Trace the source code in portscan.c and spp_ portscan.c in the preprocessors directory of the Snort source code. Describe briefly how Snort detects portscannning in the traffic traces.
Use the UPX packer (http://upx.sourceforge.net) to pack a Windows binary executable in PE format. After that, use a PE viewer, say Anywhere PE viewer (http://upx.sourceforge.net/), to point out what has been changed.
Already registered? Login
Not Account? Sign up
Enter your email address to reset your password
Back to Login? Click here