CPC H04L 61/4511 (2022.05) [H04L 61/301 (2013.01); H04L 61/58 (2022.05)] | 20 Claims |
1. A method, comprising:
capturing domain name system (DNS) data;
receiving a trigger notification, the trigger notification indicating a zone associated with an authoritative DNS server is compromised;
determining whether a recursive DNS resolver has valid cached information associated with the zone; and
when it is determined the recursive DNS resolver does not have valid cached information associated with the zone:
causing the recursive DNS resolver to retrieve last known valid information associated with the zone from an observer system, the last known valid information being captured from the DNS data;
generating a virtual zone using the last known valid information; and
causing the recursive DNS resolver to host the virtual zone.
|