GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → jbaggs → anomalous-dns

jbaggs / anomalous-dns

Licence: BSD-2-Clause license
A set of zeek scripts providing a module for tracking and correlating abnormal DNS behavior.

Programming Languages

Zeek
47 projects

Anomalous-DNS

A set of zeek scripts providing a module for tracking and correlating abnormal DNS behavior. Detection of tunneling and C&C through connection duration and volume, request and answer size, DNS request type, and unique queries per domain. Statistical classification of fast flux networks based on A records and ASNs.

Requirements

domain-tld: https://github.com/sethhall/domain-tld (automatically installed with package)

Installation

zkg install jbaggs/anomalous-dns

Documentation

Current documentation consists of inline comments.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].