To request access this dataset you will need to login with an IMPACT account. Accounts are free. If you don't have one please register.

Summary

DS-0794
Operational Research Data from Internet NAmespace Logs (ORDINAL)
Dataset
JAS Global Advisors, LLC
JAS Global Advisors, LLC
05/31/2017
Data collection is ongoing
38 (lowest rank is 49)

Category & Restrictions

Other
dns data
Quasi-Restricted
Unknown

Description


Log data on public-facing Internet hosts resulting from a significant and common DNS misconfiguration

The Domain Name System (DNS) is a method to identify resources on the Internet. Unfortunately, the DNS has historically been misused as an AUTHENTICATION system instead.

The ORDINAL dataset contains robust DNS protocol layer data, select application layer data, standard activity logs, received select transmissions, and packet captures of associated activity originally intended to study the impact of DNS namespace collisions.

The dataset is generated via Internet activity to sensor nodes which are linked to high activity Domain Names. The highest volume names have been used commonly in misconfigurations or in internal environments across the Internet, but none of the names in the ORDINAL dataset have ever to our knowledge, provided services for any public facing purpose other than research data collection and providing awareness of misconfiguration issues.

All sensors operate DNS, SMTP, HTTP, and HTTPS listeners on IPv4 and IPv6. All information received by the sensor nodes is provided unsolicited.    Log data made available under ORDINAL are IP-address anonymized.

Objectives

         * Raise awareness of the "Misuse of the DNS for authentication" issue
         * Improve protocol and application design
         * Help software vendors identify and remediate problems
         * Help system administrators identify and remediate problems
         * Provide data to spam/phishing/malware researchers

What ORDINAL can make available to researchers

         * DNS query logs (named logs)
         * All behavior supports IPv4 and IPv6
         * Open to running experiments (based on risk assessment)
This dataset is the subject of ongoing measurement and data collection. As such the data is continuously growing. Researchers who are granted access will be able to download updates for a period of one year after their request.

Additional Details

4.0GB
Size is growing as more data is collected
true
true
trust, internet mail protocols, cybercrime, protocol stack, online help, spamming, jas global advisors, llc, cryptographic protocol, communication protocol, application layer protocols, packets, transport layer security, 794, ipv4, applications of cryptography, ipv6, host, domain name system, internet protocol, data protection, domain name, vmware thinapp, communication, network packet, internet governance, email, authentication, online services, operational research data from internet namespace logs (ordinal), phishing, uniform resource identifier, malware, virtualization software, hypertext transfer protocol, simple mail transfer protocol, vmware, data anonymization, secure communication, information privacy, history of computing, ip address, exploit