2016-010-DNS_Reconnaissance - a podcast by Bryan Brake, Amanda Berlin, Brian Boettcher

from 2016-03-07T05:32:22

:: ::

DNS... we take it for granted... it's just there. And we only
know it's broken when your boss can't get to Facebook. 


This week, we discuss the Domain Naming System (DNS). We start
with a bit of history, talking about the origins of DNS, some of
the RFCs involved in it's creation, how it's hierarchical structure
functions to allow resolution to occur, and even why your
/etc/hosts is important. 


We discuss some of the necessary fields in your DNS records. MX,
ALIAS, CNAME, SOA, TXT, and how DNS is used for non-repudiation in
email.


We also touch on how you can use DNS to enumerate an external
network presence when you are the red team, and what you should
know about to make it harder for bad actors to not use your
external DNS in amplification attacks.


Finally, you can't have a discussion about DNS without talking
about how to secure your DNS implementation. So we supply you with
a few tips and best practices. 


Plenty of informational links down below, including links to the
actual RFCs (Request for Comment) which detail how DNS is supposed
to function. Think of them as the owner's manual for your car.


Direct Download: "http://traffic.libsyn.com/brakeingsecurity/2016-010-DNS_Reconnaissance.mp3">http://traffic.libsyn.com/brakeingsecurity/2016-010-DNS_Reconnaissance.mp3


#iTunes: "https://itunes.apple.com/us/podcast/2016-010-dns-reconnaissance/id799131292?i=364331694&mt=2">https://itunes.apple.com/us/podcast/2016-010-dns-reconnaissance/id799131292?i=364331694&mt=2


Comments, Questions, Feedback: "mailto:bds.podcast@gmail.com">bds.podcast@gmail.com


Support Brakeing Down Security using Patreon: "https://www.patreon.com/bds_podcast" target="_blank" rel=
"nofollow">https://www.patreon.com/bds_podcast


RSS FEED: "http://www.brakeingsecurity.com/rss">http://www.brakeingsecurity.com/rss


 


On #Twitter: @brakesec @boettcherpwned @bryanbrake


#Facebook: https://www.facebook.com/BrakeingDownSec/


#Tumblr: "http://brakeingdownsecurity.tumblr.com/">http://brakeingdownsecurity.tumblr.com/


Google Play Store: "https://play.google.com/music/podcasts/portal/#p:id=playpodcast/series&a=100584969">https://play.google.com/music/podcasts/portal/#p:id=playpodcast/series&a=100584969


Player.FM : "https://player.fm/series/brakeing-down-security-podcast">https://player.fm/series/brakeing-down-security-podcast


Stitcher Network: "http://www.stitcher.com/s?fid=80546&refid=stpr" target=
"_blank">http://www.stitcher.com/s?fid=80546&refid=stpr


TuneIn Radio App: "http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/"
target=
"_blank">http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/


 


 


Podcast Links we used for information:


"http://www.slideshare.net/BizuworkkJemaneh/dns-42357401">
http://www.slideshare.net/BizuworkkJemaneh/dns-42357401


300+ million domains
registered: "https://www.verisign.com/en_US/internet-technology-news/verisign-press-releases/articles/index.xhtml?artLink=aHR0cDovL3ZlcmlzaWduLm13bmV3c3Jvb20uY29tL2FydGljbGUvcnNzP2lkPTIwMTIwNTI%3D">
"font-weight: 400;">https://www.verisign.com/en_US/internet-technology-news/verisign-press-releases/articles/index.xhtml?artLink=aHR0cDovL3ZlcmlzaWduLm13bmV3c3Jvb20uY29tL2FydGljbGUvcnNzP2lkPTIwMTIwNTI%3D


"https://technet.microsoft.com/en-us/library/cc770432.aspx">
https://technet.microsoft.com/en-us/library/cc770432.aspx


"http://security-musings.blogspot.com/2013/03/building-secure-dns-infrastructure.html">
"font-weight: 400;">http://security-musings.blogspot.com/2013/03/building-secure-dns-infrastructure.html


"http://tldp.org/HOWTO/DNS-HOWTO-6.html">http://tldp.org/HOWTO/DNS-HOWTO-6.html


"https://en.wikipedia.org/wiki/Domain_Name_System">https://en.wikipedia.org/wiki/Domain_Name_System


"https://en.wikipedia.org/wiki/DNS_spoofing">
https://en.wikipedia.org/wiki/DNS_spoofing


"http://www.esecurityplanet.com/network-security/how-to-prevent-dns-attacks.html">
"font-weight: 400;">http://www.esecurityplanet.com/network-security/how-to-prevent-dns-attacks.html


"http://www.firewall.cx/networking-topics/protocols/domain-name-system-dns/161-protocols-dns-response.html">
"font-weight: 400;">http://www.firewall.cx/networking-topics/protocols/domain-name-system-dns/161-protocols-dns-response.html


"http://www.thegeekstuff.com/2012/05/ettercap-tutorial/">
http://www.thegeekstuff.com/2012/05/ettercap-tutorial/


"https://isc.sans.edu/forums/diary/New+tricks+that+may+bring+DNS+spoofing+back+or+Why+you+should+enable+DNSSEC+even+if+it+is+a+pain+to+do/16859/">
"font-weight: 400;">https://isc.sans.edu/forums/diary/New+tricks+that+may+bring+DNS+spoofing+back+or+Why+you+should+enable+DNSSEC+even+if+it+is+a+pain+to+do/16859/


"https://support.google.com/a/answer/48090?hl=en">"font-weight: 400;">https://support.google.com/a/answer/48090?hl=en


"http://www.ecsl.cs.sunysb.edu/tr/TR187.pdf">http://www.ecsl.cs.sunysb.edu/tr/TR187.pdf


"https://tools.ietf.org/html/rfc882">https://tools.ietf.org/html/rfc882


"https://tools.ietf.org/html/rfc883">https://tools.ietf.org/html/rfc883


"https://tools.ietf.org/html/rfc1034">https://tools.ietf.org/html/rfc1034


"https://tools.ietf.org/html/rfc1035">https://tools.ietf.org/html/rfc1035


 

Further episodes of BrakeSec Education Podcast

Further podcasts by Bryan Brake, Amanda Berlin, Brian Boettcher

Website of Bryan Brake, Amanda Berlin, Brian Boettcher