| ▲ | embedding-shape an hour ago | |||||||
> No man-in-the-middle is needed [...] Check out passive DNS How does one execute this "passive DNS" without quite literally being on the receiving end, or at least sitting in-between the sending and receiving end? You're quite literally describing what I'm saying, which makes it less of a "leak" and more like "others might collect your data, even your ISP", which I'd say would be accurate than "your DNS leaks". | ||||||||
| ▲ | 8organicbits an hour ago | parent [-] | |||||||
There's a lot of online documentation about passive DNS. Here's one example > Passive DNS is a historical database of how domains have resolved to IP addresses over time, collected from recursive DNS servers around the world. It has been an industry-standard tool for more than a decade. > Spamhaus’ Passive DNS cluster handles more than 200 million DNS records per hour and stores hundreds of billions of records per month, providing you with access to a vast lake of threat intelligence data. https://www.spamhaus.com/resource-center/what-is-passive-dns... | ||||||||
| ||||||||