Abstract

DNS(Domain Name System) is the critical & ubiquitous fabric of the Internet and it is used for genuine reasons and also abused by bad actors for malicious purposes.

Statistically, based on a number of research papers, majority of the newly registered domains are used for malice (phishing, ransomware, malware etc).

Passive DNS technique provides an option to Security professionals( Incident Responders, SOC Analysts, Malware Researchers ) and Law enforcement to dive into mapping the DNS infrastructure of the bad actors and facilitate takedowns.

In this presentation, I will be introducing Passive DNS (briefly) and will be sharing two personal use cases of using Passive DNS to,
1. Uncover Godaddy Domain shadowing
2. Map DNS infrastructure of bad actors and report for takedown

Note - As a bonus for Star Wars fans, the talk has a few references to Droids :-)

Speaker

Swapneel Patnekar

Swapneel is the CEO at Shreshta IT and a network security engineer working in Information Security for 15+ years.

He has been a board member of the India Internet Engineering Society(IIESOC). He has been a Program Committee member of Indian Network Operators Group(INNOG) and APNIC conferences.

He is an APNIC Community Trainer and has delivered workshops in Myanmar, Papua New Guinea, and Bangladesh on Information Security, Network Security, and DNS/DNSSEC. He is also a member of the Forum of Incident Response and Security Teams (FIRST) DNS Abuse SIG.

He is a prolific speaker, and most recently, he has presented at numerous international security and privacy conferences such as sdns2021, SANOG37, BSides Dayton, 2020 FIRST Virtual Symposium for Latin America and the Caribbean, APNIC50, UKNOF July, APNIC NFH SEA, LKNOG3.

Timing

Starts at Saturday August 29 2020, 09:30 AM. The sessions runs for about 1 hour.

Resources