SecDocs Feed for tag DNS

[Slides] Attacking Distributed Systems: The DNS Case Study

Thu, 29 Dec 2011 06:38:03 +0100

Authors: Dan Kaminsky
Tags: DNS
Event: Black Hat EU 2005

[Slides] The Black Ops of DNS

Tue, 29 Nov 2011 06:29:57 +0100

Authors: Dan Kaminsky
Tags: DNS
Event: Black Hat USA 2004

[Slides] Attacking and Defending DNS

Thu, 24 Nov 2011 06:44:36 +0100

Authors: Andrew Hintz Jay Beale
Tags: DNS
Event: Black Hat Windows Security 2002

[Slides] Intranet Invasion With Anti-DNS Pinning

Tue, 26 Apr 2011 20:35:59 +0200

Authors: David Byrne
Tags: DNS
Event: Black Hat USA 2007

[Paper] Intranet Invasion With Anti-DNS Pinning

Tue, 26 Apr 2011 20:35:38 +0200

Authors: David Byrne
Tags: DNS
Event: Black Hat USA 2007

[Video] Panel:DNS Systemic Vulnerabilities and Risk Management: A Discussion with the Experts

Sat, 09 Apr 2011 04:25:16 +0200

Tags: DNS
Event: DEFCON 18

[Audio] Panel:DNS Systemic Vulnerabilities and Risk Management: A Discussion with the Experts

Thu, 07 Apr 2011 04:25:10 +0200

Tags: DNS
Event: DEFCON 18

[Slides] SIE Passive DNS and the ISC DNS Database

Mon, 04 Apr 2011 04:25:04 +0200

Authors: Paul Vixie Robert Edmonds
Tags: DNS
Event: DEFCON 18

[Audio] SIE Passive DNS and the ISC DNS Database

Mon, 04 Apr 2011 04:25:04 +0200

Authors: Paul Vixie Robert Edmonds
Tags: DNS
Event: DEFCON 18

[Video] SIE Passive DNS and the ISC DNS Database

Mon, 04 Apr 2011 04:25:04 +0200

Authors: Paul Vixie Robert Edmonds
Tags: DNS
Event: DEFCON 18

[Paper] How to Hack Millions of Routers

Fri, 11 Feb 2011 05:25:12 +0100

Authors: Craig Heffner
Tags: DNS
Event: DEFCON 18

[Audio] How to Hack Millions of Routers

Fri, 11 Feb 2011 05:25:12 +0100

Authors: Craig Heffner
Tags: DNS
Event: DEFCON 18

[Video] How to Hack Millions of Routers

Fri, 11 Feb 2011 05:25:12 +0100

Authors: Craig Heffner
Tags: DNS
Event: DEFCON 18

[Slides] How to Hack Millions of Routers

Thu, 10 Feb 2011 05:25:14 +0100

Authors: Craig Heffner
Tags: DNS
Event: DEFCON 18

[Slides] DnsÜberNOOBer

Tue, 28 Dec 2010 05:25:22 +0100

Authors: Jaco van Heerden
Tags: DNS
Event: Ruxcon 2010

[Slides] Keynote: Taking Back the DNS with Response Policy Zones

Thu, 14 Oct 2010 11:40:00 +0200

Authors: Paul Vixie
Tags: DNS
Event: Hack In The Box 2010 Malaysia

[Video] DNS 2008 and the New (old) Nature of Critical Infrastructure

Wed, 18 Aug 2010 06:13:28 +0200

Authors: Dan Kaminsky
Tags: DNS
Event: Black Hat DC 2009

[Audio] DNS 2008 and the New (old) Nature of Critical Infrastructure

Wed, 18 Aug 2010 06:13:27 +0200

Authors: Dan Kaminsky
Tags: DNS
Event: Black Hat DC 2009

[Audio] Defending Your DNS in a Post-Kaminsky World

Thu, 12 Aug 2010 09:42:00 +0200

Authors: Paul Wouters
Tags: DNS
Event: Black Hat DC 2009

[Video] Defending Your DNS in a Post-Kaminsky World

Thu, 12 Aug 2010 09:42:00 +0200

Authors: Paul Wouters
Tags: DNS
Event: Black Hat DC 2009

[Audio] Reverse DNS Tunneling Shellcode

Wed, 21 Jul 2010 12:19:00 +0200

Authors: Ty Miller
Tags: DNS
Event: Black Hat USA 2008

[Slides] Reverse DNS Tunneling Shellcode

Wed, 21 Jul 2010 12:19:00 +0200

Authors: Ty Miller
Tags: DNS
Event: Black Hat USA 2008

[Video] Reverse DNS Tunneling Shellcode

Wed, 21 Jul 2010 12:19:00 +0200

Authors: Ty Miller
Tags: DNS
Event: Black Hat USA 2008

[Audio] Catching DNS Tunnels with AI - A Talk About Artificial Intelligence, Geometry and Malicious Network Traffic

Sat, 27 Mar 2010 11:43:00 +0100

Tags: DNS
Event: DEFCON 17

[Slides] Catching DNS Tunnels with AI - A Talk About Artificial Intelligence, Geometry and Malicious Network Traffic

Sat, 27 Mar 2010 11:43:00 +0100

Tags: DNS
Event: DEFCON 17

[Video] Catching DNS Tunnels with AI - A Talk About Artificial Intelligence, Geometry and Malicious Network Traffic

Sat, 27 Mar 2010 11:43:00 +0100

Tags: DNS
Event: DEFCON 17

[Video] Hello, My Name is /hostname/

Tue, 09 Mar 2010 06:02:19 +0100

Authors: Dan Kaminsky Tiffany Rad
Tags: DNS
Event: DEFCON 17

[Audio] Hello, My Name is /hostname/

Tue, 09 Mar 2010 06:02:18 +0100

Authors: Dan Kaminsky Tiffany Rad
Tags: DNS
Event: DEFCON 17

[Video] Introducing Heyoka: DNS Tunneling 2.0

Mon, 15 Feb 2010 06:10:08 +0100

Authors: Nico Leidecker Alberto Revelli
Tags: DNS
Event: Confidence 2009 Krakow

[Video] DNS Amplification Attacks

Wed, 20 Jan 2010 17:14:15 +0100

Authors: Gadi Evron Randal Vaughn
Tags: DNS
Event: DEFCON 14

[Slides] DNS Amplification Attacks

Wed, 20 Jan 2010 17:14:10 +0100

Authors: Gadi Evron Randal Vaughn
Tags: DNS
Event: DEFCON 14

[Audio] DNS Amplification Attacks

Wed, 20 Jan 2010 17:14:06 +0100

Authors: Gadi Evron Randal Vaughn
Tags: DNS
Event: DEFCON 14

[Video] DNS Abuse Infrastructure and Games

Sun, 27 Dec 2009 06:12:06 +0100

Authors: Gadi Evron
Tags: DNS
Event: DEFCON 14

[Audio] DNS Abuse Infrastructure and Games

Sun, 27 Dec 2009 06:12:04 +0100

Authors: Gadi Evron
Tags: DNS
Event: DEFCON 14

[Audio] Black Ops 2007: Design Reviewing The Web

Fri, 11 Dec 2009 20:37:00 +0100

Authors: Dan Kaminsky
Tags: DNS
Event: DEFCON 15

[Audio] Intranet Invasion With Anti-DNS Pinning

Sun, 29 Nov 2009 06:08:35 +0100

Authors: David Byrne
Tags: DNS
Event: DEFCON 15

[Video] DNS Goodness

Thu, 12 Nov 2009 06:10:47 +0100

Authors: Dan Kaminsky
Tags: DNS
Event: DEFCON 16

[Audio] DNS Goodness

Thu, 12 Nov 2009 06:10:45 +0100

Authors: Dan Kaminsky
Tags: DNS
Event: DEFCON 16

[Paper] Cracking Internet

Sun, 18 Oct 2009 14:31:00 +0200

Authors: Rick van Rein
Tags: DNS
Event: HAR 2009
Abstract: This workshop will introduce the problems with DNS that jeapardise the Internet as a whole. We will begin with a general discussion, and argue that the only real solution that is ready now is DNSSEC. We will continue with more detailed discussions of the Kaminsky attack, and explain how to attack the machines that we prepared for attack during HAR2009. We propose to present the following: 1. A general introduction into the Kaminsky attack, aimed at newcomers and journalists. 2. A detailed discussion of the Kaminsky attack. 3. A detailed discussion of DNSSEC. 4. Possibly a guided session in mounting the attack. Aside from this, we propose to prepare a few servers available to the HAR 2009 crowd that may be freely attacked during the conference. The servers will have varying levels of defenses against the Kaminsky attack, but we expect them all to break sooner or later. We imagine these machines to be located off-site. These presentations are a cooperative effort of: * SURFnet, in the person of Roland van Rijswijk * OpenFortress, in the person of Rick van Rein SURFnet is working to roll out DNSSEC in The Netherlands. OpenFortress provides technical facilities to SURFnet in the area. We cooperate with others such as NLnet Labs, .SE and .UK in the OpenDNSSEC.org project. We also discuss these matters with SIDN. One of our explicit goals is to get some media focus on this issue, so everyday users become more aware that virusses are not their main problem, and start bothering their ISPs and banks about DNSSEC. This is useful because DNSSEC has a bit of a problem in that nobody starts using it because... nobody is using it yet. ISP's wait for banks to offer secure domains, banks wait for ISP's to offer domain validation. Our reasons for plugging DNSSEC are that it is dirty, but it works. And it is the only solution for DNS' leakage that actually works.

[Slides] DNS Security In The Broadest Sense

Sat, 17 Oct 2009 12:30:00 +0200

Authors: Bert Hubert
Tags: DNS
Event: HAR 2009
Abstract: The Domain Name System underlies almost any transaction on the internet, from sending email to visiting a web page. Its security and reliability are therefore of paramount importance. This presentation will outline the nature of threats to the DNS, complete with numbers quantifying the risks. In addition, popular and future countermeasures will be discussed, and their impact on DNS. Risks examined include blind spoofing, triggered blind spoofing, NAT-aware blind spoofing, modern cache poisoning techniques and DNS nameserver record dependency exploitation. Additionally, the danger and consequences of man in the middle attacks will be discussed. One of the more interesting conclusions is that despite widespread hype, the famous 'Kaminsky spoof' is very impracticable on a modern DNS resolver, even if it does not implement specific countermeasures. Numbers will be shown to outline why this is so hard. Finally, some words will be spent discussing how DNSSEC could address the problems mentioned above. The hope is that this will lead to constructive discussion later during the event.

[Video] DNS Security In The Broadest Sense

Sat, 17 Oct 2009 12:30:00 +0200

[Slides] Introducing Heyoka: DNS Tunneling 2.0

Mon, 22 Jun 2009 00:34:00 +0200

Authors: Nico Leidecker Alberto Revelli
Tags: DNS
Event: Confidence 2009 Krakow

[Video] Black Ops 2007: Design Reviewing The Web

Wed, 17 Jun 2009 02:09:00 +0200

Authors: Dan Kaminsky
Tags: DNS
Event: DEFCON 15

[Slides] Black Ops 2007: Design Reviewing The Web

Wed, 17 Jun 2009 01:59:00 +0200

Authors: Dan Kaminsky
Tags: DNS
Event: DEFCON 15

[Video] Intranet Invasion With Anti-DNS Pinning

Sun, 31 May 2009 14:02:00 +0200

Authors: David Byrne
Tags: DNS
Event: DEFCON 15

[Paper] Intranet Invasion With Anti-DNS Pinning

Sun, 31 May 2009 14:00:00 +0200

Authors: David Byrne
Tags: DNS
Event: DEFCON 15

[Slides] Introducing Heyoka: DNS Tunneling 2.0

Tue, 14 Apr 2009 22:47:00 +0200

Authors: Alberto Revelli Nico Leidecker
Tags: DNS
Event: Source Conference Boston 2009

[Video] Why were we so vulnerable to the DNS vulnerability?

Tue, 07 Apr 2009 11:32:00 +0200

Authors: Dan Kaminsky
Tags: DNS
Event: Chaos Communication Congress 25th (25C3) 2008
Abstract: SSL wasn't enough. Encryption is nonexistent. Autoupdaters are horribly broken. Why is all this the case?

[Paper] Defending Your DNS in a Post-Kaminsky World

Wed, 04 Mar 2009 13:58:00 +0100

Authors: Paul Wouters
Tags: DNS
Event: Black Hat DC 2009

[Slides] Defending Your DNS in a Post-Kaminsky World

Wed, 04 Mar 2009 13:52:00 +0100

Authors: Paul Wouters
Tags: DNS
Event: Black Hat DC 2009