BSidesLV 2016 has ended
Welcome to BSidesLV 2016, our 8th annual BSides in beautiful Las Vegas, Nevada!
Back To Schedule
Tuesday, August 2 • 17:30 - 18:00
DNS Hardening - Proactive Network Security Using F5 iRules and Open Source Analysis Tools

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

DNS is the engine that drives the Internet. Almost all Internet activity makes use of DNS to properly route traffic. Most times, end users and service providers set up their DNS and promptly forget about the service. Rarely do they look at the log data or analyze traffic hitting their DNS servers. Providers can limit cache server exposure through access lists. Authoritative servers can gain some protection by using Anycast addressing. But in the end, DNS typically remains vulnerable to DNS amplification attacks, DDoS and other malicious traffic and is a lynchpin for almost every network.

As a DNS service provider, we faced unique challenges. How could we offer open DNS cache resolution while protecting the integrity of our service? How could we use data collected to uncover network compromise? How could we detect and mitigate DNS attacks before they impact customer-facing services? How could we give customers the tools needed to isolate compromised machines on their LAN? This is the abbreviated story of that journey. The answers are found in the data combined with the use of open source tools including Graylog, Elasticsearch and Kibana. My hope is that sharing our experiences can make life better for your network.

avatar for Dave Lewis

Dave Lewis

Global Advisory CISO, Cisco
Dave has 30 years of industry experience. He has extensive experience in IT operations and management. Dave is a Global Advisory CISO for now Cisco. He is the founder of the security site Liquidmatrix Security Digest and host of DuoTV and the Plaintext podcast. Dave is currently working... Read More →

avatar for Jim Nitterauer

Jim Nitterauer

Director Information Security, Graylog, Inc.
Currently a Senior Security Specialist at AppRiver, LLC., his team is responsible for global network deployments and manages the SecureSurf DNS infrastructure and the SecureTide spam & virus filtering platform, internal applications and security operations. He holds a CISSP certification... Read More →

Tuesday August 2, 2016 17:30 - 18:00 PDT
Proving Ground Florentine E