Common Information
| Type | Value |
|---|---|
| Value |
DNS Server - T1583.002 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may set up their own Domain Name System (DNS) servers that can be used during targeting. During post-compromise activity, adversaries may utilize DNS traffic for various tasks, including for Command and Control (ex: [Application Layer Protocol](https://attack.mitre.org/techniques/T1071)). Instead of hijacking existing DNS servers, adversaries may opt to configure and run their own DNS servers in support of operations. By running their own DNS servers, adversaries can have more control over how they administer server-side DNS C2 traffic ([DNS](https://attack.mitre.org/techniques/T1071/004)). With control over a DNS server, adversaries can configure DNS applications to provide conditional responses to malware and, generally, have more flexibility in the structure of the DNS-based C2 channel.(Citation: Unit42 DNS Mar 2019) |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-09-12 | 2 | Encrypted DNS: DoT, DoH, and DoQ | ||
| Details | Website | 2024-09-12 | 6 | Active Directory Setup Guide: Installation and Configuration | ||
| Details | Website | 2024-09-12 | 14 | How to Set Up Your Own VPN on AWS: A Comprehensive Guide | ||
| Details | Website | 2024-09-11 | 4 | Linux üzərində DNS Server quraşdırılması və ayarlanması | ||
| Details | Website | 2024-09-10 | 10 | An In-Depth Look at DNS | ||
| Details | Website | 2024-09-10 | 2 | Private IP Address vs MAC Address in a Local Area Network?? | ||
| Details | Website | 2024-09-10 | 8 | What is subdomain takeover? How it is done and its consequences & Subzy tool | ||
| Details | Website | 2024-09-08 | 2 | What happens when you enter a URL | ||
| Details | Website | 2024-09-06 | 35 | HackTheBox Sherlock Writeup: APTNightmare | ||
| Details | Website | 2024-09-06 | 0 | SMT2024 Special Lecture 2: Cyber Threat Intelligence by NSHC | ||
| Details | Website | 2024-09-06 | 0 | Filtering Bot Traffic In Dnschef | ||
| Details | Website | 2024-09-05 | 0 | Understanding mDNS and Its Security Loopholes | ||
| Details | Website | 2024-09-03 | 5 | DNS zone transfer attack | ||
| Details | Website | 2024-09-02 | 7 | HTB SHERLOCK : NOTORIOUS WALKTHROUGH | ||
| Details | Website | 2024-09-02 | 43 | Creating a DNS C2 server and agent | ||
| Details | Website | 2024-09-02 | 2 | How SSL Certificates Can Help Prevent Man-in-the-Middle Attacks | ||
| Details | Website | 2024-09-01 | 5 | Reconnaissance: The Defensive Team | ||
| Details | Website | 2024-09-01 | 3 | E-RANK Dungeon: Passive Reconnaissance | ||
| Details | Website | 2024-08-31 | 64 | Case: Certification-DNS Cache | ||
| Details | Website | 2024-08-31 | 19 | Passive Reconnaissance in TryHackMe | ||
| Details | Website | 2024-08-30 | 16 | Internet Storm Center Diary 2024-08-30 - SANS Internet Storm Center | ||
| Details | Website | 2024-08-30 | 16 | Simulating Traffic With Scapy - SANS Internet Storm Center | ||
| Details | Website | 2024-08-28 | 1 | Breaking Badness Cybersecurity Podcast - 192. TLD-fense | ||
| Details | Website | 2024-08-23 | 13 | Local Networks Go Global When Domain Names Collide – Krebs on Security | ||
| Details | Website | 2024-08-18 | 21 | LAPSUS$ is dead, long live HexaLocker? |