Project

General

Profile

Actions

Feature #11092

open

Detecting DNS tunneling

Added by Viktor Gurov about 1 year ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
pfBlockerNG
Target version:
-
Start date:
11/21/2020
Due date:
% Done:

0%

Estimated time:
Plus Target Version:

Description

Using pfBlockerNG python integration it's possible to create DNS tunneling detector using regexp,
see https://www.giac.org/paper/gcia/1116/detecting-dns-tunneling/108367 part "6.2. Payload Analysis matching Fully Qualified Domain Names (FQDN)"

No data to display

Actions

Also available in: Atom PDF