Sign in
Follow

ET DNS Non-DNS or Non-Compliant DNS traffic on DNS port Opcode 6 or 7 set

ET DNS Non-DNS or Non-Compliant DNS traffic on DNS port Opcode 8 through 15 set
ET DNS Non-DNS or Non-Compliant DNS traffic on DNS port Reserved Bit Set

 

 IP AddressPortHostname
Source (local) 52623  
Destination 5.133.8.122 (Poland) domain (53)  

 

Description:

  • These rules are intended to detect non-compliant DNS. It does so.
  • However, these rules are also triggered by SecureDNS traffic.

 

False Positive:

 

Action:

  • None

 

 

Comments

Powered by Zendesk