PROTOCOL-DNS -- Snort alerted on a Domain Name Server (DNS) protocol issue. These packets travel over UDP on port 53 to serve DNS queries--user website requests through a browser. Several vulnerability use-cases exist (ie, additional data could be sent with a request, which would contact a DNS server pre-prepared to send information back and forth).
PROTOCOL-DNS domain not found containing random-looking hostname - possible DGA detected
This event is generated when a domain appears to be DGA generated. Impact: A Network Trojan was detected Details: Ease of Attack:
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
None
No information provided
None
©2024 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
