Nuts and Bolts

The Nuts and Bolts of Detecting DNS Tunneling

This post was originally published here. DNS-based attacks have been commonly used since the early 2000’s, but over 40% of firms still fall prey to DNS tunneling attacks. Tunneling attacks originate from uncommon vectors, so traditional automated tools like SIEMs have difficulty detecting them, but they also must be found in massive sets of DNS data, so […]

Share this page