Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi all,I can't seem to find a good intrusion rule to detect DNSCAT2 tunneling traffic. I've set up a working DNSCAT2 tunnel, and copied all DNS traffic with a SPAN port to a passive interface on our FTD.Then created a dedicated rule with application ...
