AI, Data Science & Cloud Certificates from Google, IBM & Meta
Learn EDR Internals: Research & Development From The Masters
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore the intricacies of DNS security in this 48-minute conference talk from DerbyCon 4. Delve into various DNS request types, cross-site scripting vulnerabilities in logs, SQL injection techniques, and the often-overlooked Gopher protocol. Examine the potential risks of shell injection and gain insights into DNS rebinding attacks. Analyze the DNS protocol, traffic forwarding methods, and shellcode payloads. Learn to detect and mitigate these threats to enhance your network's security posture.
Syllabus
Intro
You know the drill...
Things I'm going to talk about
Request types
The scenario...
Cross-site scripting in logs?
SQL Injection
Interesting sidenote... Gopher!
Shell injection - result?
DNS Re-binding summary
The protocol
Traffic forwarding
Shellcode (aka, exploit payload)
Detection