Summary of DNS over HTTPS requests against our honeypots., (Tue, Aug 1st)

Our honeypots see a lot of DNS over HTTP(s) requests against the “/dns-query” endpoint. This endpoint is used by DNS over HTTPs requests to receive queries. Queries can use different encodings. You may either see the more readable URL encoding, like “?name=google.com&type=A” or the raw DNS data encoding, like “?dns=mNwBAAABAAAAAAAABmdvb2dsZQNjb20AAAEAAQ”.

Article Link: https://isc.sans.edu/diary/rss/30084

1 post - 1 participant

Read full topic

amp data dns dns over https encoding endpoint google honeypots http https may name query requests url