Hi there, Is anyone aware if any rule available to detect or block DNScat tool? Can someone please point me? -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20180312/9f0677bc/attachment.html>