ZyXEL Communications USG 2000 34.8.2.2 Analyze Packets

Chapter 34 IDP

Use the packet capture screen (see Section 53.3 on page 860) and a packet analyzer (also known as a network or protocol analyzer) such as Wireshark or Ethereal to investigate some more.

Figure 414 DNS Query Packet Details

From the details about DNS query you see that the protocol is UDP and the port is

53.The type of DNS packet is standard query and the Flag is 0x0100 with an offset of 2. Therefore enter 010 as the first pattern.