BSidesLV 2016 has ended
Welcome to BSidesLV 2016, our 8th annual BSides in beautiful Las Vegas, Nevada!
Wednesday, August 3 • 11:30 - 12:30
Domains of Grays.

Sign up or log in to save this to your schedule and see who's attending!

One of the most consistently reliable means for an attacker to gain access to an organization's computing resources is via phishing - by socially engineering an authorized user into providing access to the attacker by inadvertently disclosing their credentials. There are numerous ways that are currently in use to prevent phishing already, but there is always room for improvement. In this case, we propose taking a spam-mitigation measure, greylisting, and applying it to DNS such that it will hamper the ability of phishers to complete a common type of attack. Additionally, this methodology will also mitigate other, similar threats that rely on fast resolution of DNS in order to function correctly. We will be providing a POC implementation for DNS greylisting so that you can evaluate its effectiveness as well.

avatar for Eric Rand

Eric Rand

Systems Mangler, Brown Hat Security
An amateur blacksmith, an amateur radio operator, and a professional know-it-all, Eric has had a deep appreciation for the lore surrounding the IT world for many years. When he's not digging through obscure fora to find out who thought XCHG EAX:EAX was a good idea for a NOP command... Read More →

Wednesday August 3, 2016 11:30 - 12:30
Breaking Ground Florentine A