What is Passive DNS?

by George Chetcuti [Published on 17 March 2014 / Last Updated on 17 March 2014]

Passive DNS or Passive DNS replication is a technique invented by Florian Weimer in 2004 where inter-server DNS messages are captured by sensors and forwarded to a collection point for analysis.

Since Passive DNS databases are extremely useful for a variety of purposes, ISC (Internet Systems Consortium) initiated and ran a program known as the Passive DNS Database (DNSDB) which was later acquired by Farsight (July 2013). This program offers interested parties to join and operate a passive DNS sensor on behalf of Farsight. Farsight Security is a commercial entity but is committed to share security-related telemetry data with security industry partners and academic researchers at nominal or non-discriminatory subscription rates.

Read more here - http://www.isc.org/blogs/join-the-global-passive-dns-pdns-network-today-gain-effective-tools-to-fight-against-cyber-crime/

Farsight Passive DNS is a project that collects DNS response data received by caching, recursive DNS servers distributed around the Internet. This data is aggregated and made available via the Farsight SIE platform where it is imported in an anonymized form into the Farsight DNSDB system. Operating a Farsight Passive DNS sensor improves the quality of data available from Farsight DNSDB and aids anti-abuse research.

Read more here - https://archive.farsightsecurity.com/Passive_DNS_Sensor/

Add Review or Comment

See Also

Featured Links