[German]Mark Russinovich has announced to release a new version of his Sysmon included in the Sysinternals tools today (Tuesday), This version can then log DNS queries.
Advertising
Not much information is available yet – I just found a tweet from Mark Russinovich from the weekend, where he announces the new version.
Sysmon with DNS query logging and original file name reporting will publish on Tuesday. pic.twitter.com/0nTKJahjSe
— Mark Russinovich (@markrussinovich) 8. Juni 2019
The tool logs not only the DNS requests but also the feedback of the respective DNS server. Security researcher @SwiftOnSecurity has already praised the tool.
The Sysinternals-Suite is a collection of tools for Windows with which you can do various things. The tools of the free Sysinternals Suite can be found on this website. However, currently the updated version of Sysmon is not yet available (as of February 18, 2019).
PS: By the way, there are interesting discussions about this tweet. The only thing that annoys me are the typical animated GIF memes, which always appear in tweets like this.
Advertising