Date Author Title
2024-09-25Johannes UllrichDNS Reflection Update and Odd Corrupted DNS Requests
2024-08-30Jesse La GrewSimulating Traffic With Scapy
2024-08-20Guy BruneauMapping Threats with DNSTwist and the Internet Storm Center [Guest Diary]
2024-05-06Johannes UllrichDetecting XFinity/Comcast DNS Spoofing
2024-01-31Johannes UllrichThe Fun and Dangers of Top Level Domains (TLDs)
2023-11-07Johannes UllrichWhat's Normal: New uses of DNS, Discovery of Designated Resolvers (DDR)
2023-09-06Johannes UllrichSecurity Relevant DNS Records
2023-08-01Johannes UllrichSummary of DNS over HTTPS requests against our honeypots.
2023-02-15Rob VandenBrinkDNS Recon Redux - Zone Transfers (plus a time machine) for When You Can't do a Zone Transfer
2023-01-30Johannes UllrichDecoding DNS over HTTP(s) Requests
2023-01-23Xavier MertensWho's Resolving This Domain?
2022-08-31Johannes UllrichUnderscores and DNS: The Privacy Story
2022-08-10Johannes UllrichAnd Here They Come Again: DNS Reflection Attacks
2022-04-29Rob VandenBrinkUsing Passive DNS sources for Reconnaissance and Enumeration
2021-12-17Rob VandenBrinkDR Automation - Using Public DNS APIs
2021-10-04Johannes UllrichFacebook Outage: Yes, its DNS (sort of). A super quick analysis of what is going on.
2021-09-11Guy BruneauShipping to Elasticsearch Microsoft DNS Logs
2021-07-31Guy BruneauUnsolicited DNS Queries
2021-06-19Xavier MertensEasy Access to the NIST RDS Database
2021-05-30Didier StevensVideo: Cobalt Strike & DNS - Part 1
2021-05-20Johannes UllrichNew YouTube Video Series: Everything you ever wanted to know about DNS and more!
2021-01-25Rob VandenBrinkFun with NMAP NSE Scripts and DOH (DNS over HTTPS)
2021-01-15Guy BruneauObfuscated DNS Queries
2020-12-16Daniel WesemannDNS Logs in Public Clouds
2020-12-08Johannes UllrichDecember 2020 Microsoft Patch Tuesday: Exchange, Sharepoint, Dynamics and DNS Spoofing
2020-10-30Xavier MertensQuick Status of the CAA DNS Record Adoption
2020-08-04Johannes UllrichInternet Choke Points: Concentration of Authoritative Name Servers
2020-07-16John BambenekHunting for SigRed Exploitation
2020-07-15Johannes UllrichPATCH NOW - SIGRed - CVE-2020-1350 - Microsoft DNS Server Vulnerability
2019-12-29Guy BruneauELK Dashboard for Pihole Logs
2019-12-07Guy BruneauIntegrating Pi-hole Logs in ELK with Logstash
2019-11-25Xavier MertensMy Little DoH Setup
2019-10-25Rob VandenBrinkMore on DNS Archeology (with PowerShell)
2019-10-21Jim ClausingWhat's up with TCP 853 (DNS over TLS)?
2019-07-17Xavier MertensAnalyzis of DNS TXT Records
2019-07-13Guy BruneauGuidance to Protect DNS Against Hijacking & Scanning for Version.BIND Still a Thing
2019-07-09John BambenekSolving the WHOIS and Privacy Problem: A Draft of Implementing WHOIS in DNS
2019-06-16Didier StevensSysmon Version 10: DNS Logging
2019-03-27Xavier MertensRunning your Own Passive DNS Service
2019-01-31Xavier MertensTracking Unexpected DNS Changes
2019-01-22Xavier MertensDNS Firewalling with MISP
2018-09-22Didier StevensSuspicious DNS Requests ... Issued by a Firewall
2018-02-25Guy BruneauBlackhole Advertising Sites with Pi-hole
2017-12-13Xavier MertensTracking Newly Registered Domains
2017-11-16Xavier MertensSuspicious Domains Tracking Dashboard
2017-10-20Rick WannerOne year Anniversary of Dyn DDOS
2017-10-02Xavier MertensInvestigating Security Incidents with Passive DNS
2017-06-14Xavier MertensSystemd Could Fallback to Google DNS?
2017-04-20Xavier MertensDNS Query Length... Because Size Does Matter
2016-10-23Johannes UllrichISC Briefing: Large DDoS Attack Against Dyn
2016-07-26Johannes UllrichCommand and Control Channels Using "AAAA" DNS Records
2016-06-12Guy BruneauDNS Sinkhole ISO Version 2.0
2016-04-28Rob VandenBrinkDNS and DHCP Recon using Powershell
2015-11-22Guy BruneauOpenDNS Research Used to Predict Threat
2015-11-08Rick WannerDNS Reconnaissance using nmap
2015-08-19Bojan ZdrnjaOutsourcing critical infrastructure (such as DNS)
2015-02-19Daniel WesemannDNS-based DDoS
2014-06-02Rick WannerUsing nmap to scan for DDOS reflectors
2014-05-20Johannes UllrichDetecting Queries to "odd" DNS Servers
2014-04-30Johannes UllrichBe on the Lookout: Odd DNS Traffic, Possible C&C Traffic
2014-04-30Russ McReeUltraDNS DDOS
2014-02-04Johannes UllrichDo you block "new" domain names?
2014-01-30Johannes UllrichNew gTLDs appearing in the root zone
2013-12-21Guy BruneauStrange DNS Queries - Request for Packets
2013-11-19Jim ClausingUpdated dumpdns.pl
2013-11-04Manuel Humberto Santander PelaezWhen attackers use your DNS to check for the sites you are visiting
2013-10-21Johannes UllrichNew tricks that may bring DNS spoofing back or: "Why you should enable DNSSEC even if it is a pain to do"
2013-10-17Adrien de BeaupreInternet wide DNS scanning
2013-10-10Johannes Ullrichgoogle.com.my DNS hijack
2013-10-08Johannes UllrichCSAM: ANY queries used in reflective DoS attack
2013-10-02Johannes UllrichCSAM: Misc. DNS Logs
2013-09-26Johannes UllrichHow do you monitor DNS?
2013-09-02Guy BruneauSnort IDS Sensor with Sguil New ISO Released
2013-08-14Johannes Ullrich.GOV zones may not resolve due to DNSSEC problems.
2013-08-07Mark HofmanDNS servers hijacked in the Netherlands
2013-07-17Johannes UllrichNetwork Solutions Outage
2013-07-12Johannes UllrichDNS resolution is failing for Microsofts Teredo server (teredo.ipv6.microsoft.com)
2013-07-10Johannes Ullrich.NL Registrar Compromisse
2013-06-22Guy Bruneau.biz DNSSEC DNSKEY is Invalid
2013-06-20Johannes UllrichLinkedin DNS Hijack
2013-06-05Richard PorterBIND 9 Update fixing CVE-2013-3919
2012-12-14Johannes UllrichThe "D-root" DNS server (terp.umd.edu) is changing its IP address in January http://seclists.org/nanog/2012/Dec/330
2012-12-06Daniel WesemannComodo DNS hiccup on usertrust.com
2012-08-16Johannes UllrichA Poor Man's DNS Anomaly Detection Script
2012-07-24Richard PorterReport of spike in DNS Queries gd21.net
2012-07-21Rick WannerTippingPoint DNS Version Request increase
2012-07-21Rick WannerOpenDNS is looking for a few good malware people!
2012-05-21Kevin ShorttDNS ANY Request Cannon - Need More Packets
2012-05-16Johannes UllrichGot Packets? Odd duplicate DNS replies from 10.x IP Addresses
2012-03-30Daniel WesemannTomorrow, the world will end
2012-02-23donald smithDNS-Changer "clean DNS" extension requested
2012-02-20Rick WannerDNSChanger resolver shutdown deadline is March 8th
2012-02-09Richard PorterDNS Ghost Domains, How I loath you so!
2012-01-21Guy BruneauDNS Sinkhole Scripts Fixes/Update
2012-01-18Johannes UllrichUse of Mixed Case DNS Queries
2012-01-13Guy BruneauStrange DNS Queries - Request Packets/Logs
2011-12-13Johannes UllrichPossible Widespread DNS Attack (info wanted)
2011-12-05Stephen HallISC describe DNS crash bug analysis
2011-11-28Tom ListonA Puzzlement...
2011-11-16Jason LamPotential 0-day on Bind 9
2011-11-11Rick WannerWhat's up with fbi.gov DNS?
2011-11-11Johannes UllrichDetails About the fbi.gov DNSSEC Configuration Issue.
2011-11-09Russ McReeOperation Ghost Click: FBI bags crime ring responsible for $14 million in losses
2011-10-15Guy BruneauDNS Sinkhole Parser Script Update
2011-10-10Tom ListonWhat's In A Name?
2011-09-09Guy BruneauIPv6 and DNS Sinkhole
2011-09-04Lorna HutchesonSeveral Sites Defaced
2011-08-17Rob VandenBrinkWhen Good Patches go Bad - a DNS tale that didn't start out that way
2011-08-05Johannes UllrichMicrosoft Patch Tuesday Advance Notification: 13 Bulletins coming http://www.microsoft.com/technet/security/Bulletin/MS11-aug.mspx
2011-08-05donald smithNew Mac Trojan: BASH/QHost.WB
2011-07-05Raul SilesTwo DoS remotely exploitable vulnerabilities affect BIND 9: http://www.isc.org/advisories/bind Updgrade to 9.8.0-P4.
2011-06-28Johannes UllrichDNSSEC Tips
2011-06-03Guy BruneauNew Poll: How are you dealing with Malicious Domains?
2011-05-09Johannes UllrichPatch for BIND 9.8.0 DoS Vulnerability
2011-04-14Johannes Ullrichdshield.org now DNSSEC signed via .org
2011-04-05Mark HofmanDNS.be DDOS
2011-01-26Bojan ZdrnjaGoogle Chrome and (weird) DNS requests
2010-11-25Bojan ZdrnjaSecunia's DNS/domain hijacked?
2010-11-13Guy BruneauRegister.com DNS Issues
2010-11-04Johannes UllrichDNSSEC Progress for .com and .net
2010-10-03Adrien de BeaupreH went down.
2010-09-25Rick WannerGuest Diary: Andrew Hunt - Visualizing the Hosting Patterns of Modern Cybercriminals
2010-08-07Stephen HallDnsMadeEasy under a "quite large and unique" ddos.
2010-07-29Rob VandenBrinkNoScript 2.0 released
2010-06-19Guy BruneauDNS Sinkhole ISO Available for Download
2010-05-12Johannes Ullrich.de TLD Outage
2010-05-04Rick WannerDNSSEC...not a bang but a whimper?
2010-02-26Rick WannerNew version of dnsmap
2010-01-19Jim Clausing49Gbps DDoS, IPv4 exhaustion, and DNSSEC, oh my!
2010-01-12Johannes UllrichBaidu defaced - Domain Registrar Tampering
2010-01-11Johannes Ullrichthe (large) domain registrar "eNom" appears to have problems with its DNS servers according to some user reports.
2010-01-10Guy BruneauEasy DNS BIND Sinkhole Setup
2009-12-15Johannes UllrichImportant BIND name server updates - DNSSEC
2009-11-25Jim ClausingUpdates to my GREM Gold scripts and a new script
2009-11-24John BambenekBIND Security Advisory (DNSSEC only)
2009-11-02Daniel WesemannIDN ccTLDs
2009-10-29Kyle HaugsnessCyber Security Awareness Month - Day 29 - dns port 53
2009-07-29Bojan ZdrnjaBIND 9 DoS attacks in the wild
2009-04-26Johannes UllrichOdd DNS Resolution for Google via OpenDNS
2009-03-21Stephen HallUpdates to ISC BIND
2009-01-31Swa FrantzenDNS DDoS - let's use a long term solution
2009-01-18Daniel WesemannDNS queries for "."
2009-01-08Kyle HaugsnessBIND OpenSSL follow-up
2009-01-07William SaluskyBIND 9.x security patch - resolves potentially new DNS poisoning vector
2008-12-04Bojan ZdrnjaRogue DHCP servers
2008-11-25Andre LudwigOS X Dns Changers part three
2008-11-25Andre LudwigTmobile G1 handsets having DNS problems?
2008-10-17Patrick NolanDay 17 - Containing a DNS Hijacking
2008-10-08Johannes UllrichDomaincontrol (GoDaddy) Nameservers DNS Poisoning
2008-08-14Johannes UllrichDNSSEC for DShield.org
2008-08-05Daniel WesemannWatching those DNS logs
2008-08-02Swa FrantzenBIND: -P2 patches are released
2008-07-25Swa FrantzenDNS bug - observations
2008-07-24Kyle HaugsnessDNS cache poisoning vulnerability details confirmed
2008-07-22Swa FrantzenDan Kaminsky's DNS bug: revealed? - Patch!
2008-07-09Marcus SachsDNS Vulnerability Found by a GSEC Student Three Years Ago!
2008-07-08Johannes UllrichMulitple Vendors DNS Spoofing Vulnerability
2008-05-19Maarten Van HorenbeeckRoute filtering and its impact on the DNS fabric
2008-04-30Bojan Zdrnja(Minor) evolution in Mac DNS changer malware
2008-03-23Johannes UllrichFinding hidden gems (easter eggs) in your logs (packet challenge!)