Project

General

Profile

Actions

Feature #1158

closed

Parser DNS TXT data parsing and logging

Added by Christie Bunlon over 7 years ago. Updated over 7 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Effort:
Difficulty:
Label:

Description

I am trying to detect DNS Tunneling.
For this I use the DNS logger in Suricata 2.0.
But when TXT answers have lot of data, the DNS logger say '<no data>'.


Files

dns.log (45 KB) dns.log Log DNS trafic Christie Bunlon, 04/01/2014 04:06 AM
90dns22.pcap (30.7 KB) 90dns22.pcap DNS Tunneling Trafic Christie Bunlon, 04/01/2014 04:06 AM
Actions

Also available in: Atom PDF