http://www.alienvault.com/open-threat-exchange/blog/identifying-suspicious-domains-using-dns-records
Here are some other great articles on the power of DNS visibility:
http://blogs.cisco.com/security/tracking-malicious-activity-with-passive-dns-query-monitoring/
https://blog.damballa.com/archives/1834/trackback
http://isc.sans.edu/diary.html?storyid=13918
Got Security Onion?
https://code.google.com/p/security-onion/wiki/Installation
http://www.youtube.com/watch?v=33HZyIxbg6c&list=PLMN5wm-C5YjyieO63g8LbaiWTSJRj0DBe
Need Training?
Want to learn more about Log Management? Join me for SANS SEC434 Log Management In-Depth in Memphis TN on October 16th and 17th! This class is being held in conjunction with University of Memphis Center for Information Assurance Cyber Security Expo taking place October 18, 2013 at the FedEx Institute of Technology. Your paid tuition for this SANS course includes registration for the Cyber Security Expo when you register with Discount Code "ISC-Memphis":
http://www.sans.org/community/event/sec434-memphis-16oct2013-doug-burks
Want to learn more about Security Onion? Sign up for the upcoming 8-hour class in Augusta GA! Be one of the first 10 students to sign up and you can register at the discounted Early Bird price! For full details and to register, please see:
https://securityonion20131026.eventbrite.com/
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.