“Passive DNS” or “Passive DNS replication” is a technique invented by Florian Weimer in 2004 to opportunistically reconstruct a partial view of the data available in the global Domain Name System into a central database where it can be indexed and queried. Passive DNS allows threat hunters to connect individual indicators of compromise (IOC) with nearly every active domain and IP address on the Internet. Learn how Passive DNS data can help you map cyber activity to attacker infrastructure.
This eBook covers:
- What is Passive DNS?
- How does Passive DNS work?
- How does DNS tie into investigating criminal activity on the Internet?
- How can Passive DNS be used in cyber investigations?