Rootconf Pune edition

On security, network engineering and distributed systems

Using DNS as a layer of defense

Submitted by Swapneel Patnekar (@pswapneel) on Jul 26, 2019

Section: Full talk (40 mins) Category: Security Status: Confirmed & Scheduled

Abstract

DNS(Domain Name System) is the crucial & ubiquitous fabric of the Internet. While we rely on accessing websites, applications, devices using a Fully Qualified Domain Name, on a daily basis, in a network, DNS can also be extremely valuable & effective defense layer in a multi-tiered security approach. This talk will give an introduction to DNS RPZ(Response Policy Zones) and how it can be leveraged to stop threats in the network.

The key takeways for the talk are
1. Idea of a flat network & it’s constraints
2. How malware(C2/Botnets, phishing URL’s) leverages DNS
3. How a DNS Firewall(DNS Response Policy Zones) can mitigate threats at the resolution layer
4. Lessons learned in implementing this for 100+ networks in Tier-II & Tier-III cities

The intended audience for this talk are
1. System & network administrators
2. ISP’s
3. Anyone running a network :-)

Outline

Outline -

  1. Idea of a flat network & it’s constriants
  2. Threats and various insecurities in the network
  3. DNS 101
  4. Introduction to DNS Response Policy Zones/DNS Firewall
  5. Live demo
  6. Q&A

Speaker bio

I run Shreshta IT, a network & security company based in Belgaum. A essential background for this talk comes from our experiences of implementing DNS Response Policy Zones in 100+ networks.

Links

Slides

https://brainattic.in/talks/dns-firewalls-rootconf-pune-2019-v2.pdf

Comments

{{ errorMsg }}

You need to be a participant to comment.

Login to leave a comment