Forum Discussion

Bronze II

2 months ago

Solved

Zeek Ep 4 Scripting

Question 10 "After editing the required file, try to execute the script stated in Question 9 again. How many scans of unique ports are made from the IP address 192.168.100.103?" I don't understan...

defensive cyber

immersive labs

bluejacket
2 months ago
Got it! I realized I was looking at the wrong output file after solving the question before.
The output file from the zeek script will give the number of unique connections.

YasserSalama

Bronze I

2 months ago

Try 🍇

cat conn.log | zeek-cut id.orig_h id.resp_p | awk '$1=="192.168.100.103" {print $2}' | sort -u | wc -l

bluejacket
Bronze II
2 months ago
Thanks for your help. It was less about the filter and more about looking through all the other log outputs outside of conn.log

Forum Discussion

Zeek Ep 4 Scripting

Related Content

Cross-Site Scripting: Ep.6 – Further Exploitation

python-scripting-for-malware-analysis-ep-5-code-obfuscation

Re: Cross-Site Scripting: Ep.6 – Further Exploitation

Zeek - Demonstrate Your Skills

Powershell Deobsfuscation Ep.7

Recent Discussions

AWS Security Hub: Integrations and Custom Actions

Need help on question 10 in "Wizard Spider DFIR: Ep.2 – Ransomware Analysis" lab

Need Help for Pwntools: Ep. 6 — Demonstrate Your Skills

Anyone finished the "Etherium Smart Contracts"?

Foundational Static Analysis: API Analysis