Home page logo

educause logo Educause Security Discussion mailing list archives

Re: capturing full URL information via DNS request logs
From: Rich Graves <rgraves () CARLETON EDU>
Date: Wed, 9 Oct 2013 15:40:44 -0500

Keep in mind that most browsers will prefetch DNS results for visible hyperlinks. This will give you false positives if 
you're trying to figure out who clicked on malware/phishing links, for example. You need to join with 
netflow/proxy/firewall/nat logs to be sure.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]