Turning DNS from Security Target into Security Tool
Offered By: RSA Conference via YouTube
Course Description
Overview
Explore how DNS servers can be transformed from security targets into powerful security tools in this 44-minute conference talk from RSA Conference. Learn about recent developments that allow for instrumenting DNS servers to implement policies based on domain name and IP address reputation, and utilize DNS telemetry to identify malicious patterns. Discover how malware exploits DNS throughout its lifecycle, understand the implementation of response policy zones for DNS resolution policies, and delve into passive DNS data collection and analytics. Gain insights into DNS tunneling, infiltration techniques, and real-world case studies. Apply this knowledge to enhance your organization's security posture by leveraging DNS as a proactive defense mechanism.
Syllabus
Intro
Most Malware Uses DNS in Attacks
How DNS Is (Ab) Used: Finding a C&C Server
How DNS IS (Ab)Used: Tunneling
DNS Tunneling Example: Infiltration
Actual Photograph of Paul Publishing His Blog
Enter Response Policy Zones
How Response Policy Zones Work
Enter Passive DNS
Passive DNS Databases
Closing the Loop
Case Study: Farsight's NOD Feed
How to Apply What You've Learned Today
Taught by
RSA Conference
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network