Submit Search
Upload
Clean dns technical_enus
•
Download as PPTX, PDF
•
0 likes
•
437 views
Bruno Guerreiro, COBIT, ITIL, MCSO, LPIC3 Security
Follow
CleanDNS technical overview
Read less
Read more
Internet
Slideshow view
Report
Share
Slideshow view
Report
Share
1 of 14
Download now
Recommended
Applied Detection and Analysis Using Flow Data - MIRCon 2014
Applied Detection and Analysis Using Flow Data - MIRCon 2014
chrissanders88
DNS Security
DNS Security
johnmcclure00
Applied Detection and Analysis with Flow Data - SO Con 2014
Applied Detection and Analysis with Flow Data - SO Con 2014
chrissanders88
IPv6 Threat Presentation
IPv6 Threat Presentation
johnmcclure00
DepenDNS Analysis
DepenDNS Analysis
SAIFUR RAHMAN
Early Detection of Malicious Flux Networks via Large Scale Passive DNS Traffi...
Early Detection of Malicious Flux Networks via Large Scale Passive DNS Traffi...
Paladion Networks
Ddos and mitigation methods.pptx
Ddos and mitigation methods.pptx
Ozkan E
Malware Analysis Made Simple
Malware Analysis Made Simple
Paul Melson
Recommended
Applied Detection and Analysis Using Flow Data - MIRCon 2014
Applied Detection and Analysis Using Flow Data - MIRCon 2014
chrissanders88
DNS Security
DNS Security
johnmcclure00
Applied Detection and Analysis with Flow Data - SO Con 2014
Applied Detection and Analysis with Flow Data - SO Con 2014
chrissanders88
IPv6 Threat Presentation
IPv6 Threat Presentation
johnmcclure00
DepenDNS Analysis
DepenDNS Analysis
SAIFUR RAHMAN
Early Detection of Malicious Flux Networks via Large Scale Passive DNS Traffi...
Early Detection of Malicious Flux Networks via Large Scale Passive DNS Traffi...
Paladion Networks
Ddos and mitigation methods.pptx
Ddos and mitigation methods.pptx
Ozkan E
Malware Analysis Made Simple
Malware Analysis Made Simple
Paul Melson
World's Largest DDoS Attack
World's Largest DDoS Attack
Bvs Narayana
Hunting on the Cheap
Hunting on the Cheap
EndgameInc
Infrastructure Tracking with Passive Monitoring and Active Probing: ShmooCon ...
Infrastructure Tracking with Passive Monitoring and Active Probing: ShmooCon ...
OpenDNS
Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)
btpsec
Billions & Billions of Logs
Billions & Billions of Logs
Jack Crook
BlueHat v17 || 28 Registrations Later: Measuring the Exploitation of Residual...
BlueHat v17 || 28 Registrations Later: Measuring the Exploitation of Residual...
BlueHat Security Conference
External to DA, the OS X Way
External to DA, the OS X Way
Stephan Borosh
getdns PyCon presentation
getdns PyCon presentation
Melinda Shore
Fingerprinting healthcare institutions
Fingerprinting healthcare institutions
securityxploded
Security in network
Security in network
DaNang University of Technology
BSidesLV 2016 - Powershell - Hunting on the Endpoint - Gerritz
BSidesLV 2016 - Powershell - Hunting on the Endpoint - Gerritz
Christopher Gerritz
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
OpenDNS
Hunting on the cheap
Hunting on the cheap
Anjum Ahuja
Malicious Client Detection Using Machine Learning
Malicious Client Detection Using Machine Learning
securityxploded
23rd PITA AGM and Conference: DNS Security - A holistic view
23rd PITA AGM and Conference: DNS Security - A holistic view
APNIC
Dnssec tutorial-crypto-defs
Dnssec tutorial-crypto-defs
AFRINIC
Cryptolocker Webcast
Cryptolocker Webcast
OpenDNS
Network based file carving
Network based file carving
GTKlondike
Understanding DNS Security
Understanding DNS Security
Nihal Pasham, CISSP
abusing dns to spread malware:from router to end user(滥用dns传播恶意软件:从路由器到最终用户)-...
abusing dns to spread malware:from router to end user(滥用dns传播恶意软件:从路由器到最终用户)-...
Yankmo
Monitoring for DNS Security
Monitoring for DNS Security
ThousandEyes
Malicious Domain Profiling
Malicious Domain Profiling
E Hacking
More Related Content
What's hot
World's Largest DDoS Attack
World's Largest DDoS Attack
Bvs Narayana
Hunting on the Cheap
Hunting on the Cheap
EndgameInc
Infrastructure Tracking with Passive Monitoring and Active Probing: ShmooCon ...
Infrastructure Tracking with Passive Monitoring and Active Probing: ShmooCon ...
OpenDNS
Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)
btpsec
Billions & Billions of Logs
Billions & Billions of Logs
Jack Crook
BlueHat v17 || 28 Registrations Later: Measuring the Exploitation of Residual...
BlueHat v17 || 28 Registrations Later: Measuring the Exploitation of Residual...
BlueHat Security Conference
External to DA, the OS X Way
External to DA, the OS X Way
Stephan Borosh
getdns PyCon presentation
getdns PyCon presentation
Melinda Shore
Fingerprinting healthcare institutions
Fingerprinting healthcare institutions
securityxploded
Security in network
Security in network
DaNang University of Technology
BSidesLV 2016 - Powershell - Hunting on the Endpoint - Gerritz
BSidesLV 2016 - Powershell - Hunting on the Endpoint - Gerritz
Christopher Gerritz
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
OpenDNS
Hunting on the cheap
Hunting on the cheap
Anjum Ahuja
Malicious Client Detection Using Machine Learning
Malicious Client Detection Using Machine Learning
securityxploded
23rd PITA AGM and Conference: DNS Security - A holistic view
23rd PITA AGM and Conference: DNS Security - A holistic view
APNIC
Dnssec tutorial-crypto-defs
Dnssec tutorial-crypto-defs
AFRINIC
Cryptolocker Webcast
Cryptolocker Webcast
OpenDNS
Network based file carving
Network based file carving
GTKlondike
Understanding DNS Security
Understanding DNS Security
Nihal Pasham, CISSP
What's hot
(19)
World's Largest DDoS Attack
World's Largest DDoS Attack
Hunting on the Cheap
Hunting on the Cheap
Infrastructure Tracking with Passive Monitoring and Active Probing: ShmooCon ...
Infrastructure Tracking with Passive Monitoring and Active Probing: ShmooCon ...
Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)
Billions & Billions of Logs
Billions & Billions of Logs
BlueHat v17 || 28 Registrations Later: Measuring the Exploitation of Residual...
BlueHat v17 || 28 Registrations Later: Measuring the Exploitation of Residual...
External to DA, the OS X Way
External to DA, the OS X Way
getdns PyCon presentation
getdns PyCon presentation
Fingerprinting healthcare institutions
Fingerprinting healthcare institutions
Security in network
Security in network
BSidesLV 2016 - Powershell - Hunting on the Endpoint - Gerritz
BSidesLV 2016 - Powershell - Hunting on the Endpoint - Gerritz
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
Hunting on the cheap
Hunting on the cheap
Malicious Client Detection Using Machine Learning
Malicious Client Detection Using Machine Learning
23rd PITA AGM and Conference: DNS Security - A holistic view
23rd PITA AGM and Conference: DNS Security - A holistic view
Dnssec tutorial-crypto-defs
Dnssec tutorial-crypto-defs
Cryptolocker Webcast
Cryptolocker Webcast
Network based file carving
Network based file carving
Understanding DNS Security
Understanding DNS Security
Similar to Clean dns technical_enus
abusing dns to spread malware:from router to end user(滥用dns传播恶意软件:从路由器到最终用户)-...
abusing dns to spread malware:from router to end user(滥用dns传播恶意软件:从路由器到最终用户)-...
Yankmo
Monitoring for DNS Security
Monitoring for DNS Security
ThousandEyes
Malicious Domain Profiling
Malicious Domain Profiling
E Hacking
From liability to asset, the role you should be playing in your security arch...
From liability to asset, the role you should be playing in your security arch...
Jisc
Dns protection
Dns protection
Marcello Marchesini
NANOG 84: DNS Openness
NANOG 84: DNS Openness
APNIC
Is DNS a Part of Your Cyber Security Strategy?
Is DNS a Part of Your Cyber Security Strategy?
Digital Transformation EXPO Event Series
DNS in IR: Collection, Analysis and Response
DNS in IR: Collection, Analysis and Response
pm123008
CNIT 40: 4: Monitoring and detecting security breaches
CNIT 40: 4: Monitoring and detecting security breaches
Sam Bowne
How DNS works and How to secure it: An Introduction
How DNS works and How to secure it: An Introduction
yasithbagya1
DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16
Radware
BSides Rochester 2018: Chris Partridge: Turning Domain Data Into Domain Intel...
BSides Rochester 2018: Chris Partridge: Turning Domain Data Into Domain Intel...
JosephTesta9
NSX 4.0-4.1 Anti-Malware 301 ToI - v1.10.pptx
NSX 4.0-4.1 Anti-Malware 301 ToI - v1.10.pptx
Rui Sousa
DNS Exfiltration and Out-of-bound attacks
DNS Exfiltration and Out-of-bound attacks
Nitesh Shilpkar
Kipp berdiansky on network security
Kipp berdiansky on network security
Kipp Berdiansky
DNS Attacks
DNS Attacks
Himanshu Prabhakar
Session 4.1 Roy Arends
Session 4.1 Roy Arends
Commonwealth Telecommunications Organisation
NZNOG 2013 - Experiments in DNSSEC
NZNOG 2013 - Experiments in DNSSEC
APNIC
Infoblox - turning DNS from security target to security tool
Infoblox - turning DNS from security target to security tool
Jisc
SDN and Named Data Networking Security
SDN and Named Data Networking Security
wolverinetyagi
Similar to Clean dns technical_enus
(20)
abusing dns to spread malware:from router to end user(滥用dns传播恶意软件:从路由器到最终用户)-...
abusing dns to spread malware:from router to end user(滥用dns传播恶意软件:从路由器到最终用户)-...
Monitoring for DNS Security
Monitoring for DNS Security
Malicious Domain Profiling
Malicious Domain Profiling
From liability to asset, the role you should be playing in your security arch...
From liability to asset, the role you should be playing in your security arch...
Dns protection
Dns protection
NANOG 84: DNS Openness
NANOG 84: DNS Openness
Is DNS a Part of Your Cyber Security Strategy?
Is DNS a Part of Your Cyber Security Strategy?
DNS in IR: Collection, Analysis and Response
DNS in IR: Collection, Analysis and Response
CNIT 40: 4: Monitoring and detecting security breaches
CNIT 40: 4: Monitoring and detecting security breaches
How DNS works and How to secure it: An Introduction
How DNS works and How to secure it: An Introduction
DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16
BSides Rochester 2018: Chris Partridge: Turning Domain Data Into Domain Intel...
BSides Rochester 2018: Chris Partridge: Turning Domain Data Into Domain Intel...
NSX 4.0-4.1 Anti-Malware 301 ToI - v1.10.pptx
NSX 4.0-4.1 Anti-Malware 301 ToI - v1.10.pptx
DNS Exfiltration and Out-of-bound attacks
DNS Exfiltration and Out-of-bound attacks
Kipp berdiansky on network security
Kipp berdiansky on network security
DNS Attacks
DNS Attacks
Session 4.1 Roy Arends
Session 4.1 Roy Arends
NZNOG 2013 - Experiments in DNSSEC
NZNOG 2013 - Experiments in DNSSEC
Infoblox - turning DNS from security target to security tool
Infoblox - turning DNS from security target to security tool
SDN and Named Data Networking Security
SDN and Named Data Networking Security
More from Bruno Guerreiro, COBIT, ITIL, MCSO, LPIC3 Security
Clean dns ptbr
Clean dns ptbr
Bruno Guerreiro, COBIT, ITIL, MCSO, LPIC3 Security
Clean dns ptbr
Clean dns ptbr
Bruno Guerreiro, COBIT, ITIL, MCSO, LPIC3 Security
Clean dns enus
Clean dns enus
Bruno Guerreiro, COBIT, ITIL, MCSO, LPIC3 Security
Clean dns ptbr
Clean dns ptbr
Bruno Guerreiro, COBIT, ITIL, MCSO, LPIC3 Security
Clean dns enus
Clean dns enus
Bruno Guerreiro, COBIT, ITIL, MCSO, LPIC3 Security
Clean dns ptbr
Clean dns ptbr
Bruno Guerreiro, COBIT, ITIL, MCSO, LPIC3 Security
CleanDNS_enUS
CleanDNS_enUS
Bruno Guerreiro, COBIT, ITIL, MCSO, LPIC3 Security
More from Bruno Guerreiro, COBIT, ITIL, MCSO, LPIC3 Security
(7)
Clean dns ptbr
Clean dns ptbr
Clean dns ptbr
Clean dns ptbr
Clean dns enus
Clean dns enus
Clean dns ptbr
Clean dns ptbr
Clean dns enus
Clean dns enus
Clean dns ptbr
Clean dns ptbr
CleanDNS_enUS
CleanDNS_enUS
Recently uploaded
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
girls4nights
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
soniya singh
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
Thierry TROUIN ☁
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
anamikaraghav4
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Delhi Call girls
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
anamikaraghav4
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
ishabajaj13
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
tanu pandey
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
vipmodelshub1
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
James Anderson
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
anamikaraghav4
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
kojalkojal131
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
soniya singh
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
APNIC
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
dollysharma2066
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
APNIC
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
sonalikaur4
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
divyansh0kumar0
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
gwenoracqe6
Recently uploaded
(20)
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Clean dns technical_enus
1.
#Because Detection is
Cool but Proactivity is Better!
2.
•Technical Approach •Examples •Sources •References
3.
CleanDNS methodology
is based on Defense In Depth approach using a 4 phase approach, as follows: 1 – Network DNS Request Filtering; 2 – DNS Domain Sinkhole; 3 – DNS Secure Last Resource; 4 – Network DNS Response Filtering;
4.
A typical
malware DNS flow.
5.
A typical
non malware DNS flow.
6.
A DNSTunneling
DNS Request = 1 - Network DNS Request Filtering
7.
A Suspicious
LowTTL DNS Response = 1 - Network DNS Request Filtering
8.
A know
malware domain by SNORT = 1 - Network DNS Request Filtering
9.
A know
malware domain by local Database = 2 – DNS Domain Sinkhole
10.
A know
malware domain byOpenDNS = 3 – DNS Secure Last Resource
11.
A know
malware IP address = 4 – Network DNS Response Filtering
12.
1 –
Network DNS Request Filtering; SNORT Community Rule Set; Proofpoint Emerging Threats Open Rule Set; Customized Anti-DNSTunnel Rules; 2 – DNS Domain Sinkhole; Malware Domain BlockList; ZeusTracker; Ransomware Tracker; Malware Domain List; Shalla`s Blacklist; Dshield; URL Blacklist; 3 – DNS Secure Last Resource; OpenDNS itself; 4 – Network DNS Response Filtering; Ransomware Tracker; Dshield;
13.
Detecting DNSTunneling;
https://www.sans.org/reading- room/whitepapers/dns/detecting-dns-tunneling- 34152 DNS Sinkhole by SANS; https://www.sans.org/reading- room/whitepapers/dns/dns-sinkhole-33523 Detecting and Blocking DNSTunneling with Custom Signatures; https://community.mcafee.com/thread/87616 Ransomware Tracker; https://ransomwaretracker.abuse.ch/ Malware Domain List https://www.malwaredomainlist.com/ Shalla`s Blacklist http://www.shallalist.de/ Malware Domain Blocklist http://www.malwaredomains.com/ ZeusTracker https://zeustracker.abuse.ch/ Dshield https://www.dshield.org/ URL BlackList http://www.urlblacklist.com/ Proofpoint Emerging Threats https://www.proofpoint.com/us/products/et- intelligence Snort https://www.snort.org/ OpenDNS https://www.opendns.com/
14.
#Because Detection is
Cool but Proactivity is Better! • Project Page: https://www.facebook.com/cleandns • Download: https://cleandns.sourceforge.net
Download now