PPT-DNS Security Information Security

CS 526 Omar Chowdhury 1292015 Topic RBAC 1 Reading for This Lecture Optional First attack by Schuba and Spafford httpwwwopenbsdorgadvisoriessni12resolveridtxt An Illustrated Guide to the . EE122 Fall 2011. Scott Shenker. http://. inst.eecs.berkeley.edu. /~ee122/. Materials with thanks to Jennifer Rexford, Ion . Stoica. , Vern . Paxson. and other colleagues at Princeton and UC Berkeley. DNS is the system that provides name to address mapping for the internet.. Name Space. The names assigned to machines must be unique because the addresses are unique. A name space that maps each address to a unique name can be organized in two ways: . Theory. 1. How DNS works. Theory. 2. 3. How DNS Works - Theory. Domain names. Arranged in a tree. Cut into zones. Each served by a nameserver. 4. How DNS Works - Theory. Domain name space consists of a tree of domain names. Curtis Taylor. taylorcr@ornl.gov. Craig . Shue. cshue@. ornl.gov. Outline. Automated Attacking. Costs to Organizations. Some Observations. Our Approach. Lightweight Capabilities. Fast Flux Defense. Future Directions. What is DNS?. 1. Domain Name System. The . Domain Name System (DNS) is used to resolve human-readable . hostnames . into machine-readable IP . addresses.. How does DNS Works?. 2. How Does DNS Works?. Jun Ho Huh. Research Scientist. Cybersecurity Lab. . Saurabh Verma, . Ali Hamieh, Jun Huh Ho, Siva Raj Rajagopalan, Maciej Korczynski, Nina Fefferman.. . 1. Motivation . money talks!. . 2. It’s becoming very serious!. 0. DNS. DHCP. 管理. 運用. DDNS. Ease of Redundancy. Ease of UI. Backup. Restoration. U. pdates. Ease of :. Focus on DHCP/DNS/Dynamic DNS (D3). Robust Hardware, Ease of UI, High Availability and Secure Software. Sylvia Ratnasamy. http://inst.eecs.berkeley.edu/~ee122. /. Material thanks to Ion . Stoica. , Scott . Shenker. , Jennifer Rexford, Nick . McKeown. , and many other colleagues. Announcements. Project 3 out on Wednesday, Oct 30. Port numbers for applications. MAC addresses for . hardware. IP . addresses for a way to send data in a smart, routable way. Addressing So Far. Problems with MACs/IPs/Ports. Humans . are . bad at. remembering strings of numbers. APNIC. https://. xkcd.com. /1361/. Why?. Because everything you do on the net starts with a call to the DNS. If we could see your stream of queries in real time we could assemble a detailed profile of you and interests and activities. Qurat-Ul-Ann Akbar, Northwestern U. . Marcel Flores, Northwestern U.. Aleksandar. Kuzmanovic, Northwestern U.. http://networks.cs.northwestern.edu. Internet Censorship is a prevalent problem . Jun Ho Huh. Research Scientist. Cybersecurity Lab. . Saurabh Verma, . Ali Hamieh, Jun Huh Ho, Siva Raj Rajagopalan, Maciej Korczynski, Nina Fefferman.. . 1. Motivation . money talks!. . 2. It’s becoming very serious!. Id-NS Project – The National Secure DNS Initiatives. Muhammad Salahuddien – Deputy of Operation and Network Security. Growth, 90+ . M . users, 45+ . M . students, . 200. + Gb/s traffic (transit, IX, CDN), 200% rising local . Making Windows DNS Server Cloud Ready. ~Kumar Ashutosh, Microsoft. Windows DNS Server. Widely deployed in enterprises . Fair presence in the DNS resolver . space. Standards compliant and interoperable.