{"id":10031,"date":"2019-06-11T09:07:56","date_gmt":"2019-06-11T07:07:56","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=10031"},"modified":"2019-06-11T09:07:56","modified_gmt":"2019-06-11T07:07:56","slug":"sysinternals-sysmon-with-dns-query-logging-comes-today","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2019\/06\/11\/sysinternals-sysmon-with-dns-query-logging-comes-today\/","title":{"rendered":"Sysinternals Sysmon with DNS query logging comes today"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" src=\"http:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2013\/03\/winb.jpg\" width=\"58\" align=\"left\" height=\"58\">[<a href=\"https:\/\/www.borncity.com\/blog\/2019\/06\/11\/sysinternals-sysmon-mit-dns-query-protokollierung-kommt\/\" target=\"_blank\" rel=\"noopener noreferrer\">German<\/a>]Mark Russinovich has announced to&nbsp; release a new version of his Sysmon included in the Sysinternals tools today (Tuesday), This version can then log DNS queries.<\/p>\n<p><!--more--><\/p>\n<p>Not much information is available yet &#8211; I just found a <a href=\"https:\/\/twitter.com\/markrussinovich\/status\/1137466538322042880\" target=\"_blank\" rel=\"noopener noreferrer\">tweet<\/a> from Mark Russinovich from the weekend, where he announces the new version.&nbsp; <\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"de\">\n<p lang=\"en\" dir=\"ltr\">Sysmon with DNS query logging and original file name reporting will publish on Tuesday. <a href=\"https:\/\/t.co\/0nTKJahjSe\">pic.twitter.com\/0nTKJahjSe<\/a><\/p>\n<p>\u2014 Mark Russinovich (@markrussinovich) <a href=\"https:\/\/twitter.com\/markrussinovich\/status\/1137466538322042880?ref_src=twsrc%5Etfw\">8. Juni 2019<\/a><\/p><\/blockquote>\n<p><span id=\"preserve8af2d7956cc047deb876a181c63e5efa\" class=\"wlWriterPreserve\"><SCRIPT charset=\"utf-8\" src=\"https:\/\/platform.twitter.com\/widgets.js\" async><\/SCRIPT><\/span> <\/p>\n<p>The tool logs not only the DNS requests but also the feedback of the respective DNS server. Security researcher @SwiftOnSecurity has already <a href=\"https:\/\/twitter.com\/SwiftOnSecurity\/status\/1136075688488947713\" target=\"_blank\" rel=\"noopener noreferrer\">praised<\/a> the tool. <\/p>\n<p>The Sysinternals-Suite is a collection of tools for Windows with which you can do various things. The tools of the free Sysinternals Suite can be found on <a href=\"https:\/\/docs.microsoft.com\/en-us\/sysinternals\/downloads\/sysinternals-suite\" target=\"_blank\" rel=\"noopener noreferrer\">this website<\/a>. However, currently the updated version of Sysmon is not yet available (as of February 18, 2019). <\/p>\n<blockquote>\n<p>PS: By the way, there are interesting discussions about <a href=\"https:\/\/twitter.com\/markrussinovich\/status\/1137466538322042880\" target=\"_blank\" rel=\"noopener noreferrer\">this tweet<\/a>. The only thing that annoys me are the typical animated GIF memes, which always appear in tweets like this. <\/p>\n<\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>[German]Mark Russinovich has announced to&nbsp; release a new version of his Sysmon included in the Sysinternals tools today (Tuesday), This version can then log DNS queries.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1547],"tags":[1968,157],"class_list":["post-10031","post","type-post","status-publish","format-standard","hentry","category-software","tag-sysinternals","tag-tool"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/10031","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=10031"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/10031\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=10031"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=10031"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=10031"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}