Loading…

Register   or Login

Description:

DNS Security Check easily finds DNS misconfigurations and anomalies in corporate networks. Despite its maturity and long history, DNS protocol was not designed with security in mind and thus has many means of malicious exploitation. Methods to transfer non-DNS data over the protocol are called DNS tunneling and allow to obfuscate and transmit botnet C2 traffic or slowly exfiltrate data. DNS Security Check Advanced is a first and easy step towards DNS security in any organization. DNS Security Check Advanced differs significantly from the Basic use case. Basic version detects, provides the visual display and automatic alerts on the DNS packets addressed to non-corporate DNS servers. DNS Security Check Advanced also analyzes client-server DNS traffic and shows suspicious patterns, processes DNS server logs (like Microsoft DNS Trace Logs, BIND or other), detects unusually large DNS packet sizes or long DNS queries and can automatically discover DNS servers in your network. Many threats related to DNS protocol abuse can be mitigated by secure network design. You can explore MITRE ATT&CK section in TDM to learn more about attackers' techniques that abuse this protocol and ways to mitigate their activities.

Other integrations: