It's not DNS; There's no way it's DNS; It was DNS

with Johannes Ulrich of SANS

Wednesday, Oct 19
Noon ET


The famous "DNS Haiku" I used as a title for the talk is often used to describe not only the importance of DNS, but also its fragility. DNS is one of the fundamental protocols, and at the surface not terribly complex. But DNS isn't a "static protocol". It keeps growing and with that becoming more complex (and fragile). At the same time, it is often seen as an "anchor of truth" when it comes to identifying malicious network traffic. After all, everything happening in your network does reflect itself in DNS, and with encryption dominating network traffic, DNS is one of the protocols still telling us what attackers are up to in our network. In this talk, we will take a casual stroll through some of the less well lit places of DNS, exploring the dark corners and smelly side alleys of DNS. We will meet some of the packets lurking in these corners and of course inspect them in depth.

Speaker: Johannes Ulrich, Dean of Research, SANS Technology Institute

Dr. Johannes Ullrich is the Dean of Research for SANS Technology Institute, a SANS Faculty Fellow, and founder of the Internet Storm Center (DShield.org) which provides a free analysis and warning service to thousands of Internet users and organizations. He is the host of the SANS Internet Storm Center Daily Stormcast, a daily podcast that provides a brief 5-minute summary of current network security related events, and the author of SEC546: IPv6 Essentials, co-author of SANS SEC522: Defending Web Applications Security Essentials, and can be found teaching his own courses as well as SEC503: Intrusion Detection In-Depth.

Sharing Guidelines

This recording is open to the public, as well as designated representatives of REN-ISAC member institutions. Information is classified TLP:WHITE.