DNSteal.Data.Exfiltration
Description
This indicates detection of attempted data exfiltration using DNSteal.
DNSteal is a tool that can tunnel data over DNS to bypass firewall policy.
Affected Products
All unprotected systems are vulnerable
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Monitor the traffic from the network for any suspicious activity.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2023-12-21 | 26.701 | Sig Added |
2023-10-04 | 25.650 | Sig Added |
2022-11-08 | 22.435 | Default_action:pass:drop |
2022-09-27 | 22.402 |