Noticing command and control channels by reviewing DNS protocols, (Mon, Nov 13th)

This post was originally published on this site

Malicious software pieces installed in computers call home. Some of them can be noticed because they perform DNS lookup and some of them initiates connection without DNS lookup. For this last option, this is abnormal and can be noticed by any Network Detection and Response (NDR) tool that reviews the network traffic by at least two weeks.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.