45 min listen
Unavailable
Currently unavailable
2018-023: Cydefe interview-DNS enumeration-CTF setup & prep
Currently unavailable
2018-023: Cydefe interview-DNS enumeration-CTF setup & prep
ratings:
Length:
55 minutes
Released:
Jul 2, 2018
Format:
Podcast episode
Description
Raymond Evans - CTF organizer for nolacon and Founder of CyDefe Labs @cydefe CTF setup / challenges of setting up a CTF. Beginners & CTFs Types tips/tricks Biggest downfalls of CTF development https://www.heroku.com/ www.exploit-db.com BrakeSec DerbyCon @dragosinc dragos.com DNS Enumeration: https://github.com/nixawk/pentest-wiki/blob/master/1.Information-Gathering/How-to-gather-dns-information.md DNS Tools: https://dnsdumpster.com/ https://tools.kali.org/information-gathering/theharvester DNS Tutorial https://www.youtube.com/watch?v=4ZtFk2dtqv0 (A cat explains DNS) https://pentestlab.blog/tag/dns-enumeration/ DNS Logging detailed DNS queries and responses can be beneficial for many reasons. For the first and most obvious reason is to aid in incident response. DNS logs can be largely helpful for tracking down malicious behavior, especially on endpoints in a DHCP pool. If an alert is received with a specific IP address, that IP address may not be on the same endpoint by the time someone ends up investigating. Not only does that waste time, it also gives the malicious program or attacker more time to hide themselves or spread to other machines. DNS is also useful for tracking down other compromised hosts, downloads from malicious websites, and if malware is using Domain Generating Algorithms (DGAs) to mask malicious behavior and evade detection. NOTE: However if a Microsoft DNS solution (prior to server 2012) is in use, according to Microsoft, “Debug logging can be resource intensive, affecting overall server performance and consuming disk space. Therefore, it should only be used temporarily when more detailed information about server performance is needed.” From Server 2012 forward DNS analytic logging is much less resource intensive. If the organization is using BIND or some DNS appliance, it should have the capability to log all information about DNS requests and replies. How difficult has that become with the advent of GDPR and whois record anonymization? Join our #Slack Channel! Email us at bds.podcast@gmail.com or DM us on Twitter @brakesec #Spotify: https://brakesec.com/spotifyBDS #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel: http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site: https://brakesec.com/bdswebsite #iHeartRadio App: https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec
Released:
Jul 2, 2018
Format:
Podcast episode
Titles in the series (100)
2020-018- Masha Sedova, bespoke security training, useful metrics to tailor training: Masha Sedova - Founder, Elevate Security Inability to measure human security behaviors leads to increased risk in our computing environments. For too long, we’ve accepted training completion and mock phishing data as a sufficient way to measure this... by BrakeSec Education Podcast