A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Analyzing DNS Traffic for Malicious Activity Using Open Source Logging Tools - Jim Nitterauer NolaCon 2016 (Hacking Illustrated Series InfoSec Tutorial Videos)

Analyzing DNS Traffic for Malicious Activity Using Open Source Logging Tools
Jim Nitterauer

DNS is the engine that makes the Internet work, converting recognizable names into IP addresses behind the scenes. Without DNS, the Internet as we know it would not exist. DNS tends to be a service that once configured, is often ignored. In today's world of ongoing and evolving cyberattacks, DNS is often overlooked as a means of both detecting and mitigating network compromise. This talk will examine ways to analyze DNS traffic for signs of malicious activity, discuss ways to filter and secure DNS as well as examine how DNS data can be used to quickly identify compromised devices. We will examine a variety of tools used to analyze and uncover some common DNS attacks and network compromise including NXLog, Logstash, Graylog, Kibana and Elasticsearch.

Jim is currently a Senior Systems Administrator at AppRiver, LLC. His team is responsible for global network deployments and manages the SecureSurf global DNS infrastructure and SecureTide global SPAM & Virus filtering infrastructure as well as all internal applications and manages network security for the entire company. He served President and CEO of GridSouth Networks, LLC, a joint venture between Creative Data Concepts Limited Inc. and AppRiver, LLC. Jim is also the founder and President of Creative Data Concepts Limited, Inc., a well-known Web services provider that has been located in Pensacola, Florida since 1998. Jim holds a Bachelor of Science degree with a major in biology from Ursinus College and a Master of Science degree with a major in microbiology and biochemistry from the University of Alabama.

@jnitterauer

Recorded at NolaCon 2016

Back to NolaCon 2016 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast