DNS Standard query response, Name Error



  • In the past 24 hours, it seems that almost all of the machines on my LAN are generating this alert from the ET DNS rules:

    1:2001117 - ET DNS Standard query response, Name Error

    Why would this happen all of a sudden? I see the PCRE in the rule that this is looking for, but I don't understand the rationale behind it.

    pcre:"/^..[\x81\x82\x83\x84\x85\x86\x87]\x83/"

    Thanks for any information you may have to offer.


Log in to reply