Lesson 1, Topic 7
In Progress

Domain Name Server (DNS) Logs

Lesson Progress
0% Complete

The DNS Server is used to resolve the domain names or device names to relevant IP addresses. The way these logs help is that a compromise on this device will allow to identify other machines that may also be infected because they were resolved using this server.

Data Sets

  • Object modifications
  • Object creation, deletion, moving, etc.
  • TCP / UDP failures
  • Failed modifications
  • Replication failures
  • Shutdown / reboot of service
  • User information
  • Terminal information

Common Vendors

  • Microsoft (Windows DNS Server)
  • Infoblox