Domain name system (DNS) protection
from
Monday, 30 November 2020 (14:00)
to
Thursday, 10 December 2020 (15:00)
Monday, 30 November 2020
14:00
Introduction to DNS and its security problems
Introduction to DNS and its security problems
14:00 - 15:00
The Domain Name System (DNS) is one of the core services of the Internet as we know it today. It was designed in 1983 and has been a critical part of the Internet infrastructure ever since. This session gives an overview of how DNS works and, crucially, what security implications its design and operation have. Date of delivery: 30 November 2020 2 pm CET
Tuesday, 1 December 2020
Wednesday, 2 December 2020
Thursday, 3 December 2020
14:00
DNS for Network Defense - Using DNS to protect and observe
DNS for Network Defense - Using DNS to protect and observe
14:00 - 15:00
DNS is used not only for the mapping of names to IP adresses and vice versa. This session includes several use cases showing how using information provided by DNS servers can be used to protect the local network from malicious activities, like SPAM or drive-by infections. This is followed by a block on monitoring DNS queries to collect information about ongoing intruder activity on an organisation's network. Date of delivery: 3 December 2020 2:00 pm CET
Friday, 4 December 2020
Saturday, 5 December 2020
Sunday, 6 December 2020
Monday, 7 December 2020
14:00
DNSSEC - Protecting the integrity of the Domain Naming System
DNSSEC - Protecting the integrity of the Domain Naming System
14:00 - 15:00
Although being hampered by slow adoption, DNSSEC has proven to deal effectively with the integrity problems of DNS. This module introduces the general concepts of DNSSEC and provides a practical example by implementing DNSSEC in a local zone. Date of delivery: 07 December 2020 2 pm CET
Tuesday, 8 December 2020
Wednesday, 9 December 2020
Thursday, 10 December 2020
14:00
DNS Privacy Protocols - Encrypted DNS queries for privacy protection
DNS Privacy Protocols - Encrypted DNS queries for privacy protection
14:00 - 15:00
With the integrity of DNS taken care of by DNSSEC, inspection of DNS query data has been used for good and for bad intentions by various actors on the internet. "DNS over TLS" (DoT) and "DNS over HTTPs" (DoH) have been created as ways to mitigate the latter, while unfortunately also interfering with the former. This module will give insights into the workings and configuration of DoT and DoH, and explain trade-offs organisations' network administrators have to make between security and privacy on their network as well as show how to deal with some of them. Date of delivery: 10 Dec 2020 2:00 pm CET