Intrusion Prevention

DNS.Unknown.Type

Description

This indicates detection of a Domain Name Service (DNS) message with unknown "type" field.
DNS is a system that translates between human-readable host or domain names (e.g. www.fortinet.com) and machine-understandable Internet Protocol addresses. If the value of the "type" field in the DNS message is not defined in relevant RFCs, the message is considered to be malformed.

Affected Products

Any unprotected DNS server may be vulnerable.

Impact

This is an anomaly, which may indicate potential attack attempts.

Recommended Actions

N/A

Other References

1