DNS May Be Hazardous to Your Health

DEF CON 21

Presented by: Robert Stucke
Date: Saturday August 03, 2013
Time: 17:00 - 17:45
Location: Track 3
Track: Track 3

The largest manufacturer of laptops, one of the largest consulting firms, and a big data behemoth all walk into a bar...

His research explores many self-inflicted gaps that continue to plague even the largest companies. These gaps are often seen as trivial and ignored, thus making all of their DNS investments lead to a false sense of security. Too much effort and trust go into vendor solutions when 'common sense' and 'due diligence' were never deliverables requested in the RFP. Before we invest in securing our domains, it may be wise to ensure we own them. Before we harden our resolvers to prevent poisoning, maybe we should ensure our clients are querying what is expected. Before we make operational decisions about how client resolver settings should be configured, maybe should consider the consequences to DNS behavior. Before we call DNS secure, maybe we should understand what it is doing.

Robert Stucke

Robert Stucke (@bobx) has 14 years of professional experience in information security. He has lead security consulting teams, worked with multiple fortune 50 clients, served as architect, developer, incident responder, and chief antagonist. As an independent researcher, he has developed custom solutions for large clients revolving around DNS intelligence and is constantly looking for new ways to use and abuse the resources many companies tend to neglect. Many of his tools are considered the cornerstone of fortune 50 security operation centers for detecting and mitigating advanced targeted attacks.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats