[Discussion] features (mainly dns)

• Previous message (by thread): [Discussion] features (mainly dns)
• Next message (by thread): [Discussion] features (mainly dns)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* David Dagon:

>> How do you mean? Loke looking for a client that's making repeated dns
>> queries within the TTL? Maybe poorly coded bots?
>
> I'd say you have a winner here; this is a single class classifier,
> almost.  Your false positives are now just NAT, much of the Pacific
> rim, etc.

And all UNIX-like clients which do not perform local caching by
default. 8-(

• Previous message (by thread): [Discussion] features (mainly dns)
• Next message (by thread): [Discussion] features (mainly dns)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]