.47:8435 -> 204.126.133.22:80 GET /admin/sql/item.php? id=2/Setup.php 3. 64.12.10.2:8439 -> 204.126.133.22:80 GET /admin/login/item.php? id=2/userinfo.php 4. 64.12.10.18:2173 -> 204.126.133.23:80 POST /admin/adduser? item.php?id=D2 5. 64.12.11.2:2174 -> 204.126.133.23:80 GET /php2-1- 1/admin/item.php?1=1

Database System Concepts
7th Edition
ISBN:9780078022159
Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Chapter1: Introduction
Section: Chapter Questions
Problem 1PE
icon
Related questions
Question
**Instructions for Writing a Snort Rule**

Using the following Snort rule as a model, write one rule that would detect all of the packets shown:

```
alert tcp any 80 -> any any (msg:”LOCAL my message”; content:”my content”; nocase; sid:1000110; rev:1;)
```

**Task: Write a rule which will match all the following packets:**

1. **Packet 1:**  
   - Source: `64.12.10.32:8437`
   - Destination: `204.126.133.22:80`
   - HTTP Method: `GET`
   - URI: `/item.php?id=2&and&1=1`
   
2. **Packet 2:**  
   - Source: `64.12.10.47:8435`
   - Destination: `204.126.133.22:80`
   - HTTP Method: `GET`
   - URI: `/admin/sql/item.php?id=2/Setup.php`
   
3. **Packet 3:**  
   - Source: `64.12.10.2:8439`
   - Destination: `204.126.133.22:80`
   - HTTP Method: `GET`
   - URI: `/admin/login/item.php?id=2/userinfo.php`
   
4. **Packet 4:**  
   - Source: `64.12.10.18:2173`
   - Destination: `204.126.133.23:80`
   - HTTP Method: `POST`
   - URI: `/admin/adduser?item.php?id=2`
   
5. **Packet 5:**  
   - Source: `64.12.11.2:2174`
   - Destination: `204.126.133.23:80`
   - HTTP Method: `GET`
   - URI: `/php2-1-1/admin/item.php?1=1`

**Solution: Insert your answer below:**

Answer:
Transcribed Image Text:**Instructions for Writing a Snort Rule** Using the following Snort rule as a model, write one rule that would detect all of the packets shown: ``` alert tcp any 80 -> any any (msg:”LOCAL my message”; content:”my content”; nocase; sid:1000110; rev:1;) ``` **Task: Write a rule which will match all the following packets:** 1. **Packet 1:** - Source: `64.12.10.32:8437` - Destination: `204.126.133.22:80` - HTTP Method: `GET` - URI: `/item.php?id=2&and&1=1` 2. **Packet 2:** - Source: `64.12.10.47:8435` - Destination: `204.126.133.22:80` - HTTP Method: `GET` - URI: `/admin/sql/item.php?id=2/Setup.php` 3. **Packet 3:** - Source: `64.12.10.2:8439` - Destination: `204.126.133.22:80` - HTTP Method: `GET` - URI: `/admin/login/item.php?id=2/userinfo.php` 4. **Packet 4:** - Source: `64.12.10.18:2173` - Destination: `204.126.133.23:80` - HTTP Method: `POST` - URI: `/admin/adduser?item.php?id=2` 5. **Packet 5:** - Source: `64.12.11.2:2174` - Destination: `204.126.133.23:80` - HTTP Method: `GET` - URI: `/php2-1-1/admin/item.php?1=1` **Solution: Insert your answer below:** Answer:
Expert Solution
trending now

Trending now

This is a popular solution!

steps

Step by step

Solved in 2 steps with 2 images

Blurred answer
Knowledge Booster
Types of Protocols
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.
Similar questions
  • SEE MORE QUESTIONS
Recommended textbooks for you
Database System Concepts
Database System Concepts
Computer Science
ISBN:
9780078022159
Author:
Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:
McGraw-Hill Education
Starting Out with Python (4th Edition)
Starting Out with Python (4th Edition)
Computer Science
ISBN:
9780134444321
Author:
Tony Gaddis
Publisher:
PEARSON
Digital Fundamentals (11th Edition)
Digital Fundamentals (11th Edition)
Computer Science
ISBN:
9780132737968
Author:
Thomas L. Floyd
Publisher:
PEARSON
C How to Program (8th Edition)
C How to Program (8th Edition)
Computer Science
ISBN:
9780133976892
Author:
Paul J. Deitel, Harvey Deitel
Publisher:
PEARSON
Database Systems: Design, Implementation, & Manag…
Database Systems: Design, Implementation, & Manag…
Computer Science
ISBN:
9781337627900
Author:
Carlos Coronel, Steven Morris
Publisher:
Cengage Learning
Programmable Logic Controllers
Programmable Logic Controllers
Computer Science
ISBN:
9780073373843
Author:
Frank D. Petruzella
Publisher:
McGraw-Hill Education