Snort mailing list archives
Re: PROTOCOL-DNS DNS query amplification attempt (1:28556)
From: rmkml <rmkml () yahoo fr>
Date: Mon, 4 May 2015 21:43:04 +0200 (CEST)
and this rule is a recommended policy drop "security-ips", if trigger, please share or send to VRT/Talos. Regards @Rmkml On Mon, 4 May 2015, rmkml wrote:
Hello Mustaque, Could you have checked the reference on this sig please ? https://www.us-cert.gov/ncas/alerts/TA13-088A Regards @Rmkml On Mon, 4 May 2015, Mustaque wrote:Hi,I cant see the packet information to investigate the integrity of this rule. And what this rule does? Need more info.Thanks and Regards Mustaque
------------------------------------------------------------------------------ One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- PROTOCOL-DNS DNS query amplification attempt (1:28556) Mustaque (May 04)
- Re: PROTOCOL-DNS DNS query amplification attempt (1:28556) Al Lewis (allewi) (May 04)
- Re: PROTOCOL-DNS DNS query amplification attempt (1:28556) Geoffrey Serrao (May 04)
- Re: PROTOCOL-DNS DNS query amplification attempt (1:28556) rmkml (May 04)
- Re: PROTOCOL-DNS DNS query amplification attempt (1:28556) rmkml (May 04)
- Re: PROTOCOL-DNS DNS query amplification attempt (1:28556) Mustaque Ahmad (May 07)
- Re: PROTOCOL-DNS DNS query amplification attempt (1:28556) Jamie Riden (May 07)
- Re: PROTOCOL-DNS DNS query amplification attempt (1:28556) Mustaque (May 12)
- Re: PROTOCOL-DNS DNS query amplification attempt (1:28556) rmkml (May 04)
- Re: PROTOCOL-DNS DNS query amplification attempt (1:28556) Al Lewis (allewi) (May 04)