Dynamic DNS

Dynamic DNS is a automated method to rapidly update the domain name system mapping of hostnames to IPs. [1]

ID: T1333

Tactic: Establish & Maintain Infrastructure

Version: 1.0

Similar Techniques by Tactic

Adversary OpsecDynamic DNS


Detectable by Common Defenses (Yes/No/Partial): No

Explanation: Defender will not know at first use what is valid or hostile traffic without more context.

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: It is relatively easy to subscribe to dynamic DNS providers or find ways to get different IP addresses from a cloud provider.


  1. FireEye. (2014). SUPPLY CHAIN ANALYSIS: From Quartermaster to SunshopFireEye. Retrieved March 6, 2017.