[Bro-Dev] #451: Remove DNS options for skipping auth/addl events
Bro Tracker
bro at tracker.bro-ids.org
Tue Feb 7 05:32:02 PST 2012
#451: Remove DNS options for skipping auth/addl events
---------------------+--------------------
Reporter: robin | Owner:
Type: Task | Status: new
Priority: Normal | Milestone: Bro2.1
Component: Bro | Version:
Resolution: | Keywords:
---------------------+--------------------
Comment (by seth):
> Well, it is
> important to be able to turn this processing off, it can add up to a lot
> of performance load for something that may or may not be of any
interest.
Agreed. I want to refocus on the events that are generated by the DNS
analyzer soon too, I think we could improve those events. At the very
least I want to be able to fully support DNSSEC which I think there was a
problem with from the last time I looked. There are actually some other
query types that we can't support correctly right now too (like the type
for storing SSH fingerprints in DNS):
http://tools.ietf.org/html/rfc4255
--
Ticket URL: <http://tracker.bro-ids.org/bro/ticket/451#comment:8>
Bro Tracker <http://tracker.bro-ids.org/bro>
Bro Issue Tracker
More information about the bro-dev
mailing list