CSCI 3403 Assignment 10Consider the SNORT rule:alert tcp $HOME_NET any <> $EXTERNAL_NET 6666:7000 (msg:"CHAT IRC message"; flow:established; content:"PRIVMSG "; nocase; classtype:policy-violation; sid:1463; rev:6;)Explain what the snort rule does by answering:1) What type of connections would the rule apply to?2) What type of traffic is being monitored?3) Is there any additional requirement on the traffic?RQ 8.4Describe the three logical components of an IDS.RQ 8.8Explain the base-rate fallacy.
Want to read all 4 pages?
Want to read all 4 pages?
You've reached the end of your free preview.
Want to read all 4 pages?
- Spring '18
- Transmission Control Protocol, Simple Mail Transfer Protocol, network packets
