Quick DFIR Tip

Post Reply
Posts: 116
Joined: Wed Jun 13, 2018 9:36 am
Has thanked: 0
Been thanked: 1 time

Quick DFIR Tip

Post by john » Sat Jun 30, 2018 6:34 pm

NSM tip: If you are doing DNS analysis via sniffing packets, try and capture queries from the originating hosts as opposed to internal DNS servers. Matching queries to hosts sounds easy in theory but rarely is in practice. #DFIR

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests