HackDig : Dig high-quality web security articles for hacker

[SANS ISC] Investigating Security Incidents with Passive DNS

2017-10-02 23:20

I published the following diary on isc.sans.org: “Investigating Security Incidents with Passive DNS“.

Sometimes when you need to investigate a security incident or to check for suspicious activity, you become frustrated because the online resource that you’re trying to reach has already been cleaned. We cannot blame system administrators and webmasters who are just doing their job. If some servers or websites remains compromised for weeks, others are very quickly restored/patched/cleaned to get rid of the malicious content. It’s the same for domain names. Domains registered only for malicious purposes can be suspended to prevent further attacks. If the domain is not suspended, the offending DNS record is simply removed… [Read more]

[The post [SANS ISC] Investigating Security Incidents with Passive DNS has been first published on /dev/random]


Source: /snd-evissap-stnedicni-ytiruces-gnitagitsevni-csi-snas/20/01/7102/eb.llehstoor.golb

“[SANS ISC] Investigating Security Incidents with Passive DNS”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud