Completed
Information Gathering
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
In Depth Analysis of Multicast DNS and DNS Service Discovery
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Objectives
- 3 Threat Analysis Methodology
- 4 Introduction
- 5 In a nutshell...
- 6 mDNS: A few more details...
- 7 and a few words for DNS-SD
- 8 What's the Inherent Problem(s)
- 9 Related Work
- 10 Types of Attacks
- 11 Discovery of available services
- 12 A Special Service
- 13 Discovering Instances of a Specific Service • Query for a DNS PTR record with a name of
- 14 Information Gathering
- 15 How Pholus Automates Reconnaissance
- 16 Advertised DNS Reverse Mapping
- 17 Implicit Network Sweeping
- 18 Spoofing Services Manually
- 19 Spoofing TXT ans SRV Records
- 20 Send Automatically Fake Responses
- 21 An Asymmetric Key Verification Example
- 22 Spoofing-Related Options
- 23 and What About TXT Records?
- 24 How to Reproduce Overflow Attempts
- 25 Is there Room for DNS Cache Poisoning?
- 26 Denial of Service Setting DNS TTL:=0
- 27 Setting DNS TTL=0 Using Pholus
- 28 Probing
- 29 Denial of Service + Net Flooding Creating Conflicts deliberately
- 30 Other Dos Capabilities
- 31 Generic Flooding of a Network
- 32 Direct Unicast Queries
- 33 DDoS (Amplification) Attack
- 34 Situation Nowadays
- 35 Sometimes Problems re-appear...
- 36 How to Reproduce the Attacks Using Pholus?
- 37 Mitigation?
- 38 Permanent Fix?
- 39 Conclusions
- 40 References
- 41 Questions?