Sguil investigation report

Closed Posted 3 years ago Paid on delivery
Closed Paid on delivery

Open Sguil and select a Snort event that was generated when you ran sudo so-test. (This invokes tcpreplay on some bundled pcap files.)

Perform the following set of tasks, documenting the ones indicated with screen shots.

(Screen shot) Display all related events for the one you selected.

(Screen shot) Select one and generate a transcript.

Provide the src and dst IPs and ports. Any DNS resolution? If so, list the FQDN.

(Screen shot) Open the event in NetworkMiner. Are there any artifacts such as files, images, or credentials? If so, list them.

Summarize the sequence of events and indicate whether this event should be escalated to the level of an incident.

Housekeeping: Don’t forget to delete the .tmp file that was generated as part of your review.

Internet Security Computer Security Web Security

Project ID: #25319102

About the project

1 proposal Remote project Active 3 years ago

1 freelancer is bidding on average $100 for this job

ahmostafa0

Hi, I am Cisco CCIE#64534 Sr. Network engineer and I have an excellent hands on experience on this and i can accomplish, deliver it maximum in 1 days. Qualifications: -CCIE DC #64534 -SD-WAN -SD-Access(DNA) - CCNA ( More

$100 USD in 1 day
(23 Reviews)
4.7