Hi everyone,
I’m currently working through the Cybersecurity Fundamentals course and I’m stuck on the guided exercise for IDS basics.
In this lab, we analyze .pcap files with Snort and answer questions about alerts. Specifically, I’m having trouble with these:
- How many Snort alerts does the ping to the Windows server generate?
- How many “Insecure Web Server Detected” alerts are found in the apple.pcap file?
- How many “FTP Server Detected” alerts are found in the apple.pcap file?
I’ve tried running Snort on the pcap files and checking the output, but my counts don’t seem to match the expected answers in the exercise.