Using DNS as a layer of defense
DNS(Domain Name System) is the crucial & ubiquitous fabric of the Internet. While we rely on accessing websites, applications, devices using a Fully Qualified Domain Name, on a daily basis, in a network, DNS can also be extremely valuable & effective defense layer in a multi-tiered security approach. This talk will give an introduction to DNS RPZ(Response Policy Zones) and how it can be leveraged to stop threats in the network.
The key takeways for the talk are
1. Idea of a flat network & it’s constraints
2. How malware(C2/Botnets, phishing URL’s) leverages DNS
3. How a DNS Firewall(DNS Response Policy Zones) can mitigate threats at the resolution layer
4. Lessons learned in implementing this for 100+ networks in Tier-II & Tier-III cities
The intended audience for this talk are
1. System & network administrators
3. Anyone running a network :-)
- Idea of a flat network & it’s constriants
- Threats and various insecurities in the network
- DNS 101
- Introduction to DNS Response Policy Zones/DNS Firewall
- Live demo
I run Shreshta IT, a network & security company based in Belgaum. A essential background for this talk comes from our experiences of implementing DNS Response Policy Zones in 100+ networks.