[Bro-Dev] [JIRA] (BIT-1122) topic/jsiwek/dns-improvements
Seth Hall (JIRA)
jira at bro-tracker.atlassian.net
Sun Feb 9 20:58:38 PST 2014
[ https://bro-tracker.atlassian.net/browse/BIT-1122?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Seth Hall updated BIT-1122:
---------------------------
Resolution: Merged (was: Fixed)
Status: Closed (was: Merge Request)
Done
> topic/jsiwek/dns-improvements
> -----------------------------
>
> Key: BIT-1122
> URL: https://bro-tracker.atlassian.net/browse/BIT-1122
> Project: Bro Issue Tracker
> Issue Type: Improvement
> Components: Bro
> Affects Versions: git/master
> Reporter: Jon Siwek
> Assignee: Seth Hall
> Fix For: 2.3
>
>
> This branch is in bro, bro-testing, and bro-testing-private repos.
> - Fixes incorrect parsing of DNS message format for messages with empty question sections.
> - Changes dns.log to only include standard queries (opcode == 1).
> - Adds "dns_unknown_reply" event for RR types that Bro doesn't know how to parse, which improves accuracy of request-reply pair matching performed by the default DNS scripts.
--
This message was sent by Atlassian JIRA
(v6.2-OD-09-036#6252)
More information about the bro-dev
mailing list