Dynamic DNS is a method of automatically updating a name in the DNS system. Providers offer this rapid reconfiguration of IPs to hostnames as a service.1
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: Flexible and re-configurable command and control servers, along with deniable ownership and reduced cost of ownership.
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: Defender will not know at first use what is valid or hostile traffic without more context. It is possible, however, for defenders to see if the PTR record for an address is hosted by a known DDNS provider. There is potential to assign some level of risk based on this.
Similar Techniques for Other Tactics
|Adversary OPSEC||Dynamic DNS|
|Establish & Maintain Infrastructure||Dynamic DNS|