Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Now let\'s turn our attention to the internal Argus flow record data. Searching

ID: 3714013 • Letter: N

Question

Now let's turn our attention to the internal Argus flow record data. Searching for traffic relating to the attacker, 172.30.1.77 and port 22, we see: $ ra -z -nn -r argus -collector.ra -src host 172.30.1.77 and port 22' StartTime 04-27-17 12:51:55 04-27-17 12:51:57 04-27-17 12:51:58 04-27-17 12:52:38 04-27-17 12: 52:44 04-27-17 12:52:50 04-27-17 12: 52:56 04-27-17 12:53:02 04-27-17 12:53:09 04-27-17 12:53:15 Proto SrcAddr:Sport DstAddr: Dport TotPkts State 6 172.30.1.77:44197-10.30.30.20:22 6 172.30.1.77:44208-> 10.30.30.20:22 6 172.30.1.77:44209-10.30.30.20: 22 6 172.30.1.77:54348-> 10.30.30.20:22 6 172.30.1.77:54349 -10.30.30.20:22 6 172.30.1.77:54350-> 10.30.30.20:22 6 172.30.1.77:54351->10.30.30.20:22 6 172.30.1.77:54352-> 10.30.30.20:22 6 172.30.1.77:54353->10.30.30.20:22 6 172.30.1.77:54354- 10.30.30.20:22 3 sSR 3 sSR 3 sSR 43 sSEfF 42 sSEfF 42 sSEEF 42 sSEfF 42 sSEEF 42 sSEfF 42 sSEEF Recall that the internal NAT-ed address 10.30.30.20 corresponds with the external address 172.30.1.231 (they are the same server). Accounting for 8 seconds of time skew between the Cisco ASA and the Argus server, the Argus flow records show the same attempts to connect to TCP port 22 on the same server during the same time frame correlating evidence. Using the ra utility's -z flag, we can also see the TCP state changes in the flow records, as described below:

Explanation / Answer

4.
Port 80 is the port number assigned to commonly used internet communication protocol, Hypertext Transfer Protocol (HTTP). It is the port from which a computer sends and receives Web client-based communication and messages from a Web server and is used to send and receive HTML pages or data.

5.
TCP port 443 is the standard TCP port that is used for website which use SSL. When you go to a website which uses the https at the beginning you are connecting to port 443. You should not use a different port number, because if you do then your users will need to enter the port number in the URL when accessing the Web SSL VPN.

6.
HTML pages or data is at Destination address 91.189.42.166,which was send or receive by port 80 in order to maintain web-client based communication

Related Questions

Now for the hand-in portion of the first part. For each of the student invented
Question #3145261
Now here is the code I have so far: import java.util.* public class Palindrome{
Question #670830
Now if epsilon_0 = 2kcal mol^-1 and gamma = 1000, find the temperature T_0 at wh
Question #958478
Now imagine that the researcher mentioned in the scenario at the top of this pag
Question #3384055
Now imagine that there is a similar set of photodiodes, also spaced 1.00 m apart
Question #1685392
Now implement a method reverseSequences that takes two Strings as parameters. Th
Question #3533449
Now in disordered organics, the band picture is thrown out the window, from what
Question #2283502
Now investigate further by doing a stratified analysis. Obesity and Type 2 Diabe
Question #2929765
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Chat Now And Get Quote

Navigate

Previous
Now let\'s try the process using moles. Given the following reaction, answer the
Next
Now lets put efficiency and drag into the last question. Drag (friction) is on t

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.