[Bro-Dev] #451: Remove DNS options for skipping auth/addl events

Bro Tracker bro at tracker.bro-ids.org
Tue Feb 7 05:32:02 PST 2012


#451: Remove DNS options for skipping auth/addl events
---------------------+--------------------
  Reporter:  robin   |      Owner:
      Type:  Task    |     Status:  new
  Priority:  Normal  |  Milestone:  Bro2.1
 Component:  Bro     |    Version:
Resolution:          |   Keywords:
---------------------+--------------------

Comment (by seth):

 > Well, it is
 > important to be able to turn this processing off, it can add up to a lot
 > of performance load for something that may or may not be of any
 interest.

 Agreed.  I want to refocus on the events that are generated by the DNS
 analyzer soon too, I think we could improve those events.  At the very
 least I want to be able to fully support DNSSEC which I think there was a
 problem with from the last time I looked.  There are actually some other
 query types that we can't support correctly right now too (like the type
 for storing SSH fingerprints in DNS):
         http://tools.ietf.org/html/rfc4255

-- 
Ticket URL: <http://tracker.bro-ids.org/bro/ticket/451#comment:8>
Bro Tracker <http://tracker.bro-ids.org/bro>
Bro Issue Tracker



More information about the bro-dev mailing list