This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Treść dostarczona przez Black Hat/ CMP Media, Inc. and Jeff Moss. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Black Hat/ CMP Media, Inc. and Jeff Moss lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Player FM - aplikacja do podcastów
Przejdź do trybu offline z Player FM !
Przejdź do trybu offline z Player FM !
Jerry Schneider: Reflection DNS Poisoning
MP3•Źródło odcinka
Manage episode 153226780 series 1085097
Treść dostarczona przez Black Hat/ CMP Media, Inc. and Jeff Moss. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Black Hat/ CMP Media, Inc. and Jeff Moss lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Targeting an enterprise attack at just a few employees seems to be yielding the best results, since it lowers the risk of discovering the exploit. Yet the typical DNS cache poisoning approach, aimed at various levels in the DNS server hierarchy or the enterprise server itself, is not as effective as it could be, primarily because so many people are affected that detection is rapid...
There is one approach to DNS cache poisoning that can control the attack surface and is particularly effective when executed from within the enterprise. Rather than attempting to poison the enterprise DNS server or other external caches, the internal DNS cache within a Windows PC is targeted. Additionally, forensic analysis of the infected PC is hindered by the TimeToLive and volatility of these cache entries.
I will demonstrate this type of attack using two machines on a local lan, and include some analysis of the firewall and configuration issues needed to defend against this type of exploit.
…
continue reading
There is one approach to DNS cache poisoning that can control the attack surface and is particularly effective when executed from within the enterprise. Rather than attempting to poison the enterprise DNS server or other external caches, the internal DNS cache within a Windows PC is targeted. Additionally, forensic analysis of the infected PC is hindered by the TimeToLive and volatility of these cache entries.
I will demonstrate this type of attack using two machines on a local lan, and include some analysis of the firewall and configuration issues needed to defend against this type of exploit.
89 odcinków
Jerry Schneider: Reflection DNS Poisoning
Black Hat Briefings, USA 2007 [Audio] Presentations from the security conference.
MP3•Źródło odcinka
Manage episode 153226780 series 1085097
Treść dostarczona przez Black Hat/ CMP Media, Inc. and Jeff Moss. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Black Hat/ CMP Media, Inc. and Jeff Moss lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Targeting an enterprise attack at just a few employees seems to be yielding the best results, since it lowers the risk of discovering the exploit. Yet the typical DNS cache poisoning approach, aimed at various levels in the DNS server hierarchy or the enterprise server itself, is not as effective as it could be, primarily because so many people are affected that detection is rapid...
There is one approach to DNS cache poisoning that can control the attack surface and is particularly effective when executed from within the enterprise. Rather than attempting to poison the enterprise DNS server or other external caches, the internal DNS cache within a Windows PC is targeted. Additionally, forensic analysis of the infected PC is hindered by the TimeToLive and volatility of these cache entries.
I will demonstrate this type of attack using two machines on a local lan, and include some analysis of the firewall and configuration issues needed to defend against this type of exploit.
…
continue reading
There is one approach to DNS cache poisoning that can control the attack surface and is particularly effective when executed from within the enterprise. Rather than attempting to poison the enterprise DNS server or other external caches, the internal DNS cache within a Windows PC is targeted. Additionally, forensic analysis of the infected PC is hindered by the TimeToLive and volatility of these cache entries.
I will demonstrate this type of attack using two machines on a local lan, and include some analysis of the firewall and configuration issues needed to defend against this type of exploit.
89 odcinków
Kaikki jaksot
×Zapraszamy w Player FM
Odtwarzacz FM skanuje sieć w poszukiwaniu wysokiej jakości podcastów, abyś mógł się nią cieszyć już teraz. To najlepsza aplikacja do podcastów, działająca na Androidzie, iPhonie i Internecie. Zarejestruj się, aby zsynchronizować subskrypcje na różnych urządzeniach.