Skip to content

mazyaar/DNS_Incident_Response

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
.gitignore
.gitignore
 
 
DNS_Incident_Response.md
DNS_Incident_Response.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

DNS_Incident_Response

The Domain Name System (DNS) is the phonebook of the Internet. Humans access information online through domain names, like nytimes.com or espn.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to Ip addresses. so browsers can load Internet resources. Most network software, including malware, relies on it to resolve domains to IP addresses before it can establish connections over protocols such as HTTP(S), SMTP, and many others. This means that DNS logging will contain a more complete record, not limited to HTTP(S) traffic, of domains access by endpoints in the environment, making it a valuable log source for defenders.

About

DNS Incident Response

cyberred.org

Topics

windows dns incident-response threat-hunting dns-server dns-tunneling dns-tunneling-detection cyberred

Resources

Readme

License

Unlicense license
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published