SlideShare a Scribd company logo

CensorMeOrNot - P2P System of DNS Caches - DefCamp 2012

Download as PPT, PDF
DefCamp
DefCamp
1 of 24
Teodor Pripoae P2P DNS Systems
What means DNS ? Domain name system
What means DNS ? Domain name system Hierachical distributed naming system
What means DNS ? Domain name system Hierachical distributed naming system Controlled by ICANN
Why changing DNS ? Controlled by a single entity
Why changing DNS ? Controlled by a single entity Very easy to take down a domain by American Government or Hollywood Media Corporations with similar laws to ACTA or SOPA
Looks familiar ?
Alerternative ?
P2P DNS System
Features What should feature a distributed DNS system ?
It must not have any single entity that controls the others Conclusion: it must be P2P with not central node It must be open source
Implementations P2P-DNS: https://github.com/Mononofu/P2P-DNS Namecoin: http://dot-bit.org/Namecoin Censormenot: https://github.com/teodor-pripoae/censormenot
P2P-DNS Records authenticated by a public/private key system All nodes know all othe nodes and the cache all know domains
Attacks Atack 1: An attacker can only poison the cache of a single node Atack 2: An attacker can flood the network with fake domains
Defense methods For attack 1: opinion of the majority is correct and a web trust (opinions of nodes are weighted by your trust to them. For attack 2: similar tools used for email spam prevention systems
Disadvantages Storing all key pairs Everyone can register any domain now even those which already exist in the real dns system
Namecoin Based on bitcoin system .bit TLD Similar private/public keys encryption Buy domains with namecoins which can be converted from bitcoins
Censormenot Why is it different ?
Not a full dns system, but a cache one
Not a full dns system, but a cache one Add a domain lookup only when you need it.
Not a full dns system, but a cache one Add a domain lookup only when you need it. Multiple plausible domains based on a trust value which can be voted
How it looks / works ?
Resources https://github.com/namecoin/namecoin https://github.com/Mononofu/P2P-DNS https://github.com/teodor-pripoae/censorm http://www.youtube.com/watch?v=YNZDhPIdah
Contributors Dan Serban: https://github.com/dserban Alexandru Tache https://github.com/hadesgames

Recommended

Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...OpenDNS
 
Defcon 18: FOCA 2
Defcon 18: FOCA 2Defcon 18: FOCA 2
Defcon 18: FOCA 2Chema Alonso
 
.ZA DNSSEC Implementation - iWeek2017
.ZA DNSSEC Implementation - iWeek2017.ZA DNSSEC Implementation - iWeek2017
.ZA DNSSEC Implementation - iWeek2017dotZADNA
 
Anton Chuvakin on Discovering That Your Linux Box is Hacked
Anton Chuvakin on Discovering That Your Linux Box is HackedAnton Chuvakin on Discovering That Your Linux Box is Hacked
Anton Chuvakin on Discovering That Your Linux Box is HackedAnton Chuvakin
 
Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009eCommConf
 
Dns and irc
Dns and ircDns and irc
Dns and ircZekriaMuzafar
 
Old school hacking : Exploiting UNIX Wildcards
Old school hacking : Exploiting UNIX WildcardsOld school hacking : Exploiting UNIX Wildcards
Old school hacking : Exploiting UNIX WildcardsUNIDEES Algérie
 
μTorrent
μTorrentμTorrent
μTorrentShubhashish Punj
 

Recommended

Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...OpenDNS
 
Defcon 18: FOCA 2
Defcon 18: FOCA 2Defcon 18: FOCA 2
Defcon 18: FOCA 2Chema Alonso
 
.ZA DNSSEC Implementation - iWeek2017
.ZA DNSSEC Implementation - iWeek2017.ZA DNSSEC Implementation - iWeek2017
.ZA DNSSEC Implementation - iWeek2017dotZADNA
 
Anton Chuvakin on Discovering That Your Linux Box is Hacked
Anton Chuvakin on Discovering That Your Linux Box is HackedAnton Chuvakin on Discovering That Your Linux Box is Hacked
Anton Chuvakin on Discovering That Your Linux Box is HackedAnton Chuvakin
 
Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009eCommConf
 
Dns and irc
Dns and ircDns and irc
Dns and ircZekriaMuzafar
 
Old school hacking : Exploiting UNIX Wildcards
Old school hacking : Exploiting UNIX WildcardsOld school hacking : Exploiting UNIX Wildcards
Old school hacking : Exploiting UNIX WildcardsUNIDEES Algérie
 
μTorrent
μTorrentμTorrent
μTorrentShubhashish Punj
 
Presentation: the domain name system
Presentation: the domain name systemPresentation: the domain name system
Presentation: the domain name systemwebhostingguy
 
Internet
InternetInternet
InternetHafiz Muhammad Habib Qadri
 
La nueva FOCA 2.7
La nueva FOCA 2.7La nueva FOCA 2.7
La nueva FOCA 2.7Eventos Creativos
 
Networking
NetworkingNetworking
Networkingguestf7cf98
 
Networking
NetworkingNetworking
Networkingguestf7cf98
 
Internet
InternetInternet
InternetBicku Gsp
 
Domain Name Provider-Easy.gr
Domain Name Provider-Easy.grDomain Name Provider-Easy.gr
Domain Name Provider-Easy.grharleydavidson11
 
Hacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria GrunickHacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria Grunickamiable_indian
 
DNSSEC for Registrars by .ORG & Afilias
DNSSEC for Registrars by .ORG & AfiliasDNSSEC for Registrars by .ORG & Afilias
DNSSEC for Registrars by .ORG & AfiliasORG, The Public Interest Registry
 
Linux and DNS Server
Linux and DNS ServerLinux and DNS Server
Linux and DNS ServerPrabhakar Thota
 
DNSSEC: What a Registrar Needs to Know
DNSSEC: What a Registrar Needs to KnowDNSSEC: What a Registrar Needs to Know
DNSSEC: What a Registrar Needs to Knowlaurenrprice
 
untitled_document.pptx
untitled_document.pptxuntitled_document.pptx
untitled_document.pptxRuuSpy
 
Hands-on getdns Tutorial
Hands-on getdns TutorialHands-on getdns Tutorial
Hands-on getdns TutorialShumon Huque
 
Peer-to-Peer Networking Systems and Streaming
Peer-to-Peer Networking Systems and StreamingPeer-to-Peer Networking Systems and Streaming
Peer-to-Peer Networking Systems and StreamingDilum Bandara
 
Serverless (Distributed computing)
Serverless (Distributed computing)Serverless (Distributed computing)
Serverless (Distributed computing)Sri Prasanna
 
DNSSEC: The Antidote to DNS Cache Poisoning and Other DNS Attacks
DNSSEC: The Antidote to DNS Cache Poisoning and Other DNS AttacksDNSSEC: The Antidote to DNS Cache Poisoning and Other DNS Attacks
DNSSEC: The Antidote to DNS Cache Poisoning and Other DNS AttacksFindWhitePapers
 
Understanding DNS Security
Understanding DNS SecurityUnderstanding DNS Security
Understanding DNS SecurityNihal Pasham, CISSP
 
P2P Seminar
P2P SeminarP2P Seminar
P2P SeminarCoRehab
 
Domain Name System
Domain Name SystemDomain Name System
Domain Name SystemWhoisXML API
 
Dns
DnsDns
Dnshoangdinhhanh88
 
5.Dns Rpc Nfs
5.Dns Rpc Nfs5.Dns Rpc Nfs
5.Dns Rpc Nfsphanleson
 
5.Dns Rpc Nfs 2
5.Dns Rpc Nfs 25.Dns Rpc Nfs 2
5.Dns Rpc Nfs 2phanleson
 

More Related Content

What's hot

Presentation: the domain name system
Presentation: the domain name systemPresentation: the domain name system
Presentation: the domain name systemwebhostingguy
 
Domain Name Provider-Easy.gr
Domain Name Provider-Easy.grDomain Name Provider-Easy.gr
Domain Name Provider-Easy.grharleydavidson11
 

What's hot (7)

Presentation: the domain name system
Presentation: the domain name systemPresentation: the domain name system
Presentation: the domain name system
 
Internet
InternetInternet
Internet
 
La nueva FOCA 2.7
La nueva FOCA 2.7La nueva FOCA 2.7
La nueva FOCA 2.7
 
Networking
NetworkingNetworking
Networking
 
Networking
NetworkingNetworking
Networking
 
Internet
InternetInternet
Internet
 
Domain Name Provider-Easy.gr
Domain Name Provider-Easy.grDomain Name Provider-Easy.gr
Domain Name Provider-Easy.gr
 

Similar to CensorMeOrNot - P2P System of DNS Caches - DefCamp 2012

Hacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria GrunickHacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria Grunickamiable_indian
 
DNSSEC: What a Registrar Needs to Know
DNSSEC: What a Registrar Needs to KnowDNSSEC: What a Registrar Needs to Know
DNSSEC: What a Registrar Needs to Knowlaurenrprice
 
untitled_document.pptx
untitled_document.pptxuntitled_document.pptx
untitled_document.pptxRuuSpy
 
Hands-on getdns Tutorial
Hands-on getdns TutorialHands-on getdns Tutorial
Hands-on getdns TutorialShumon Huque
 
Peer-to-Peer Networking Systems and Streaming
Peer-to-Peer Networking Systems and StreamingPeer-to-Peer Networking Systems and Streaming
Peer-to-Peer Networking Systems and StreamingDilum Bandara
 
Serverless (Distributed computing)
Serverless (Distributed computing)Serverless (Distributed computing)
Serverless (Distributed computing)Sri Prasanna
 
DNSSEC: The Antidote to DNS Cache Poisoning and Other DNS Attacks
DNSSEC: The Antidote to DNS Cache Poisoning and Other DNS AttacksDNSSEC: The Antidote to DNS Cache Poisoning and Other DNS Attacks
DNSSEC: The Antidote to DNS Cache Poisoning and Other DNS AttacksFindWhitePapers
 
P2P Seminar
P2P SeminarP2P Seminar
P2P SeminarCoRehab
 
Domain Name System
Domain Name SystemDomain Name System
Domain Name SystemWhoisXML API
 
5.Dns Rpc Nfs
5.Dns Rpc Nfs5.Dns Rpc Nfs
5.Dns Rpc Nfsphanleson
 
5.Dns Rpc Nfs 2
5.Dns Rpc Nfs 25.Dns Rpc Nfs 2
5.Dns Rpc Nfs 2phanleson
 
Detecting dns-tunneling-34152
Detecting dns-tunneling-34152Detecting dns-tunneling-34152
Detecting dns-tunneling-34152huynhvanphuc
 
Peerto Peer Networks
Peerto Peer NetworksPeerto Peer Networks
Peerto Peer Networkssanjoysanyal
 

Similar to CensorMeOrNot - P2P System of DNS Caches - DefCamp 2012 (20)

Hacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria GrunickHacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria Grunick
 
DNSSEC for Registrars by .ORG & Afilias
DNSSEC for Registrars by .ORG & AfiliasDNSSEC for Registrars by .ORG & Afilias
DNSSEC for Registrars by .ORG & Afilias
 
Linux and DNS Server
Linux and DNS ServerLinux and DNS Server
Linux and DNS Server
 
DNSSEC: What a Registrar Needs to Know
DNSSEC: What a Registrar Needs to KnowDNSSEC: What a Registrar Needs to Know
DNSSEC: What a Registrar Needs to Know
 
untitled_document.pptx
untitled_document.pptxuntitled_document.pptx
untitled_document.pptx
 
Hands-on getdns Tutorial
Hands-on getdns TutorialHands-on getdns Tutorial
Hands-on getdns Tutorial
 
Peer-to-Peer Networking Systems and Streaming
Peer-to-Peer Networking Systems and StreamingPeer-to-Peer Networking Systems and Streaming
Peer-to-Peer Networking Systems and Streaming
 
Serverless (Distributed computing)
Serverless (Distributed computing)Serverless (Distributed computing)
Serverless (Distributed computing)
 
DNSSEC: The Antidote to DNS Cache Poisoning and Other DNS Attacks
DNSSEC: The Antidote to DNS Cache Poisoning and Other DNS AttacksDNSSEC: The Antidote to DNS Cache Poisoning and Other DNS Attacks
DNSSEC: The Antidote to DNS Cache Poisoning and Other DNS Attacks
 
Understanding DNS Security
Understanding DNS SecurityUnderstanding DNS Security
Understanding DNS Security
 
P2P Seminar
P2P SeminarP2P Seminar
P2P Seminar
 
Domain Name System
Domain Name SystemDomain Name System
Domain Name System
 
Dns
DnsDns
Dns
 
5.Dns Rpc Nfs
5.Dns Rpc Nfs5.Dns Rpc Nfs
5.Dns Rpc Nfs
 
5.Dns Rpc Nfs 2
5.Dns Rpc Nfs 25.Dns Rpc Nfs 2
5.Dns Rpc Nfs 2
 
ION Bucharest - Deploying DNSSEC
ION Bucharest - Deploying DNSSECION Bucharest - Deploying DNSSEC
ION Bucharest - Deploying DNSSEC
 
Detecting dns-tunneling-34152
Detecting dns-tunneling-34152Detecting dns-tunneling-34152
Detecting dns-tunneling-34152
 
Penetration Testing Boot CAMP
Penetration Testing Boot CAMPPenetration Testing Boot CAMP
Penetration Testing Boot CAMP
 
Peerto Peer Networks
Peerto Peer NetworksPeerto Peer Networks
Peerto Peer Networks
 
DNS.pptx
DNS.pptxDNS.pptx
DNS.pptx
 

More from DefCamp

Remote Yacht Hacking
Remote Yacht HackingRemote Yacht Hacking
Remote Yacht HackingDefCamp
 
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!DefCamp
 
The Charter of Trust
The Charter of TrustThe Charter of Trust
The Charter of TrustDefCamp
 
Internet Balkanization: Why Are We Raising Borders Online?
Internet Balkanization: Why Are We Raising Borders Online?Internet Balkanization: Why Are We Raising Borders Online?
Internet Balkanization: Why Are We Raising Borders Online?DefCamp
 
Bridging the gap between CyberSecurity R&D and UX
Bridging the gap between CyberSecurity R&D and UXBridging the gap between CyberSecurity R&D and UX
Bridging the gap between CyberSecurity R&D and UXDefCamp
 
Secure and privacy-preserving data transmission and processing using homomorp...
Secure and privacy-preserving data transmission and processing using homomorp...Secure and privacy-preserving data transmission and processing using homomorp...
Secure and privacy-preserving data transmission and processing using homomorp...DefCamp
 
Drupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the AttackerDrupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the AttackerDefCamp
 
Economical Denial of Sustainability in the Cloud (EDOS)
Economical Denial of Sustainability in the Cloud (EDOS)Economical Denial of Sustainability in the Cloud (EDOS)
Economical Denial of Sustainability in the Cloud (EDOS)DefCamp
 
Trust, but verify – Bypassing MFA
Trust, but verify – Bypassing MFATrust, but verify – Bypassing MFA
Trust, but verify – Bypassing MFADefCamp
 
Threat Hunting: From Platitudes to Practical Application
Threat Hunting: From Platitudes to Practical ApplicationThreat Hunting: From Platitudes to Practical Application
Threat Hunting: From Platitudes to Practical ApplicationDefCamp
 
Building application security with 0 money down
Building application security with 0 money downBuilding application security with 0 money down
Building application security with 0 money downDefCamp
 
Implementation of information security techniques on modern android based Kio...
Implementation of information security techniques on modern android based Kio...Implementation of information security techniques on modern android based Kio...
Implementation of information security techniques on modern android based Kio...DefCamp
 
Lattice based Merkle for post-quantum epoch
Lattice based Merkle for post-quantum epochLattice based Merkle for post-quantum epoch
Lattice based Merkle for post-quantum epochDefCamp
 
The challenge of building a secure and safe digital environment in healthcare
The challenge of building a secure and safe digital environment in healthcareThe challenge of building a secure and safe digital environment in healthcare
The challenge of building a secure and safe digital environment in healthcareDefCamp
 
Timing attacks against web applications: Are they still practical?
Timing attacks against web applications: Are they still practical?Timing attacks against web applications: Are they still practical?
Timing attacks against web applications: Are they still practical?DefCamp
 
Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured DefCamp
 
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...DefCamp
 
We will charge you. How to [b]reach vendor’s network using EV charging station.
We will charge you. How to [b]reach vendor’s network using EV charging station.We will charge you. How to [b]reach vendor’s network using EV charging station.
We will charge you. How to [b]reach vendor’s network using EV charging station.DefCamp
 
Connect & Inspire Cyber Security
Connect & Inspire Cyber SecurityConnect & Inspire Cyber Security
Connect & Inspire Cyber SecurityDefCamp
 
The lions and the watering hole
The lions and the watering holeThe lions and the watering hole
The lions and the watering holeDefCamp
 

More from DefCamp (20)

Remote Yacht Hacking
Remote Yacht HackingRemote Yacht Hacking
Remote Yacht Hacking
 
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
 
The Charter of Trust
The Charter of TrustThe Charter of Trust
The Charter of Trust
 
Internet Balkanization: Why Are We Raising Borders Online?
Internet Balkanization: Why Are We Raising Borders Online?Internet Balkanization: Why Are We Raising Borders Online?
Internet Balkanization: Why Are We Raising Borders Online?
 
Bridging the gap between CyberSecurity R&D and UX
Bridging the gap between CyberSecurity R&D and UXBridging the gap between CyberSecurity R&D and UX
Bridging the gap between CyberSecurity R&D and UX
 
Secure and privacy-preserving data transmission and processing using homomorp...
Secure and privacy-preserving data transmission and processing using homomorp...Secure and privacy-preserving data transmission and processing using homomorp...
Secure and privacy-preserving data transmission and processing using homomorp...
 
Drupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the AttackerDrupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the Attacker
 
Economical Denial of Sustainability in the Cloud (EDOS)
Economical Denial of Sustainability in the Cloud (EDOS)Economical Denial of Sustainability in the Cloud (EDOS)
Economical Denial of Sustainability in the Cloud (EDOS)
 
Trust, but verify – Bypassing MFA
Trust, but verify – Bypassing MFATrust, but verify – Bypassing MFA
Trust, but verify – Bypassing MFA
 
Threat Hunting: From Platitudes to Practical Application
Threat Hunting: From Platitudes to Practical ApplicationThreat Hunting: From Platitudes to Practical Application
Threat Hunting: From Platitudes to Practical Application
 
Building application security with 0 money down
Building application security with 0 money downBuilding application security with 0 money down
Building application security with 0 money down
 
Implementation of information security techniques on modern android based Kio...
Implementation of information security techniques on modern android based Kio...Implementation of information security techniques on modern android based Kio...
Implementation of information security techniques on modern android based Kio...
 
Lattice based Merkle for post-quantum epoch
Lattice based Merkle for post-quantum epochLattice based Merkle for post-quantum epoch
Lattice based Merkle for post-quantum epoch
 
The challenge of building a secure and safe digital environment in healthcare
The challenge of building a secure and safe digital environment in healthcareThe challenge of building a secure and safe digital environment in healthcare
The challenge of building a secure and safe digital environment in healthcare
 
Timing attacks against web applications: Are they still practical?
Timing attacks against web applications: Are they still practical?Timing attacks against web applications: Are they still practical?
Timing attacks against web applications: Are they still practical?
 
Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured
 
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
 
We will charge you. How to [b]reach vendor’s network using EV charging station.
We will charge you. How to [b]reach vendor’s network using EV charging station.We will charge you. How to [b]reach vendor’s network using EV charging station.
We will charge you. How to [b]reach vendor’s network using EV charging station.
 
Connect & Inspire Cyber Security
Connect & Inspire Cyber SecurityConnect & Inspire Cyber Security
Connect & Inspire Cyber Security
 
The lions and the watering hole
The lions and the watering holeThe lions and the watering hole
The lions and the watering hole
 

CensorMeOrNot - P2P System of DNS Caches - DefCamp 2012