It seems as if monitoring DNS traffic has become pretty popular lately. Our security team just utilized DNS traffic records shown in NetFlow in order to catch an infected Macbook on our Network and just yesterday, we discovered an iPhone reaching out to a plethora of Non Existent Domains.
monitors DNS TXT
It’s hard to believe, isn’t it? Our security vendors (e.g. McAfee, SonicWALL and others) are using the same tactics as malware to extract information from the computers on our networks and they are sending it in a way that evades some of the best firewalls on the market.