I published the following diary on isc.sans.org: “Suspicious Domains Tracking Dashboard“.
Domain names remain a gold mine to investigate security incidents or to prevent some malicious activity to occur on your network (example by using a DNS firewall). The ISC has also a page dedicated to domain names. But how can we detect potentially malicious DNS activity if domains are not (yet) present in a blacklist? The typical case is DGA’s of Domain Generation Algorithm used by some malware families… [Read more]
[The post [SANS ISC] Suspicious Domains Tracking Dashboard has been first published on /dev/random]
from Xavier
No comments:
Post a Comment