git.ipfire.org Git - people/pmueller/ipfire-2.x.git/commit

]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/commit

projects / people / pmueller / ipfire-2.x.git / commit

author	Peter Müller <peter.mueller@ipfire.org>
	Thu, 7 Feb 2019 17:47:00 +0000 (17:47 +0000)
committer	Stefan Schantl <stefan.schantl@ipfire.org>
	Thu, 7 Feb 2019 20:26:50 +0000 (21:26 +0100)
commit	ad99f959e2b83dd9f1275c1d385140271c8926ae
tree	8e5014b09b3b04080ba5e76e3652f8ac40eb6ac6	tree \| snapshot
parent	8723bb91aeff7dbbc173c6f7b8052a76203cb0a5	commit \| diff

Suricata: detect DNS events on port 853, too

As DNS over TLS popularity is increasing, port 853 becomes
more interesting for an attacker as a bypass method. Enabling
this port for DNS monitoring makes sense in order to avoid
unusual activity (non-DNS traffic) as well as "normal" DNS
attacks.

Partially fixes #11808

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Cc: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

config/suricata/suricata.yaml

diff | blob | blame | history

Peter's tree of IPFire 2.x

RSS Atom