A nameserver reputation score is a measure of the trustworthiness and reputation of the nameservers associated with a particular domain (or set of domains).
Threat actors often use compromised or low-reputation nameservers to host phishing or malware distribution websites or to carry out other malicious activities.
Nameserver reputation scores are calculated based on a variety of factors, including (but not limited to):
- Historical activity associated with the nameservers
- The number of domains associated with the nameservers that have been used in malicious activity
- The quality of the nameserver's security controls and practices
By focusing on domains associated with nameservers that have a low reputation score, security teams can reduce the risk of cyber attacks and protect their organization's network and data.
Silent Push provides a fast, simple lookup that allows organizations to ascertain a nameserver's reputation score, which can then be used to inform other threat intelligence activities and cyber defense operations.
-
Navigate to
Advanced Query Builder > PADNS Queries > Nameserver Reputation -
Specify a
nameserver -
(Optional) Select
explainto show details of data used to calculate the score in the response -
Click
Search
Saving queries
Organizational users are able to save individual queries ran from Advanced Query Builder, and store them in the Private Queries menu for future analysis, or to share with their organization.
-
Specify the query parameters
-
Click
Save Query -
Give your query a
Name -
Specify a
Descriptionto add more context -
Click
Save