Feature #1438: DNS Type nxdomain - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #1438

closed

LB DC

DNS Type nxdomain

Feature #1438: DNS Type nxdomain

Added by Lucky b56 about 11 years ago. Updated over 10 years ago.

Status:

Closed

Priority:

Normal

Assignee:

David Cannings

Target version:

2.1beta4

Effort:

Difficulty:

Label:

Description

Right now I see 4-5 types of DNS type records. It would be great if you could include nxdomain (i.e domain doesn't exist) type too.
This will help tracking down future malicious domains which are generated by DGA. Malware authors don't register all the domains together and do in batch. Digging through nxdomain records will give great analytic value.

History
Notes
Property changes

Actions

Copy link

Also available in: PDF Atom

Project

General

Profile

Suricata

Custom queries

Feature #1438

DNS Type nxdomain

VJ Updated by Victor Julien almost 11 years ago Actions
Copy link
#1

VJ Updated by Victor Julien almost 11 years ago Actions
Copy link
#2

VJ Updated by Victor Julien almost 11 years ago Actions
Copy link
#3

LB Updated by Lucky b56 over 10 years ago Actions
Copy link
#4

Project

General

Profile

Suricata

Custom queries

Feature #1438

DNS Type nxdomain

VJ Updated by Victor Julien almost 11 years ago ActionsCopy link #1

VJ Updated by Victor Julien almost 11 years ago ActionsCopy link #2

VJ Updated by Victor Julien almost 11 years ago ActionsCopy link #3

LB Updated by Lucky b56 over 10 years ago ActionsCopy link #4

VJ Updated by Victor Julien almost 11 years ago Actions
Copy link
#1

VJ Updated by Victor Julien almost 11 years ago Actions
Copy link
#2

VJ Updated by Victor Julien almost 11 years ago Actions
Copy link
#3

LB Updated by Lucky b56 over 10 years ago Actions
Copy link
#4