Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing Your DNS Infrastructure in 5 Minutes

Published byภูมิพัฒน์ เก่งงาน Modified over 5 years ago

Similar presentations

Presentation on theme: "Securing Your DNS Infrastructure in 5 Minutes"— Presentation transcript:

1 Securing Your DNS Infrastructure in 5 Minutes
Allan Liska Securing Your DNS Infrastructure in 5 Minutes

2 About Me 15+ Years Experience in Security
Solutions Architect at Recorded Future Writes about: Security, Intelligence, DNS, Ransomware and NTP. Contact me:

3 Despite Its Importance, DNS Security is often Overlooked
This presentation is a 15-point checklist for improving your DNS security

4 1. What domains does your organization have, who registered them & when do they expire?

5 2. Where Are They Registered?

6 3. Centralize control of domains & create a domain registration policy

7 4. Enable Registrar 2-Factor Authentication

8 5. Lock Domains to Prevent Updates/Transfers

9 6. Enable DNSSEC for your Domains

10 7. Host Primary and Secondary DNS with Different Registrars

11 8. Pen-Test Your Registrars (NOT THEIR NETWORK!)

12 Musical Interlude

13 9. Use Split-View Recursive DNS

14 10. Patch your recursive DNS server

15 11. Block all outgoing traffic on TCP/UDP port 53 at the firewall
Except, of course, traffic from your recursive DNS server…

16 12. Enable RPZs/Blacklists

17 13. Log DNS Traffic

18 14. MONITOR THE LOGS MONITOR THE LOGS MONITOR THE LOGS

19 15. Document all of the steps

20

Download ppt "Securing Your DNS Infrastructure in 5 Minutes"

Similar presentations

Consortium Conference 13 July 2012 Operational Developments Ian Lehmann Chief Operations Officer London Grid for Learning.

Consortium Conference 13 July 2012 Operational Developments Ian Lehmann Chief Operations Officer London Grid for Learning.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Auditing Active Directory Presented to the National State Auditors Association 2014 Information Technology Conference.

Auditing Active Directory Presented to the National State Auditors Association 2014 Information Technology Conference.
 Single sign-on o Centralized and federated passport o Federated Liberty Alliance and Shibboleth  Authorization o Who can access which resource o ACM.

 Single sign-on o Centralized and federated passport o Federated Liberty Alliance and Shibboleth  Authorization o Who can access which resource o ACM.
Chapter 7 Firewalls. Firewall Definition  A network device that enforces network access control based upon a defined security policy.

Chapter 7 Firewalls. Firewall Definition  A network device that enforces network access control based upon a defined security policy.
Networks and Security A Series of Lectures, Outlining: How Networks affect Security of a system Security of System Security of Network Security of Organisation.

Networks and Security A Series of Lectures, Outlining: How Networks affect Security of a system Security of System Security of Network Security of Organisation.
Data Security in Local Networks using Distributed Firewalls

Data Security in Local Networks using Distributed Firewalls
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
AIS, 20141 Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
Chapter 13 – Network Security

Chapter 13 – Network Security
Firewall and Internet Access Mechanism that control (1)Internet access, (2)Handle the problem of screening a particular network or an organization from.

Firewall and Internet Access Mechanism that control (1)Internet access, (2)Handle the problem of screening a particular network or an organization from.
Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.

Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.
BIAB T ECHNOLOGY (B RANCH -I N -A-B OX ). A GENDA BIAB Solution Components BIAB Benefits BIAB Infrastructure.

BIAB T ECHNOLOGY (B RANCH -I N -A-B OX ). A GENDA BIAB Solution Components BIAB Benefits BIAB Infrastructure.
Module 14: Configuring Server Security Compliance

Module 14: Configuring Server Security Compliance
20411B 8: Installing, Configuring, and Troubleshooting the Network Policy Server Role Presentation: 60 minutes Lab: 60 minutes After completing this module,

20411B 8: Installing, Configuring, and Troubleshooting the Network Policy Server Role Presentation: 60 minutes Lab: 60 minutes After completing this module,
Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.

Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
1 Chapter Overview Password Protection Security Models Firewalls Security Protocols.

1 Chapter Overview Password Protection Security Models Firewalls Security Protocols.
Training and Dissemination Enabling Grids for E-sciencE www.eu-egee.org Jinny Chien, ASGC 1 Training and Dissemination Jinny Chien Academia Sinica Grid.

Training and Dissemination Enabling Grids for E-sciencE Jinny Chien, ASGC 1 Training and Dissemination Jinny Chien Academia Sinica Grid.

Similar presentations

Ads by Google