[Bro-Dev] Implementing DNSSEC Parser in Bro.

fatema bannatwala fatema.bannatwala at gmail.com
Mon Aug 27 13:48:04 PDT 2018


Hi All,

I am in the process of writing parser for the DNSSEC RR types in DNS
responses, and written RRSIG (type=46) parser by adding code to existing
DNS protocol analyzer in Bro 2.5.4 src code.
I have tested the code by recompiling it on our test server and running it
against a dns pcap, and it correctly parses the RRSIG record and logs it.

And hence have requested a Pull request to merge in the upstream Bro master
repo .
Planning to write the remaining DNSSEC RR types: NSEC, DS and DNSKEY
parsing in Bro DNS analyzer as well, once I get the feedback on the current
merge request of the code for parsing RRSIG.

Thanks,
Fatema.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.icsi.berkeley.edu/pipermail/bro-dev/attachments/20180827/cf1b8973/attachment.html 


More information about the bro-dev mailing list