Project

General

Profile

Actions
Copy link

Feature #1438

closed

DNS Type nxdomain

Added by Lucky b56 over 9 years ago. Updated over 9 years ago.

Status:
Closed
Priority:
Normal
Assignee:
David Cannings
Target version:
2.1beta4
Effort:
Difficulty:
Label:

Description

Right now I see 4-5 types of DNS type records. It would be great if you could include nxdomain (i.e domain doesn't exist) type too.
This will help tracking down future malicious domains which are generated by DGA. Malware authors don't register all the domains together and do in batch. Digging through nxdomain records will give great analytic value.

Actions
Copy link
 #1

Updated by Victor Julien over 9 years ago

  • Status changed from New to Assigned
  • Assignee set to David Cannings
  • Priority changed from High to Normal
  • Target version set to 3.0RC1
Actions
Copy link
 #2

Updated by Victor Julien over 9 years ago

  • Status changed from Assigned to Closed
  • % Done changed from 0 to 100
Actions
Copy link
 #3

Updated by Victor Julien over 9 years ago

  • Target version changed from 3.0RC1 to 2.1beta4
Actions
Copy link
 #4

Updated by Lucky b56 over 9 years ago

Victor Julien wrote:

https://github.com/inliniac/suricata/pull/1425

Great. Works perfect!

Actions
Copy link

Also available in: Atom PDF