DomainTools

Post Quantum Cryptography (PQC): You May Already Be Using It!

54 — Thu, 17 Oct 2024 15:37:02 +0000

DNS makes the Internet usable and cryptography makes it secure. In this blog, we’ll discuss important changes happening in cryptography

The DEF CON Recon Village Subdomain Enumeration Challenge: A Retrospective

48 — Thu, 25 Jul 2024 16:17:25 +0000

A Key First Step in Attack Surface Assessment At the 2023 DEF CON, the Recon Village ran the “ReconAacharya Subdomain Enumeration Challenge.” Subdomain enumeration is a terrific subject for a cybersecurity competition, since it is often a key first step in attack surface assessment. This report is a post-hoc discussion of the DomainTools-affiliated team’s submission […]

New Draft Rule on Ransomware Payments and Cyber Incident Reporting

90 — Thu, 16 May 2024 16:00:00 +0000

The public has the opportunity to comment on the Cyber Incident Report for Critical Infrastructure Act through June 2, 2024. In this article, we highlight summaries of complex material and further reading

Enhancing dnsdbq Output With Geolocation Data

54 — Thu, 28 Mar 2024 15:47:03 +0000

Introduction Farsight DNSDB allows users to query domain names and get back IP addresses. These DNS “A record” results link a domain name to one or more IP addresses for a time window. Often when doing an investigation, you may want additional contextual information about an IP Address, such as routing information via the IP’s […]

Automatically Chasing CNAMEs in Farsight DNSDB Scout

54 — Thu, 22 Feb 2024 16:49:08 +0000

Mapping Domain Names to IP Addresses: Going From a Name To An IP Address May Not Happen Directly in Just a Single Step There’s a new feature available in Farsight DNSDB Scout — the ability to automatically “chase” (or iteratively resolve) Canonical Name (CNAME) records in Farsight DNSDB with the goal being to get to […]

Need A New PC? Buy One That's Prebuilt (Rather Than Building One Yourself)

54 — Thu, 01 Feb 2024 16:38:04 +0000

Introduction In our earlier article (“TOWINAP, The Only Way Is Nuke and Pave“), we mentioned that sometimes you might be best off replacing an older-model computer once it becomes infected. When doing so, you could buy a new system pre-assembled, or you could try assembling one of your own. Depending on your level of technical […]

Finding Patterns That Only Match Registered Domains (and Which Don't "Overmatch" Against Subdomains)

54 — Thu, 18 Jan 2024 18:51:01 +0000

Sometimes you may want to match domains that have a particular string followed by a top-level domain (TLD), but run into problems with “overmatching,” such as finding subdomains buried deep in domains that also match your pattern of interest. In this article, we’ll show you how to use Farsight DNSDB to find such a set […]

New Report Helps Users Bring Up a Secure Virtual Private Server Under Debian 11

90 — Thu, 11 Jan 2024 16:57:49 +0000

Self-managed Virtual Private Servers (VPS) have made new systems cheap for technically knowledgeable people to deploy, whether for hosting a personal (“vanity”) domain, to create a remote distributed node from which to collect data, for use in working with DNSDB API or the Security Information Exchange data, or for other purposes. However, while you can […]

Building a Secure VPS Server Under Debian 11

54 — Wed, 10 Jan 2024 14:25:45 +0000

Get Started in Setting Up A Functional and Secure System Self-managed VPS (Virtual Private Servers) can make new systems inexpensive for technically skilled individuals to deploy, either for hosting a personal domain, to create a remote distributed node, or for working with DNSDB API or the Security Information Exchange (SIE) data, or other purposes. While […]

Finding New ASNs

54 — Thu, 04 Jan 2024 16:48:31 +0000

A surprisingly large number of ASNs get assigned by the Internet’s regional registries every month, see table 1. Regional Registry Average New ASNs/Month Reference RIPE NCC 181 https://www.iana.org/numbers/allocations/ripencc/asn/ APNIC 146 https://www.iana.org/numbers/allocations/apnic/asn/ ARIN 90 https://www.iana.org/numbers/allocations/arin/asn/ LACNIC 53 https://www.iana.org/numbers/allocations/lacnic/asn/ AFRINIC 15 https://www.iana.org/numbers/allocations/afrinic/asn/ TOTAL 485 Table 1. Average New ASNs/Month by Regional Registry That’s a lot of new […]