Which Snort command will filter for outgoing email requests:
alert tcp any any -> any 21 msg "Email sent"
alert tcp any any -> any 25 msg "Email sent"
alert tcp any 21 -> any any msg "Email sent"
alert tcp any 25 -> any any msg "Email sent"
alert tcp any 25 -> any 21 msg "Email sent"
Which Snort command will filter for incoming email from the server:
alert tcp any any -> any 21 msg "Email received"
alert tcp any any -> any 25 msg "Email received"
alert tcp any 21 -> any any msg "Email received"
alert tcp any 25 -> any any msg "Email received" "
alert tcp any 25 -> any 21 msg "Email received" "
Which Snort command will filter for outgoing FTP requests:
alert tcp any any -> any 21 msg "FTP out"
alert tcp any any -> any 25 msg "FTP out"
alert tcp any 21 -> any any msg "FTP out"
alert tcp any 25 -> any any msg "FTP out"
alert tcp any 25 -> any 21 msg "FTP out"
Which Snort command will filter for incoming FTP response from an FTP server:
alert tcp any any -> any 21 msg "FTP response"
alert tcp any any -> any 25 msg "FTP response"
alert tcp any 21 -> any any msg "FTP response"
alert tcp any 25 -> any any msg "FTP response"
alert tcp any 25 -> any 21 msg "FTP response"
Which is the following is unlikely to be a port that a client uses to connect to an FTP server:
21
3100
3110
3111
4444
Which Snort command line option is used to define that packets are not logged
-v
-c
-n
-l
-k
Which Snort command line option is used to read a rules file
Which Snort command line option is used to run in verbose mode
Which Snort command line option is used to define the interface number
-i
Which Snort command line option is used to define the log directory
