DNS Dark Matter Discovery - Theres Evil In Those Queries
Offered By: YouTube
Course Description
Overview
Explore the dark side of DNS in this 40-minute conference talk from CircleCityCon 2017. Delve into DNS resolution processes, key terminology, and common server software. Learn to use Dig and Wireshark for DNS analysis. Examine various DNS-based attacks, including amplification, slow reflection, and data exfiltration. Discover log analysis techniques, including log shipping and Elasticsearch. Investigate malicious activities through DNS query response codes and AD DNS debug data. Gain insights on securing Active Directory DNS and implementing effective DNS debug logging for enhanced network security.
Syllabus
Intro
What happens to the Internet when DNS is horked?
DNS Resolution Process
Key DNS Terminology
Common DNS Server Software
Dig Usage
Wireshark
Test Your DNS
DNS Amplification Attacks
Slow DNS Reflection (DGA Domains or Domain Fluxing)
Bad Query Name Format
Malformed DNS Packets
DNS Data Exfiltration
The Log Analysis Process
Log Shipping
TCL GELF Logging
Elasticsearch
Malicious Source IPs
Network Compromise
AD DNS Debug Data
Device Compromise
DNS Query Response Codes
Securing AD DNS
AD DNS Debug Logging
Securing DNS
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube