Securing Your DNS Infrastructure in 5 Minutes

Slides:

Advertisements

Similar presentations

Consortium Conference 13 July 2012 Operational Developments Ian Lehmann Chief Operations Officer London Grid for Learning.

Advertisements

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Auditing Active Directory Presented to the National State Auditors Association 2014 Information Technology Conference.

 Single sign-on o Centralized and federated passport o Federated Liberty Alliance and Shibboleth  Authorization o Who can access which resource o ACM.

Chapter 7 Firewalls. Firewall Definition  A network device that enforces network access control based upon a defined security policy.

Networks and Security A Series of Lectures, Outlining: How Networks affect Security of a system Security of System Security of Network Security of Organisation.

Data Security in Local Networks using Distributed Firewalls

1 Enabling Secure Internet Access with ISA Server.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

Chapter 13 – Network Security

Firewall and Internet Access Mechanism that control (1)Internet access, (2)Handle the problem of screening a particular network or an organization from.

Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.

BIAB T ECHNOLOGY (B RANCH -I N -A-B OX ). A GENDA BIAB Solution Components BIAB Benefits BIAB Infrastructure.

Module 14: Configuring Server Security Compliance

20411B 8: Installing, Configuring, and Troubleshooting the Network Policy Server Role Presentation: 60 minutes Lab: 60 minutes After completing this module,

Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

1 Chapter Overview Password Protection Security Models Firewalls Security Protocols.

Training and Dissemination Enabling Grids for E-sciencE Jinny Chien, ASGC 1 Training and Dissemination Jinny Chien Academia Sinica Grid.

.LV today and tomorrow Katrīna Sataki, NIC.LV Riga, 19 April 2013.

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

* Agenda  What is the DNS ?  Poisoning the cache  Short term solution  Long term solution.

A machine that acts as the central relay between computers on a network Low cost, low function machine usually operating at Layer 1 Ties together the.

1 Network Firewalls CSCI Web Security Spring 2003 Presented By Yasir Zahur.

Module 10: Windows Firewall and Caching Fundamentals.

Venus Project Brief Description. What It Do What Monitor Log Analyze Block Narrow Report Search Where Single stations Internet Gates Special Devices Web.

System Migration to the PCI Environment BRIAN BENINGA, INFORMATION SECURITY ARCHITECT NOVEMBER 12, 2015.

Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.

Firewall Technology and InterCell Communication Peter T. Dinsmore Trusted Information Systems Network Associates Inc 3060 Washington Rd (Rt. 97) Glenwood,

Data Security in Local Network Using Distributed Firewall Presented By- Rahul N.Bais Guide Prof. Vinod Nayyar H.O.D Prof.Anup Gade.

Complete VM Mobility Across the Datacenter Server Virtualization Hyper-V 2012 Live Migrate VM and Storage to Clusters Live Migrate VM and Storage Between.

IS3220 Information Technology Infrastructure Security

IP packet filtering Breno de Medeiros. Florida State University Fall 2005 Packet filtering Packet filtering is a network security mechanism that works.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training What’s New in Fireware v

Security Benefits of Firewall Protection

Chapter TCP/IP in the Windows Environment © N. Ganesan, Ph.D., All rights reserved.

All the fun one can have with DNS

IBM Tivoli Provisioning Manager IPv6 Enablement

Working at a Small-to-Medium Business or ISP – Chapter 8

Footprinting and Scanning

CONNECTING TO THE INTERNET

Database backed DNS.

Configuring and Troubleshooting DNS

Securing the Network Perimeter with ISA 2004

Working at a Small-to-Medium Business or ISP – Chapter 7

Client Client 4) Hello , please give me the website

Typical Life Cycle of a Domain Name

Footprinting and Scanning

Welcome To : Group 1 VC Presentation

Working at a Small-to-Medium Business or ISP – Chapter 7

CIS 409Competitive Success/tutorialrank.com

CIS 409 Education for Service-- tutorialrank.com.

Typical Life Cycle of a Domain Name

Proactive Network Protection Through DNS

ISMS Information Security Management System

فصل نهم از کتاب طراحی آموزشی تألیف :آر.ام گانیه

Working at a Small-to-Medium Business or ISP – Chapter 7

Identity & Access Management

OPS235: Configuring a Network Using Virtual Machines – Part 2

Contact Center Security Strategies

Data Security in Local Networks using Distributed Firewalls

Security through Group Policy

(DNS – Domain Name System)

Computer Networks Presentation

網際網路電話系統期中考重點整理.

Session 20 INST 346 Technologies, Infrastructure and Architecture

Global One Communications

IT Management, Simplified

Presentation transcript:

Securing Your DNS Infrastructure in 5 Minutes Allan Liska Securing Your DNS Infrastructure in 5 Minutes

About Me 15+ Years Experience in Security Solutions Architect at Recorded Future Writes about: Security, Intelligence, DNS, Ransomware and NTP. Contact me: allan@allan.org or @uuallan

Despite Its Importance, DNS Security is often Overlooked This presentation is a 15-point checklist for improving your DNS security

1. What domains does your organization have, who registered them & when do they expire?

2. Where Are They Registered?

3. Centralize control of domains & create a domain registration policy

4. Enable Registrar 2-Factor Authentication

5. Lock Domains to Prevent Updates/Transfers

6. Enable DNSSEC for your Domains

7. Host Primary and Secondary DNS with Different Registrars

8. Pen-Test Your Registrars (NOT THEIR NETWORK!)

Musical Interlude

9. Use Split-View Recursive DNS

10. Patch your recursive DNS server

11. Block all outgoing traffic on TCP/UDP port 53 at the firewall Except, of course, traffic from your recursive DNS server…

12. Enable RPZs/Blacklists

13. Log DNS Traffic

14. MONITOR THE LOGS MONITOR THE LOGS MONITOR THE LOGS

15. Document all of the steps