In Depth Analysis of Multicast DNS and DNS Service Discovery

In Depth Analysis of Multicast DNS and DNS Service Discovery

Hack In The Box Security Conference via YouTube Direct link

Discovering Instances of a Specific Service • Query for a DNS PTR record with a name of

13 of 41

13 of 41

Discovering Instances of a Specific Service • Query for a DNS PTR record with a name of

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

In Depth Analysis of Multicast DNS and DNS Service Discovery

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Objectives
  3. 3 Threat Analysis Methodology
  4. 4 Introduction
  5. 5 In a nutshell...
  6. 6 mDNS: A few more details...
  7. 7 and a few words for DNS-SD
  8. 8 What's the Inherent Problem(s)
  9. 9 Related Work
  10. 10 Types of Attacks
  11. 11 Discovery of available services
  12. 12 A Special Service
  13. 13 Discovering Instances of a Specific Service • Query for a DNS PTR record with a name of
  14. 14 Information Gathering
  15. 15 How Pholus Automates Reconnaissance
  16. 16 Advertised DNS Reverse Mapping
  17. 17 Implicit Network Sweeping
  18. 18 Spoofing Services Manually
  19. 19 Spoofing TXT ans SRV Records
  20. 20 Send Automatically Fake Responses
  21. 21 An Asymmetric Key Verification Example
  22. 22 Spoofing-Related Options
  23. 23 and What About TXT Records?
  24. 24 How to Reproduce Overflow Attempts
  25. 25 Is there Room for DNS Cache Poisoning?
  26. 26 Denial of Service Setting DNS TTL:=0
  27. 27 Setting DNS TTL=0 Using Pholus
  28. 28 Probing
  29. 29 Denial of Service + Net Flooding Creating Conflicts deliberately
  30. 30 Other Dos Capabilities
  31. 31 Generic Flooding of a Network
  32. 32 Direct Unicast Queries
  33. 33 DDoS (Amplification) Attack
  34. 34 Situation Nowadays
  35. 35 Sometimes Problems re-appear...
  36. 36 How to Reproduce the Attacks Using Pholus?
  37. 37 Mitigation?
  38. 38 Permanent Fix?
  39. 39 Conclusions
  40. 40 References
  41. 41 Questions?

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.