Alias(es)DNS.Oversized.Message |
Release DateSep 11, 2006 |
Severitylow |
ImpactThis is an anomaly, which may indicate potential attack attempts. |
DescriptionThis signature indicates a DNS protocol anomaly. It indicates detection of an oversized Domain Name Service (DNS) message.DNS is a system that translates between human-readable host or domain names (e.g. www.fortinet.com) and machine-understandable Internet Protocol addresses. RFC 1035 specifies that the maximum size of a DNS message should not exceed 512 bytes. |
Affected ProductsAny unprotected DNS server may be vulnerable. |
Recommended ActionsN/A |
Coverage IPS
VCM |
Reference/shttp://www.faqs.org/rfcs/rfc1035.html |
