A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


DNSSUX: Why DNSSEC Makes Us Weaker - Alfredo Ramirez Derbycon 2016 (Hacking Illustrated Series InfoSec Tutorial Videos)

DNSSUX: Why DNSSEC Makes Us Weaker
Alfredo Ramirez
Derbycon 2016

The DNSSEC specification was released in 2005 to help secure our DNS infrastructure and protect domains from being spoofed by implementing a PKI similar to what is used for SSL Certificates. Fast-forward to now and everyone is using it, right? Wrong. Not only are less than 1% of major websites using DNSSEC, but those that are arguably weaken their security posture by exposing all of their domains to reconnaissance by bad actors. In this talk we will walk through the history of DNSSEC, why its adoption has stalled, weaknesses in the spec and what we can learn to help build better systems to protect our DNS.

Alfredo leads the Research and Development Team at SecurityScorecard, focused on collecting observational data (non-intrusively) that provides insight into organizations' security posture. Previously he has spent time as a security consultant at VSR, performing all manner of penetration testing, and as a Vulnerability Research Engineer at Tenable Network Security.

@bonds0097

Back to Derbycon 2016 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast