ZyXEL Communications 91-009-073003B 30.8.2.2 Analyze Packets

Chapter 30 IDP

Use the packet capture screen (see Section 48.3 on page 750) and a packet analyzer (also known as a network or protocol analyzer) such as Wireshark or Ethereal to investigate some more.

Figure 299 DNS Query Packet Details

From the details about DNS query you see that the protocol is UDP and the port is

53.The type of DNS packet is standard query and the Flag is 0x0100 with an offset of 2. Therefore enter 010 as the first pattern.