13 Signs that "bad guys" are using DNS Exfiltration to steal your data.
How do you test DNS Exfiltration? How do you use Machine Learning to catch the bad guys?
In this project I have built a Python DNS Exfiltration Tool.
I have also built a basic POC Machine Learning algorithm to catch "bad guys" exfiltrating with my DNS tool.
Domain Name Service File Transfer Protocol (DFTP) Client and Server
Microsoft TechNet guide to DNS: http://technet.microsoft.com/en-us/library/cc779489(WS.10).aspx
RFC1035, “Domain Names: Implementation and Specification”: http://www.faqs.org/rfcs/rfc1035.html
![alt text][logo] [logo]: https://github.com/bigsnarfdude/DFTP/raw/master/Screen%20Shot%202012-12-10%20at%202.14.42%20PM.png "SHA1 DNS Exfil Screenshot"