[Snort-sigs] DNS poisoning

Vincent Vono vincent.vono at ...1538...
Tue May 27 09:02:04 EDT 2003

Hi all,

Anyone have a rule (or does one exist) to detect DNS poisoning attempts?
I've checked the default DNS rules of snort, but do not see one.

Many thanks,
Vince Vono

******************* PLEASE NOTE *******************
This E-Mail/telefax message and any documents accompanying this
transmission may contain privileged and/or confidential information and is
intended solely for the addressee(s) named above.  If you are not the
intended addressee/recipient, you are hereby notified that any use of,
disclosure, copying, distribution, or reliance on the contents of this
E-Mail/telefax information is strictly prohibited and may result in legal
action against you. Please reply to the sender advising of the error in
transmission and immediately delete/destroy the message and any
accompanying documents.  Thank you.

More information about the Snort-sigs mailing list