Domain name system (DNS) protection
from
Monday, November 30, 2020 (2:00 PM)
to
Thursday, December 10, 2020 (3:00 PM)
Monday, November 30, 2020
2:00 PM
Introduction to DNS and its security problems
Introduction to DNS and its security problems
2:00 PM - 3:00 PM
The Domain Name System (DNS) is one of the core services of the Internet as we know it today. It was designed in 1983 and has been a critical part of the Internet infrastructure ever since. This session gives an overview of how DNS works and, crucially, what security implications its design and operation have. Date of delivery: 30 November 2020 2 pm CET
Tuesday, December 1, 2020
Wednesday, December 2, 2020
Thursday, December 3, 2020
2:00 PM
DNS for Network Defense - Using DNS to protect and observe
DNS for Network Defense - Using DNS to protect and observe
2:00 PM - 3:00 PM
DNS is used not only for the mapping of names to IP adresses and vice versa. This session includes several use cases showing how using information provided by DNS servers can be used to protect the local network from malicious activities, like SPAM or drive-by infections. This is followed by a block on monitoring DNS queries to collect information about ongoing intruder activity on an organisation's network. Date of delivery: 3 December 2020 2:00 pm CET
Friday, December 4, 2020
Saturday, December 5, 2020
Sunday, December 6, 2020
Monday, December 7, 2020
2:00 PM
DNSSEC - Protecting the integrity of the Domain Naming System
DNSSEC - Protecting the integrity of the Domain Naming System
2:00 PM - 3:00 PM
Although being hampered by slow adoption, DNSSEC has proven to deal effectively with the integrity problems of DNS. This module introduces the general concepts of DNSSEC and provides a practical example by implementing DNSSEC in a local zone. Date of delivery: 07 December 2020 2 pm CET
Tuesday, December 8, 2020
Wednesday, December 9, 2020
Thursday, December 10, 2020
2:00 PM
DNS Privacy Protocols - Encrypted DNS queries for privacy protection
DNS Privacy Protocols - Encrypted DNS queries for privacy protection
2:00 PM - 3:00 PM
With the integrity of DNS taken care of by DNSSEC, inspection of DNS query data has been used for good and for bad intentions by various actors on the internet. "DNS over TLS" (DoT) and "DNS over HTTPs" (DoH) have been created as ways to mitigate the latter, while unfortunately also interfering with the former. This module will give insights into the workings and configuration of DoT and DoH, and explain trade-offs organisations' network administrators have to make between security and privacy on their network as well as show how to deal with some of them. Date of delivery: 10 Dec 2020 2:00 pm CET