DNS.BailiWicked.Domain.Attack
Description
This indicates detection of an attempt to exploit a common vulnerability in DNS servers.
The attack is launched through multiple DNS query requests occurring in a short period of time. Detection occurs when an attacker attempts a brute force attack at a rate of about 300 times in 10 seconds.
Affected Products
Windows DNS Clients and Servers
ISC BIND 8 and 9
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Currently we are not aware of any vendor supplied patches for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |