Sguil investigation report
$10-30 USD
Paid on delivery
Open Sguil and select a Snort event that was generated when you ran sudo so-test. (This invokes tcpreplay on some bundled pcap files.)
Perform the following set of tasks, documenting the ones indicated with screen shots.
(Screen shot) Display all related events for the one you selected.
(Screen shot) Select one and generate a transcript.
Provide the src and dst IPs and ports. Any DNS resolution? If so, list the FQDN.
(Screen shot) Open the event in NetworkMiner. Are there any artifacts such as files, images, or credentials? If so, list them.
Summarize the sequence of events and indicate whether this event should be escalated to the level of an incident.
Housekeeping: Don’t forget to delete the .tmp file that was generated as part of your review.
Project ID: #25319102
About the project
1 freelancer is bidding on average $100 for this job
Hi, I am Cisco CCIE#64534 Sr. Network engineer and I have an excellent hands on experience on this and i can accomplish, deliver it maximum in 1 days. Qualifications: -CCIE DC #64534 -SD-WAN -SD-Access(DNA) - CCNA ( More