You are configuring your new IDS machine, and are creating new rules. You enter the following
rule:
Alert tcp any any -> 10.0.10.0/24 any (msg: “NULL scan detected”; flags: 0;)
What is the effect of this rule?
A.
This is a logging rule, designed to capture NULL scans originating from the 10.0.10.0/24
network.
B.
This is a logging rule, designed to capture NULL scans.
C.
This is an alert rule, designed to notify you of NULL scans of the network in either direction.
D.
This is an alert rule, designed to notify you of NULL scans of the network in one direction.
E.
This is a logging rule, designed to notify you of NULL scans.