I don't think so. I would assume a normal user browsing the net (especially sites with lots of ads) and sending 4-5 emails (without using a relaying proxy) generates quite a bit of DNS traffic.
I think it may be worth the firewall's while to check if the DNS packets are in the right format - for example if the domain name in the request is ghjj!!&^ then one should frown ! I don't what kind of load this would mean for the firewall, though.
(I type this even as I recover from the nausea, vomitting and sic
I think it may be worth the firewall's while to check if the DNS packets are in the right format - for example if the domain name in the request is ghjj!!&^ then one should frown ! I don't what kind of load this would mean for the firewall, though
Well the problem with that is you just mearly create an 'arms race' as it were. The format of the data could be ANYTHING. It could even look legit. For example Blah.blah.BLAH.somwhere.com could be an encode for some data. You can encode quite a bit of da
Suspicious? (Score:3, Insightful)
Re:Suspicious? (Score:2, Interesting)
I think it may be worth the firewall's while to check if the DNS packets are in the right format - for example if the domain name in the request is ghjj!!&^ then one should frown ! I don't what kind of load this would mean for the firewall, though.
(I type this even as I recover from the nausea, vomitting and sic
Re:Suspicious? (Score:1, Informative)
Well the problem with that is you just mearly create an 'arms race' as it were. The format of the data could be ANYTHING. It could even look legit. For example Blah.blah.BLAH.somwhere.com could be an encode for some data. You can encode quite a bit of da
Re:Suspicious? (Score:2)
Only if someone or something is checking for it.