“Passive DNS” or “Passive DNS replication” is a technique invented by Florian Weimer in 2004 to opportunistically reconstruct a partial view of the data available in the global Domain Name System into a central database where it can be indexed and queried. Passive DNS allows threat hunters to connect individual indicators of compromise (IOC) with nearly every active domain and IP address on the Internet. Learn how Passive DNS data can help you map cyber activity to attacker infrastructure.
This eBook covers:
- What is Passive DNS?
- How does Passive DNS work?
- How does DNS tie into investigating criminal activity on the Internet?
- How can Passive DNS be used in cyber investigations?
- Newsletter Sign Up
- Call now: +1-650-489-7919
- Solutions
- Overview
- By Role
- CISO / Security Management
- Security Operations
- Threat Intelligence
- Network Operations / IT
- By Need
- Incident Response
- Threat Hunting
- Brand Protection
- Fraud Protection
- Anti-Phishing
- Technology
- Partner Integrations
- Security Information Exchange
- All Solutions
- DNSDB
- Newly Active Domains
- Newly Observed Domains
- Newly Observed Hostnames
- DNS Changes
- DNS Errors
- Resources
- Blog
- Partners
- Community
- Company
- Free Trial
- Farsight Labs
Navigating the Internet’s Phone Book: An Introduction to Passive DNS
Think you already understand Passive DNS? Think again. If you investigate cyber crimes, you should be actively paying attention to DNS.
