Signatures on juniper website

Owned by Jean-luc KRIKER
Last updated: Oct 24, 2020
1 min read


https://threatlabs.juniper.net/signatures/search/#/list/app?page_number=1&page_size=20


Those Application Signature are put in group to ease the management of type of Application


App Signature (Ozyman DNS Tunneling)

http://signatures.juniper.net/documentation/applications/Remote-Access%3ATunneling%3AOZYMAN-DNS-TUNNEL.html


Use IDP, AppID is relatively ineffective for this purpose.


These are your primary signatures;
  DNS:TUNNEL:DNS2TCP   
  DNS:TUNNEL:I2P-DNS-QUERY  
  DNS:TUNNEL:IODINE    
  DNS:TUNNEL:NULL-RECORD
  DNS:TUNNEL:OZYMANDNS  
  DNS:TUNNEL:SHORT-TTL Â