DNS Security checks for records different than A

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

DNS Security checks for records different than A

L1 Bithead

Hi,

 

Does DNS Security checks DNS records other than A and how it works ? I think CNAME are checked as they are similar to A in meaning of request content.  How about other records like PTR and TXT as they can be used more frequently for C2 traffic? 

 

1 REPLY 1

Cyber Elite
Cyber Elite

@TomaszSobczak,

I'd open a ticket with your SE and ask them to verify with someone on the product team, but I don't see any reason why CNAME, TXT, and PTR wouldn't also fall under DNS Security. You're still doing a DNS record lookup, you're just looking at a different type of record; you should still be getting the proper category.

I know that CNAME cloaking as an example will get a domain registered as adtracking when PAN identifies the traffic from a categorization aspect. 

  • 566 Views
  • 1 replies
  • 0 Likes
  • 101 Subscriptions
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!