Intrusion Detection & Response

Temple University

LAB 6

LAB 6 – Import PCAP

http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node8.html

https://security.stackexchange.com/questions/79970/how-to-run-a-snort-rule-over-pcap-file

  • Using the pcap file for lab 3, use snort to run and analyze the pcap file.
  • Create a rule that identifies the known attack from Lab 3.
  • Submit your log files on blackboard to show you completed the assignments. Please ensure that your logs have the following naming convention:  LastName-FirstInitial-Lab6

ALL LABS WILL BE SUBMITTED IN BLACKBOARD