-
Notifications
You must be signed in to change notification settings - Fork 83
DNS
Tony Phipps edited this page May 7, 2018
·
2 revisions
Credential Access
Monitor for suspcious mappings, which may indicate ARP/DNS poisoning.
SELECT Status, DataLength, RecordResponse, TTL, RecordType, Record, Entry, RecordName
GROUP BY Status, DataLength, RecordResponse, TTL, RecordType, Record, Entry, RecordName