Web Security Services

 for the DNS proxy feature of WSS agent, does it protect from DNS exfiltration and DNS tunnelling?

Wasfi Bounni's profile image
Broadcom Knight Wasfi Bounni posted Aug 19, 2024 07:16 AM

Hi;

for the DNS proxy feature of WSS agent, does it protect from DNS exfiltration and DNS tunnelling (passing non DNS traffic over DNS"?

Kindly

Wasfi

gleb glazkov's profile image
gleb glazkov posted Dec 18, 2024 03:07 AM

It is intercepting the DNS requests that it can see from the client.

It's protecting against someone that wants to hijack the DNS requests and give you a response that the attacking wants you to receive.

In order to stop DNS tunneling and DNS exfiltration, you need something that does this on the application layer, it needs to detect the anomaly of such requests that look legitimate and comply with the DNS rfc.