[Bro] couple of questions
Christian Kreibich
christian at whoop.org
Fri Mar 24 04:36:45 PST 2006
On Fri, 2006-03-24 at 03:47 +0000, jbabbin at comcast.net wrote:
> Hi Christian,
> I had another question that should hopefully be simple.
> 1) In the DNS policy file there is an event for "dns_EDNS_addl" what
> part of the packet is this field in a DNS connection and what is the
> "pldsize" value from? Is there a way to break out the data from this
> field?
> 2) When a DNS record has "DNS_SEC_OK" What is that from the packet
> connection?
Sorry, I'm not familiar with the internals of the DNS analyzer.
Cheers,
Christian.
--
________________________________________________________________________
http://www.cl.cam.ac.uk/~cpk25
http://www.whoop.org
More information about the Bro
mailing list