A sophisticated form of "phishing" in which an attacker is able to inject a worm or other piece of attack software onto a host machine, which thereupon captures sensitive information such as logins, and adds that data to DNS queries that can be sent from the trusted machine to an untrusted entity for collection. DDoS Security detects data leaks of this type, logs the incident, and funnels the suspect packets to a quarantine location. In a similar vein, DNS Tunneling uses DNS as a covert channel to avoid firewall and IPS security mechanisms. Tunneling encapsulates Inbound and outbound packets inside DNS requests and DNS responses.
This page has no comments.