Domain Name System (DNS) protection

• 1. Introduction to DNS and its Security Challenges – meet the problems

  (slides) (recording)
  The Domain Name System (DNS) is one of the core services of the Internet as we know it today. DNS was designed in 1983 and has been a critical part of the Internet infrastructure ever since.

  This session gives an overview of how DNS works and, crucially, what the security implications of its design and operation are.

• 2. DNS for Network Defence – Using DNS to protect and observe

  (slides) (recording)
  DNS is not only used for the mapping of names to IP addresses and vice versa.

  This module shows several use cases using information provided by DNS servers that can be used to protect the local network from malicious activities, such as SPAM or drive-by infections. This is followed by a block on monitoring DNS queries to collect information about ongoing intruder activity on an organisation’s network.

• 3. DNSSEC – Protecting the integrity of the Domain Naming System

  (slides) (recording)
  Although hampered by slow adoption, DNSSEC has proven to deal effectively with the integrity problems of DNS.

  This module introduces the general concepts of DNSSEC and provided a practical example by implementing DNSSEC in a local zone.

• 4. DNS Privacy Protocols – Encrypted DNS queries for privacy protection

  (slides) (recording)
  With the integrity of DNS taken care of by DNSSEC, inspection of DNS query data has been used by various actors on the internet for both good and bad purposes. “DNS over TLS” (DoT) and “DNS over HTTPS” (DoH) have been created as ways to mitigate the latter, while unfortunately also interfering with the former.

  The module gives insights into the workings and configuration of DoT and DoH and explains the trade-offs organisations’ network administrators have to make between security and privacy, as well as showing how some of these can be dealt with.