DNS logs are an often overlooked asset in identifying malware in your network. The purpose of this talk to identify malware in the network through establishing DNS query and response baselines, analysis of NXDOMAIN responses, analysis of successful DNS lookups, and identifying domain name anomalies. This talk will give you the basics of what to look for in you own unique environments.