A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


DNS - Strategies for Reducing Data Leakage & Protecting Online Privacy - Jim Nitterauer NolaCon 2019 (Hacking Illustrated Series InfoSec <br>Tutorial Videos)

DNS - Strategies for Reducing Data Leakage & Protecting Online Privacy
Jim Nitterauer


This talk examines how DNS works and looks at a few ways in which DNS can be exploited. We will review the state of DNS security from an end user perspective and will examine ways in which you can effectively limit the disclosure of your online habits through securing the way your local DNS resolvers work. \nWe will also discuss common ways in which DNS data is being tracked and monitored, often without our knowledge. We will then lay out a foundational approach for building a DNS solution that can be used to both insure the accuracy and authenticity of DNS request results while protecting DNS data leaving our devices & networks from prying eyes. We will examine ways to baseline existing DNS traffic using a variety of simple tools including Wireshark, Packetbeat and Graylog.\nWe will then review some of the newer strategies available for securing DNS traffic and use some of those solutions to implement and monitor an easy to use DNS privacy solution that would completely hide all DNS data by TLS encrypting all DNS traffic and tightly controlling where and how that data becomes unencrypted on the Internet using VPN tunneling and Tor routed requests.\nThe ultimate goal would be the of a DNS system that completely controls all DNS traffic entering or exiting a network and provides assurance that you can be in complete control of who can see that data.\n

Currently a Senior Security Specialist at AppRiver, LLC., his team is responsible for global network deployments and manages the SecureSurf DNS infrastructure and the SecureTide spam & virus filtering platform, internal applications and security operations. He holds a CISSP certification and is well-versed in ethical hacking with more than 20 years experience.\n\nJim has presented at NolaCon, ITEN WIRED, BSides Las Vegas, BSides Atlanta, CircleCityCon, DEF CON, DerbyCon, BSides San Francisco and several smaller conferences. \n\nJim is a BSides Las Vegas senior staff member, on the ITEN WIRED Planning Committee and the president of the Florida Panhandle (ISC)2 Chapter.

Recorded at NolaCon 2019

Back to NolaCon 2019 video list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast