Can you create 3 snort rules to the report i have attached? i need questions 8 answered:
As you have done within other classes to build Snort rules, you will now take the information you gathered to create Snort rules. Use the details you collected within this lab to create three Snort rules to detect the activity.
In Q8, can you create specific snort rules (at least 3 rules) to monitor traffics ?
alert tcp any any -> 10.0.250.160 80 (msg: “Malicious Payload Upload”; sid:1000002; content:”FileUploader”; http_uri; content:”POST”; http_method; flow:to_server,established;)