From the course: Security Onion
Join today to access over 24,700 courses taught by industry experts.
Domain stats and frequency server
From the course: Security Onion
Domain stats and frequency server
- [Instructor] Now the next two items we'll discuss are built into Security Onion, and they just need to be turned on to be functional. The first is domain stats. Now, domain stats is a Python script that checks on domain age and whether or not a domain is in the Alexa Top 1,000,000 Domains, which is a list that was put together by Amazon. Now, the value to using domain stats is that traffic to newly registered domains could be suspicious as bad actors will frequently spin up a domain for a campaign and then abandon it once it's been blacklisted. Now, I have seen successful gift card phishing scams come from newly registered domains where the victim lost around $15,000 to the scammer. It's definitely something worth paying attention to. Now, to use domain stats, you'll need to make sure that it is turned on. By default, it is disabled when choosing best practices on a production setup, but it's easy enough to turn back on if you read the documentation. Now, you'll also need to make…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.