Below is a screeny of my Squert GUI showing the Snort events. Notice they all happen at the same exact time. I cannot figure out what the source of it could be. Any ideas?
Edit: It looks like the domains are owned by DtDNS.
Edit 2: Here's another screeny with more details. It looks like its UDP protocol and port 53.
Aucun commentaire:
Enregistrer un commentaire