[
https://bro-tracker.atlassian.net/browse/BIT-1122?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jon Siwek updated BIT-1122:
---------------------------
Issue Type: Improvement (was: Problem)
> topic/jsiwek/dns-improvements
> -----------------------------
>
> Key: BIT-1122
> URL: https://bro-tracker.atlassian.net/browse/BIT-1122
> Project: Bro Issue Tracker
> Issue Type: Improvement
> Components: Bro
> Affects Versions: git/master
> Reporter: Jon Siwek
> Fix For: 2.3
>
>
> This branch is in bro, bro-testing, and bro-testing-private repos.
> - Fixes incorrect parsing of DNS message format for messages with empty
> question sections.
> - Changes dns.log to only include standard queries (opcode == 1).
> - Adds "dns_unknown_reply" event for RR types that Bro doesn't know how to
> parse, which improves accuracy of request-reply pair matching performed by
> the default DNS scripts.
--
This message was sent by Atlassian JIRA
(v6.2-OD-07-028#6211)
_______________________________________________
bro-dev mailing list
[email protected]
http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
