- 1 Compare The Following Ids Snort Bro And Suricata Focusing On Capacities Location Host Or Network Based A Para 1 (36.15 KiB) Viewed 13 times
1) Compare the following IDS: Snort, Bro and Suricata, focusing on capacities, location (Host or Network -based) (a para
-
answerhappygod
- Site Admin
- Posts: 899603
- Joined: Mon Aug 02, 2021 8:13 am
1) Compare the following IDS: Snort, Bro and Suricata, focusing on capacities, location (Host or Network -based) (a para
1) Compare the following IDS: Snort, Bro and Suricata, focusing on capacities, location (Host or Network -based) (a paragraph for each or a table highlighting their difference and similarities. 2) Explain what does it mean when an IDS is located at the Host or the Network. What information can you obtain from each type of IDS? 3) Given the following Sort rule, describe what it does? alert tcp $EXTERNAL_NET any-> 10.200.0.0/24 80 (msg: "WEB-IIS CodeRed v2 root.exe access"; flow:to_server,established; uricontent:"/root.exe"; nocase; classtype:web application-attack; reference:url,www.cert.org/advisories/CA-2001 19.html; sid:1255; rev:7;) Url to assist: Snort Basics: How to Read and Write Snort Rules, Part 1 (hackers-arise.com) 4) Explain the capabilities of Tripwire and compare it to Snort.