Intrusion Prevention

DNS.Pointer.Loop

Description

This signature indicates a DNS protocol anomaly. It indicates detection of a Domain Name Service (DNS) message with pointers that form a loop
DNS is a system that translates between human-readable host or domain names (e.g. www.fortinet.com) and machine-understandable Internet Protocol addresses. A DNS name can be specified with pointers which can point to anywhere within the DNS message. If the chain of pointers form a loop, the message is considered to be malformed.

Affected Products

Any unprotected DNS server may be vulnerable.

Impact

This is an anomaly, which may indicate potential attack attempts.

Recommended Actions

This indicates detection of traffic that does not comply with the protocol standard.
Monitor the traffic from that network for any suspicious activity.

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

ID	12549
Created	Sep 11, 2006
Updated	Mar 25, 2019
CVE ID
Risk
Exploit Prediction Score	0.51%
Default Action	pass
Active
Affected OS	All
Affected App	All
Profile Type	Anomaly

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Intrusion Prevention

DNS.Pointer.Loop

Description

Affected Products

Impact

Recommended Actions

Coverage

References

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Intrusion Prevention

DNS.Pointer.Loop

Description

Affected Products

Impact

Recommended Actions

Coverage

References

Threat Intelligence
Center