SIE Passive DNS and the ISC DNS Database

Presented at Black Hat USA 2010, Unknown date/time (Unknown duration).

Passive DNS replication is a technique invented by Florian Weimer for tracking changes to the domain name system. This session will introduce the problems faced by passive DNS replication in the areas of collection, analysis, and storage of DNS data at scale, and will introduce state-of-the-art solutions to these problems developed at ISC SIE. Components of SIE's passive DNS architecture will be showcased, including a specialized DNS capture tool, a tool for processing and deduplicating raw DNS message data, and the storage engine used to archive and index processed data. A bulk HTTP query API and web interface to the storage engine will also be demonstrated and made available.


Presenters:

Links:

Similar Presentations: