Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

The Domain Name System - DNS Operation, Threats, and Security Intelligence

via YouTube

Overview

Explore the intricacies of the Domain Name System (DNS) in this 36-minute conference talk from Louisville InfoSec 2016. Delve into DNS operation, potential threats, and security intelligence with expert Tom Kopchak. Learn about amplification attack processes, proper DNS server configuration, and the importance of only providing responses for domains you own. Discover the dangers of blind transfers and domain hijacking, and explore effective countermeasures. Examine DNS security use cases, including SSL traffic correlation challenges and threat intelligence using DNS data. Gain insights into forensic investigations, DNS data exfiltration detection, and the role of DNS in threat intelligence research. Enhance your understanding of DNS security to better protect your organization's digital infrastructure.

Syllabus

Intro
DOMAIN NAME SYSTEM Operation, Threats, and Security Intelligence
AMPLIFICATION ATTACK PROCESS
PROPER DNS SERVER CONFIGURATION
YOU ARE NOT AN ISP Unless, of course, you are ONLY PROVIDE RESPONSES FOR DOMAINS YOU OWN
BLIND TRANSFERS ARE BAD
DOMAIN HIJACKING
HOW DO WE STOP THIS?
DNS SECURITY USE CASES
SSL TRAFFIC CORRELATION Problem Reading encyrpted requests is hard
THREAT INTELLIGENCE USING DNS DATA DNS lookups for known malicious sites Hosting providers associated with ransomware
FORENSIC INVESTIGATIONS
DNS DATA EXFILTRATION Detect DNS tunneling - abnormally high number of lookups for a single domain
THREAT INTELLIGENCE RESEARCH

Reviews

Start your review of The Domain Name System - DNS Operation, Threats, and Security Intelligence

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.