From the course: CompTIA CySA+ (CS0-002) Cert Prep: 5 Security Operations and Monitoring
Unlock the full course today
Join today to access over 22,700 courses taught by industry experts or purchase this course individually.
DNS harvesting
From the course: CompTIA CySA+ (CS0-002) Cert Prep: 5 Security Operations and Monitoring
DNS harvesting
- [Instructor] Domain names, URLs, and IP addresses are excellent starting points for gathering security information. DNS and URL analysis are particularly useful in malware analysis as they can be used to track the URLs used in malware command and control services. Let's take a look at a few of the utilities that can help you learn more about a remote system. The first thing we'll do is try to learn more about the hosts behind a domain name. The domain name service, or DNS, translates domain names into IP addresses. Did you know that you can perform DNS lookups manually to find out the IP address associated with a domain name? The dig command is the primary tool for performing domain lookups on Mac and Linux systems. Let's take a look at the dig command in action. Suppose that I'd like to know the IP address for LinkedIn.com. I can simply type in dig LinkedIn.com, and then I get some query results. Now there's a lot of…
Contents
-
-
-
-
(Locked)
Endpoint monitoring3m 23s
-
(Locked)
Malware prevention7m 17s
-
(Locked)
File system integrity monitoring4m 42s
-
(Locked)
Network monitoring4m 20s
-
(Locked)
Protocol analyzers6m 39s
-
(Locked)
DNS harvesting4m 30s
-
(Locked)
Intrusion detection and prevention8m 29s
-
(Locked)
Web security tools3m 40s
-
(Locked)
Impact analysis3m 50s
-
(Locked)
Querying logs7m 10s
-
(Locked)
-
-
-
-
-