Play all

Intro

What happens to the Internet when DNS is horked?

DNS Resolution Process

Key DNS Terminology

Common DNS Server Software

Dig Usage

Wireshark

Test Your DNS

DNS Amplification Attacks

Slow DNS Reflection (DGA Domains or Domain Fluxing)

Bad Query Name Format

Malformed DNS Packets

DNS Data Exfiltration

The Log Analysis Process

Log Shipping

TCL GELF Logging

Elasticsearch

Malicious Source IPs

Network Compromise

AD DNS Debug Data

Device Compromise

DNS Query Response Codes

Securing AD DNS

AD DNS Debug Logging

Securing DNS

Description:

Explore the dark side of DNS in this 40-minute conference talk from CircleCityCon 2017. Delve into DNS resolution processes, key terminology, and common server software. Learn to use Dig and Wireshark for DNS analysis. Examine various DNS-based attacks, including amplification, slow reflection, and data exfiltration. Discover log analysis techniques, including log shipping and Elasticsearch. Investigate malicious activities through DNS query response codes and AD DNS debug data. Gain insights on securing Active Directory DNS and implementing effective DNS debug logging for enhanced network security.

DNS Dark Matter Discovery - Theres Evil In Those Queries

Add to list

#Conference Talks #Information Security (InfoSec) #Cybersecurity #Network Security #Computer Science #Computer Networking #Wireshark #DNS #DNS Security #System Administration #Log Analysis

0:00 / 0:00