DNS Has Been Found To Be Hazardous To Your Health

CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.

Identifiers

10.5446/38978 (DOI)

Publisher

DEF CON

Release Date

2013

Language

English

Content Metadata

Subject Area

Computer Science

Genre

Conference/Talk

Abstract

The largest manufacturer of laptops, one of the largest consulting firms, and a big data behemoth all walk into a bar... His research explores many self-inflicted gaps that continue to plague even the largest companies. These gaps are often seen as trivial and ignored, thus making all of their DNS investments lead to a false sense of security. Too much effort and trust go into vendor solutions when 'common sense' and 'due diligence' were never deliverables requested in the RFP. Before we invest in securing our domains, it may be wise to ensure we own them. Before we harden our resolvers to prevent poisoning, maybe we should ensure our clients are querying what is expected. Before we make operational decisions about how client resolver settings should be configured, maybe should consider the consequences to DNS behavior. Before we call DNS secure, maybe we should understand what it is doing. Robert Stucke (@bobx) has 14 years of professional experience in information security. He has lead security consulting teams, worked with multiple fortune 50 clients, served as architect, developer, incident responder, and chief antagonist. As an independent researcher, he has developed custom solutions for large clients revolving around DNS intelligence and is constantly looking for new ways to use and abuse the resources many companies tend to neglect. Many of his tools are considered the cornerstone of fortune 50 security operation centers for detecting and mitigating advanced targeted attacks.