YoVDO

DNS Dark Matter Discovery - Theres Evil In Those Queries

Offered By: YouTube

Tags

Conference Talks Courses Cybersecurity Courses Network Security Courses Wireshark Courses DNS Courses DNS Security Courses Log Analysis Courses

Course Description

Overview

Explore the dark side of DNS in this 40-minute conference talk from CircleCityCon 2017. Delve into DNS resolution processes, key terminology, and common server software. Learn to use Dig and Wireshark for DNS analysis. Examine various DNS-based attacks, including amplification, slow reflection, and data exfiltration. Discover log analysis techniques, including log shipping and Elasticsearch. Investigate malicious activities through DNS query response codes and AD DNS debug data. Gain insights on securing Active Directory DNS and implementing effective DNS debug logging for enhanced network security.

Syllabus

Intro
What happens to the Internet when DNS is horked?
DNS Resolution Process
Key DNS Terminology
Common DNS Server Software
Dig Usage
Wireshark
Test Your DNS
DNS Amplification Attacks
Slow DNS Reflection (DGA Domains or Domain Fluxing)
Bad Query Name Format
Malformed DNS Packets
DNS Data Exfiltration
The Log Analysis Process
Log Shipping
TCL GELF Logging
Elasticsearch
Malicious Source IPs
Network Compromise
AD DNS Debug Data
Device Compromise
DNS Query Response Codes
Securing AD DNS
AD DNS Debug Logging
Securing DNS


Related Courses

Amazon Connect: Troubleshooting with Cloudwatch
Amazon Web Services via AWS Skill Builder
AWS Cloud Quest: Networking
Amazon Web Services via AWS Skill Builder
AWS Network – Monitoring and Troubleshooting (Japanese) (Sub) 日本語字幕版
Amazon Web Services via AWS Skill Builder
AWS SimuLearn: Application Logs
Amazon Web Services via AWS Skill Builder
AWS SimuLearn: Threat Hunting
Amazon Web Services via AWS Skill Builder