Abstract

DNS(Domain Name System) is the critical & ubiquitous fabric of the Internet and it is used for genuine reasons and also abused by bad actors for malicious purposes.

Statistically, based on a number of research papers, majority of the newly registered domains are used for malice (phishing, ransomware, malware etc).

Passive DNS technique provides an option to Security professionals( Incident Responders, SOC Analysts, Malware Researchers ) and Law enforcement to dive into mapping the DNS infrastructure of the bad actors and facilitate takedowns.

In this presentation, I will be introducing Passive DNS (briefly) and will be sharing two personal use cases of using Passive DNS to,
1. Uncover Godaddy Domain shadowing
2. Map DNS infrastructure of bad actors and report for takedown

Note - As a bonus for Star Wars fans, the talk has a few references to Droids :-)

Speaker

Swapneel Patnekar

Swapneel Patnekar is network engineer & researcher with interests in networking(DNS, DNSSEC, BGP), Unix systems and security. As a technical trainer, he regularly conducts workshops on DNS, DNSSEC, Routing, Unix etc. He is also an APNIC Community Trainer & a RIPE Atlas Ambassador.

He is also the Managing Director of Shreshta IT Technologies Pvt. Ltd, a company based out of Belgaum, building & securing networks of micro, small & medium enterprises & network operators in Tier-II and Tier-III cities.

Timing

Starts at Saturday August 29 2020, 09:30 AM. The sessions runs for about 1 hour.

Resources