Home Forums BB Form How to Search DNS History in Linux?

Viewing 1 post (of 1 total)
  • Author
  • liykristina
    Post count: 3068

    The local resolver would get the response with the correct transaction ID, drop the others and cache the address. From now on, and for an arbitrary amount of time, any local client that would have visited that domain would be directed to the attacker’s website. As explained above, it takes some time for the resolver to resolve the IP address of a domain. It usually needs to contact multiple servers before getting to the authoritative one. Attackers can abuse this period of time to send fake answers to the resolver. DNS records allow DNS servers to map name requests to corresponding IP addresses. Modification or deletion of DNS records can result in service unavailability. Hence it is crucial to monitor DNS record modification to accelerate forensic analysis in case of a mishap. The most used command for searching the DNS history in Linux is the “dig” command. The dig command performs the DNS lookup and provides detailed information about the DNS servers. The dig command queries the DNS servers and fetches the information about the DNS records. The domain history lookup service that is most commonly used is the whois service. This service is available on most major web browsers and can be accessed by entering the domain name into a search engine. The whois service will return a list of the domain’s current owners and the date of the last change to the domain’s ownership. Historical DNS records are very useful in cybersecurity investigations, particularly in expanding lists of indicators of compromise and identifying new artifacts. Given a single domain or IP address, you can perform a passive DNS data lookup to find other related web properties. They are also handy when determining the components of a criminal infrastructure. Ensure you are not sharing your IP address with other domains or get the list of domain names you share your IP address with to conduct further investigation and verify their legitimacy. Sharing IP addresses with malicious domains can lead to lower search engine ranking, which can negatively affect your digital marketing efforts.

Viewing 1 post (of 1 total)
Reply To: How to Search DNS History in Linux?
Your information: