This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Detailed DNS logging?

Greetings all, long time no see...

I'm sure I've forgotten something, or I'm overlooking something obvious, but I can't find detailed DNS logging on my ASG (yeah, I know it is a UTM, but it will always be ASG to me).

I keep getting the Snort hit for network trojan due to failed DNS lookup of funky hostnames, but can't find the hostnames in question in the ASG logs.

Thankfully I have other tools on the network monitoring traffic and know the problem domains and know the hits are FPs, but it seems I should be able to find this somewhere in the logs.

Cheers
-jd

This thread was automatically locked due to age.

Parents

0 BAlfson over 10 years ago

Hey, Jack - glad to see you around! It's been too long, though, as you've forgotten your good habits of old. [;)]

What version - 9.305? What do you see that makes you conclude that you get "the Snort hit for network trojan due to failed DNS lookup of funky hostnames?"

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 10 years ago

Hey, Jack - glad to see you around! It's been too long, though, as you've forgotten your good habits of old. [;)]

What version - 9.305? What do you see that makes you conclude that you get "the Snort hit for network trojan due to failed DNS lookup of funky hostnames?"

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data

Detailed DNS logging?

Submitted a Tech Support Case lately from the Support Portal?