Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DNS Logging: DNS Manipulation Intent #115

Open
shivaccuknox opened this issue May 21, 2024 · 0 comments
Open

DNS Logging: DNS Manipulation Intent #115

shivaccuknox opened this issue May 21, 2024 · 0 comments
Labels
Intent Intents configure/driver adapters tactic: initialAccess

Comments

@shivaccuknox
Copy link
Contributor

shivaccuknox commented May 21, 2024
edited
Loading

An adversary can piggyback user data within DNS requests, so that the DNS server retrieves the user data for further processing.

The detection technique involves logging the DNS requests

The adapter used is KubeArmor, and the API logging work [https://github.com//issues/112] item tracks the adapter/security engine work

This detection technique is not part of the MITRE FiGHT
@shivaccuknox shivaccuknox converted this from a draft issue May 21, 2024
@shivaccuknox shivaccuknox added Intent Intents configure/driver adapters tactic: initialAccess labels May 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Intent Intents configure/driver adapters tactic: initialAccess
Projects
NIMBUS
Status: 📋 Backlog
Milestone
No milestone
Development

No branches or pull requests
1 participant
@shivaccuknox