Threat Encyclopedia

Dnscat2.DNS.Tunnel

description-logoDescription

This indicates an attempt to use Dnscat2 DNS Tunnel.
Dnscat2 is a proxy tool that can tunnel data over DNS to bypass firewall policy. Some malware and APT attacks have used Dnscat2 to communicate with C&C servers.

affected-products-logoAffected Products

All systems

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Monitor the traffic from the network for any suspicious activity.

Telemetry logoTelemetry