YoVDO

DNS Dark Matter Discovery - Theres Evil In Those Queries

Offered By: YouTube

Tags

Conference Talks Courses Cybersecurity Courses Network Security Courses Wireshark Courses DNS Courses DNS Security Courses Log Analysis Courses

Course Description

Overview

Explore the dark side of DNS in this 40-minute conference talk from CircleCityCon 2017. Delve into DNS resolution processes, key terminology, and common server software. Learn to use Dig and Wireshark for DNS analysis. Examine various DNS-based attacks, including amplification, slow reflection, and data exfiltration. Discover log analysis techniques, including log shipping and Elasticsearch. Investigate malicious activities through DNS query response codes and AD DNS debug data. Gain insights on securing Active Directory DNS and implementing effective DNS debug logging for enhanced network security.

Syllabus

Intro
What happens to the Internet when DNS is horked?
DNS Resolution Process
Key DNS Terminology
Common DNS Server Software
Dig Usage
Wireshark
Test Your DNS
DNS Amplification Attacks
Slow DNS Reflection (DGA Domains or Domain Fluxing)
Bad Query Name Format
Malformed DNS Packets
DNS Data Exfiltration
The Log Analysis Process
Log Shipping
TCL GELF Logging
Elasticsearch
Malicious Source IPs
Network Compromise
AD DNS Debug Data
Device Compromise
DNS Query Response Codes
Securing AD DNS
AD DNS Debug Logging
Securing DNS


Related Courses

Building Geospatial Apps on Postgres, PostGIS, & Citus at Large Scale
Microsoft via YouTube
Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube
Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube
What's New in Grails 2.0
ChariotSolutions via YouTube
Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube