Coursera Plus Annual is 40% Off — Ends July 6.

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

The Cost of Complexity - Different Vulnerabilities While Implementing the Same RFC

Black Hat via YouTube

Start learning Write review
Simplilearn Ad

Lead AI Strategy with UCSB's Agentic AI Program — Microsoft Certified

Learn More → CodeSignal Ad

Learn Generative AI, Prompt Engineering, and LLMs for Free

Learn More →

Overview

AI, Data Science & Cloud Certificates from Google, IBM & Meta — 40% Off
One plan covers every Professional Certificate on Coursera. 40% off Coursera Plus Annual.
Unlock All Certificates
Explore the security implications of complexity and ambiguity in RFC implementations through a 36-minute Black Hat conference talk. Analyze the vulnerabilities arising from different interpretations of RFC 1035's message compression in TCP/IP stacks. Delve into the 20-year history of compression vulnerabilities, examine newly discovered issues, and discuss affected devices. Learn about anti-patterns, supply chain impacts, and potential solutions including improved documentation, static analysis, device fingerprinting, and intrusion detection. Gain insights from speakers Daniel dos Santos and Shlomi Oberman on the critical intersection of protocol complexity and cybersecurity.

Syllabus

Intro
Why look more closely at DNS?
Domain Name System (DNS)
DNS encoding and compression
20 years of compression vulnerabilities
New vulnerabilities
Anti-Pattern #1
Affected devices
Again, the supply chain
Better documentation
Static analysis
Device fingerprinting
Intrusion detection

Taught by

Black Hat

Reviews

Start your review of The Cost of Complexity - Different Vulnerabilities While Implementing the Same RFC

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.