[Snort-sigs] lots of alerts on so rule "possible DGA detected"
wkitty42 at ...3507...
Tue Nov 25 13:12:49 EST 2014
On 11/25/2014 2:55 AM, Ronny Vaningh wrote:
> First the host does a request for myserverhostname001.subdomain.domain.com
> After receiving a NXDOMAIN it appends a search domain suffix and generates a
> request like
what software is this, please? so we know to list it as banned and keep it far
away from our networks ;)
NOTE: No off-list assistance is given without prior approval.
Please *keep mailing list traffic on the list* unless
private contact is specifically requested and granted.
More information about the Snort-sigs