DNS(Domain Name System) is the crucial & ubiquitous fabric of the Internet. While we rely on accessing websites, applications, devices using a Fully Qualified Domain Name, on a daily basis, in a network, DNS can also be extremely valuable & effective defense layer in a multi-tiered security approach. This talk will give an introduction to DNS RPZ(Response Policy Zones) and how it can be leveraged to stop threats in the network.

The key takeaways for the talk are
1. Idea of a flat network & it’s constraints
2. How malware(C2/Botnets, phishing URL’s) leverages DNS
3. How a DNS Firewall(DNS Response Policy Zones) can mitigate threats at the resolution layer
4. Lessons learned in implementing this for 100+ networks in Tier-II & Tier-III cities

The intended audience for this talk are
1. System & network administrators
2. ISP’s
3. Anyone running a network :-)

Outline -

Idea of a flat network & it’s constraints
Threats and various insecurities in the network
DNS 101
Introduction to DNS Response Policy Zones/DNS Firewall
Live demo


Swapneel Patnekar

Swapneel Patnekar is network engineer & researcher with interests in networking(DNS, DNSSEC, BGP), Unix systems and security. As a technical trainer, he regularly conducts workshops on DNS, DNSSEC, Routing, Unix etc. He is also an APNIC Community Trainer & a RIPE Atlas Ambassador.

He is also the Managing Director of Shreshta IT Technologies Pvt. Ltd, a company based out of Belgaum, building & securing networks of micro, small & medium enterprises & network operators in Tier-II and Tier-III cities.


Starts at Saturday May 23 2020, 10:20 AM. The sessions runs for 30 minutes.