1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Audit: Malicious Domain Request

Audit: Malicious Domain Request

Severity: Low

This attack poses a minor threat. Corrective action may not be possible or is not required.

Description

This signature detects DNS requests to malicious domains.

Additional Information

This signature detects DNS requests to specific domains which characteristically has been known to host malicious exploits and executable files. Download of these files may result in the compromise of the target computer.

Affected

  • Various platforms.

Response

Unless otherwise known, any unintended DNS requests to specific domains in this network traffic should be treated as Malicious. Actions should be taken to suspend and audit the communication and potentially block this network Activity from further communication.

If you want to block this traffic, refer following link:
https://support.symantec.com/en_US/article.HOWTO80883.html
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube