Rootconf Pune edition

On security, network engineering and distributed systems

Tickets

Using DNS as a layer of defense

Submitted by Swapneel Patnekar (@swapneelp) on Friday, 26 July 2019

Section: Full talk (40 mins) Category: Security

View proposal in schedule

Abstract

DNS(Domain Name System) is the crucial & ubiquitous fabric of the Internet. While we rely on accessing websites, applications, devices using a Fully Qualified Domain Name, on a daily basis, in a network, DNS can also be extremely valuable & effective defense layer in a multi-tiered security approach. This talk will give an introduction to DNS RPZ(Response Policy Zones) and how it can be leveraged to stop threats in the network.

The key takeways for the talk are
1. Idea of a flat network & it’s constraints
2. How malware(C2/Botnets, phishing URL’s) leverages DNS
3. How a DNS Firewall(DNS Response Policy Zones) can mitigate threats at the resolution layer
4. Lessons learned in implementing this for 100+ networks in Tier-II & Tier-III cities

The intended audience for this talk are
1. System & network administrators
2. ISP’s
3. Anyone running a network :-)

Outline

Outline -

  1. Idea of a flat network & it’s constriants
  2. Threats and various insecurities in the network
  3. DNS 101
  4. Introduction to DNS Response Policy Zones/DNS Firewall
  5. Live demo
  6. Q&A

Speaker bio

I run Shreshta IT, a network & security company based in Belgaum. A essential background for this talk comes from our experiences of implementing DNS Response Policy Zones in 100+ networks.

Links

Slides

https://brainattic.in/talks/dns-firewalls-rootconf-pune-2019.pdf

Comments

  • Anwesha Sarkar (@anweshaalt) Reviewer 3 days ago

    Hello Swapneel,

    It was a real good rehearsal today. Here are the feedback that came from today’s rehearsal:

    1. Start time - 6:00pm End time - 6:41 pm. Scheduled slot - 35 minutes + Q and A
    2. Prepare the audience work upon and come to the talk.
    3. Concise the introduction.
    4. Deconstruction of zone file.
    5. More about Pi-hole.
    6. Include DOH and anti DOH discussion.
    7. Avoid having text heavy slides.
    8. Include more pictorial representation.
    9. Give real life examples to explain the points.
    10. Include the Open Source and Non open source firewall discussion.
    11. Strat with the introduction to the problem and then take us through the journey explaining the theory.
    12. Prepare the video for the demo.

    Submit your revised slides by 30th August 2019.

    See you in Rootconf Pune.

    Cheers
    Anwesha

Login with Twitter or Google to leave a comment