Which of the following is an open source network intrusion detection system?
A.
NETSH
B.
Macof
C.
Sourcefire
D.
Snort
Explanation:
Snort is an open source network intrusion prevention and detection system that
operates as a network sniffer. It logs activities of the network that is matched with the predefined
signatures. Signatures can be designed for a wide range of traffic, including Internet Protocol (IP),
Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Internet Control
Message Protocol (ICMP). The three main modes in which Snort can be configured are as follows:
Sniffer mode: It reads the packets of the network and displays them in a continuous stream on the
console. Packet logger mode: It logs the packets to the disk. Network intrusion detection mode: It
is the most complex and configurable configuration, allowing Snort to analyze network traffic for
set and used to flood the local network with random MAC addresses. It causes some switches to
detection system. NETSH is a command line tool to configure TCP/IP settings such as the IP
address, Subnet Mask, Default Gateway, DNS, WINS addresses, etc.