Homework Help is Here – Start Your Trial Now!
Engineering
Computer Science
write a custom Snort rule to handle Inbound and Outbound HTTP traffic on the Private  (Host-Only) network. Upload a screen shot of the Snort console displaying the alerts.   In this exercise, we are going to create two Snort monitoring rules that will be used to alert on HTTP network traffic for both Inbound and Outbound traffic. Remember, Inbound rules are those rules whose destination is to your internal network (HOME_NET), outbound rules are directed out of your internal network (!HOME_NET). When you use “any” there is no distinction on whether a rule is Inbound or Outbound. When using Inbound/Outbound to describe local traffic, traffic generated on the same network (as in this lab on VMnet-1), the Inbound reference is to your client system that is running snort the Outbound reference is to the HTTP server. You should now understand a little bit about custom rules, so given the following rule: alert tcp any any -> any 80 (msg:"TCP HTTP Testing Rule"; sid:1000004;) You should be able to determine that it will alert on “any” client messages destined for “any” HTTP server using port 80. In this exercise, you will write two rules, which will result in the following output being displayed in the figure below:  To perform this exercise, you will do the following: 1. Create an Inbound HTTP rule for all clients to all servers 2. Create an Outbound HTTP rule for all servers to all clients 3. Use the exact alert message as listed in the figure above a. "TCP HTTP Inbound (from server) Testing Rule" b. "TCP HTTP outbound (from client) Testing Rule" 4. Apply these rules to the local.rules file 5. Startup your DSL server (configured for the VMNet1 adapter) and enable Monkey-Web 6. Start snort to listen on the VMNet1 network 7. Using your Windows client browser, go to the DSL Web page http:// 8. Record your results in a screen shot that you will submit in the assignment quiz

write a custom Snort rule to handle Inbound and Outbound HTTP traffic on the Private  (Host-Only) network. Upload a screen shot of the Snort console displaying the alerts.   In this exercise, we are going to create two Snort monitoring rules that will be used to alert on HTTP network traffic for both Inbound and Outbound traffic. Remember, Inbound rules are those rules whose destination is to your internal network (HOME_NET), outbound rules are directed out of your internal network (!HOME_NET). When you use “any” there is no distinction on whether a rule is Inbound or Outbound. When using Inbound/Outbound to describe local traffic, traffic generated on the same network (as in this lab on VMnet-1), the Inbound reference is to your client system that is running snort the Outbound reference is to the HTTP server. You should now understand a little bit about custom rules, so given the following rule: alert tcp any any -> any 80 (msg:"TCP HTTP Testing Rule"; sid:1000004;) You should be able to determine that it will alert on “any” client messages destined for “any” HTTP server using port 80. In this exercise, you will write two rules, which will result in the following output being displayed in the figure below:  To perform this exercise, you will do the following: 1. Create an Inbound HTTP rule for all clients to all servers 2. Create an Outbound HTTP rule for all servers to all clients 3. Use the exact alert message as listed in the figure above a. "TCP HTTP Inbound (from server) Testing Rule" b. "TCP HTTP outbound (from client) Testing Rule" 4. Apply these rules to the local.rules file 5. Startup your DSL server (configured for the VMNet1 adapter) and enable Monkey-Web 6. Start snort to listen on the VMNet1 network 7. Using your Windows client browser, go to the DSL Web page http:// 8. Record your results in a screen shot that you will submit in the assignment quiz

Database System Concepts
Database System Concepts
7th Edition
ISBN:9780078022159
Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Chapter1: Introduction
Section: Chapter Questions
Problem 1PE
See similar textbooks
icon
Related questions
Question

write a custom Snort rule to handle Inbound and Outbound HTTP traffic on the Private  (Host-Only) network. Upload a screen shot of the Snort console displaying the alerts.

 

In this exercise, we are going to create two Snort monitoring rules that will be used to alert on HTTP
network traffic for both Inbound and Outbound traffic. Remember, Inbound rules are those rules whose
destination is to your internal network (HOME_NET), outbound rules are directed out of your internal
network (!HOME_NET). When you use “any” there is no distinction on whether a rule is Inbound or
Outbound. When using Inbound/Outbound to describe local traffic, traffic generated on the same
network (as in this lab on VMnet-1), the Inbound reference is to your client system that is running snort
the Outbound reference is to the HTTP server.
You should now understand a little bit about custom rules, so given the following rule:
alert tcp any any -> any 80 (msg:"TCP HTTP Testing Rule"; sid:1000004;)
You should be able to determine that it will alert on “any” client messages destined for “any” HTTP
server using port 80. In this exercise, you will write two rules, which will result in the following output
being displayed in the figure below: 

To perform this exercise, you will do the following:

1. Create an Inbound HTTP rule for all clients to all servers

2. Create an Outbound HTTP rule for all servers to all clients

3. Use the exact alert message as listed in the figure above a. "TCP HTTP Inbound (from server) Testing Rule" b. "TCP HTTP outbound (from client) Testing Rule"

4. Apply these rules to the local.rules file

5. Startup your DSL server (configured for the VMNet1 adapter) and enable Monkey-Web

6. Start snort to listen on the VMNet1 network

7. Using your Windows client browser, go to the DSL Web page http://

8. Record your results in a screen shot that you will submit in the assignment quiz

Expert Solution
trending now

Trending now

This is a popular solution!

steps

Step by step

Solved in 3 steps with 2 images

SEE SOLUTIONCheck out a sample Q&A here
Blurred answer
Knowledge Booster
Hyperlinks
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.
Similar questions
  • SEE MORE QUESTIONS
Recommended textbooks for you
Database System Concepts
Database System Concepts
Computer Science
ISBN:
9780078022159
Author:
Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:
McGraw-Hill Education
Starting Out with Python (4th Edition)
Starting Out with Python (4th Edition)
Computer Science
ISBN:
9780134444321
Author:
Tony Gaddis
Publisher:
PEARSON
Digital Fundamentals (11th Edition)
Digital Fundamentals (11th Edition)
Computer Science
ISBN:
9780132737968
Author:
Thomas L. Floyd
Publisher:
PEARSON
C How to Program (8th Edition)
C How to Program (8th Edition)
Computer Science
ISBN:
9780133976892
Author:
Paul J. Deitel, Harvey Deitel
Publisher:
PEARSON
Database Systems: Design, Implementation, & Manag…
Database Systems: Design, Implementation, & Manag…
Computer Science
ISBN:
9781337627900
Author:
Carlos Coronel, Steven Morris
Publisher:
Cengage Learning
Programmable Logic Controllers
Programmable Logic Controllers
Computer Science
ISBN:
9780073373843
Author:
Frank D. Petruzella
Publisher:
McGraw-Hill Education
SEE MORE TEXTBOOKS