Actions
Feature #11092
open
Detecting DNS tunneling
Status:
New
Priority:
Normal
Assignee:
-
Category:
pfBlockerNG
Target version:
-
Start date:
11/21/2020
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Description
Using pfBlockerNG python integration it's possible to create DNS tunneling detector using regexp,
see https://www.giac.org/paper/gcia/1116/detecting-dns-tunneling/108367 part "6.2. Payload Analysis matching Fully Qualified Domain Names (FQDN)"
No data to display
Actions