[Snort-sigs] PROTOCOL-DNS DNS query amplification attempt (1:28556)

rmkml rmkml at ...174...
Mon May 4 15:43:04 EDT 2015


and this rule is a recommended policy drop "security-ips", if trigger, please share or send to VRT/Talos.

Regards
@Rmkml


On Mon, 4 May 2015, rmkml wrote:

> Hello Mustaque,
>
> Could you have checked the reference on this sig please ?
>
> https://www.us-cert.gov/ncas/alerts/TA13-088A
>
> Regards
> @Rmkml
>
>
> On Mon, 4 May 2015, Mustaque wrote:
>
>> 
>> Hi,
>> 
>>  
>> 
>> I cant see the packet information to investigate the integrity of this 
>> rule. And what this rule does? Need more info.
>> 
>>  
>> 
>> Thanks and Regards
>> 
>> Mustaque
>> 
>> 
>


More information about the Snort-sigs mailing list