diff --git a/i-d/pdns-qof.xml b/i-d/pdns-qof.xml index be7b8f3..c2ba8b2 100644 --- a/i-d/pdns-qof.xml +++ b/i-d/pdns-qof.xml @@ -145,7 +145,7 @@
Passive DNS is a technique described by Florian Weimer in 2005 in Passive DNS replication, F Weimer - 17th Annual FIRST Conference on Computer Security. Since then multiple Passive DNS implementations were created and evolved over time. Users of these Passive DNS servers may query a server (often via WHOIS or HTTP REST), parse the results and process them in other applications. - There are multiple implementations of Passive DNS software. Users of passive DNS query each implementation and aggregate the results for their search. This document describes the output format of four Passive DNS Systems (, , and ) which are in use today and which already share a nearly identical output format. + There are multiple implementations of Passive DNS software. Users of passive DNS query each implementation and aggregate the results for their search. This document describes the output format of four Passive DNS Systems (, , , and ) which are in use today and which already share a nearly identical output format. As the format and the meaning of output fields from each Passive DNS need to be consistent, we propose in this document a solution to commonly name each field along with their corresponding interpretation. The format follows a simple key-value structure in JSON format. The benefit of having a consistent Passive DNS output format is that multiple client implementations can query different servers without having to have a separate parser for each @@ -372,13 +372,20 @@ ws = *( - + Passive DNS server interface using the common output format - + + + + DNSDB API Client, C Version + + + +