IDS Basics problem

BCinLA · April 3, 2025, 6:34pm

The 4th question requires a 3 digit answer. My nano alert and Snort command lines are correct but I get the number 5. Last night the number was 0.

JosephWhite · April 3, 2025, 8:09pm

Your FTP rule is wrong:

You have alert tcp any 80 - > any 21

Should be alert tcp any any - > any 21

I think the alert tcp any 80 - > is from earlier in the lab when there were two web traffic rules.

BCinLA · April 3, 2025, 11:37pm

Changed it and it still says zero for question 37. And the number for question 36 got bigger.

BCinLA · April 3, 2025, 11:39pm

Never mind, I found my last mistake. Thank you for the help!

EltonLP · April 14, 2025, 2:10pm

what was the mistake?? I’m facing the same problem

CalmQuail2332 · April 15, 2025, 1:44pm

Incorrect rule description - “Traffic to FTP Web Server Detected” instead of “Traffic to FTP Server Detected”

EfficientMoose3895 · December 16, 2025, 1:01am

4. How many “FTP Server Detected” alerts are found in the apple.pcap file?

So, What is the correct answer from the last question? Please, I tried to finish three times, but the virtual system is getting disconnected constantly.

CalmQuail2332 · December 16, 2025, 2:35pm

I’ll message it to you. If you’re getting disconnected frequently, I would recommend trying a different network connection as an initial troubleshooting measure.