Coronavirus (COVID-19) Information Read here

The TXT Record

Batch mode and raw query updates to dnsdbq

Monday, January 13, 2020 By David Waitzman

Describes useful updates to dnsdbq, the command line tool for Farsight DNSDB

Read more

Why Do Incident Responders and Other Investigators Focus on Particular DNS Record Types?

Friday, November 22, 2019 By Joe St Sauver

Joe St Sauver explains the benefits of searching A, AAAA, CNAME and other DNS records in DNSDB

Read more

Newly Registered Domains vs. Newly Observed Domains vs. Newly Active Domains vs. Newly Observed Hostnames vs. DNS Changes: What Does "New" Mean?

Thursday, October 24, 2019 By Joe St Sauver

What is the difference between Newly Observed Domains and Newly Registered Domains? Joe St Sauver explains all of this and more in this illuminating article.

Read more

DNSDB Scout Turns 1!

Thursday, October 17, 2019 By Tyler Wood and Daniel Schwalbe

It’s hard to believe, but it has been exactly one year since we released DNSDB Scout™, the graphical user interface for DNSDB, built on the Google Chrome Extension™ framework. Since then, the Chrome Extension has been installed in over 1000 browsers and has over 700 active users. Based on the overwhelmingly positive response from our user community, we released a DNSDB Scout Add-On for Mozilla Firefox in January of 2019. The Firefox Add-On currently has...

Read more

Visualizing the Hard-to-Visualize: DNS and SSL/TLS Cert Existence Over Time Using R Graphics

Monday, September 30, 2019 By Joe St Sauver

I. Introduction Understanding what's going on in DNS data (or in data from other potential sources) often involves time: to understand security data, we may need to understand when data was collected, when events happened, and when changes took place. That's why DNSDB supports time fencing, and why we've previously discussed analyzing DNS traffic volumes over time in previous blog articles: Finding Top FQDNs Per Day in DNSDB Export MTBL Files (Part 1), Volume-Over-Time Data...

Read more