presenters
play

Presenters Tim April Rod Rasmussen Jay Daley | 5 Recent Domain - PowerPoint PPT Presentation

Sep 15, 2023 •161 likes •444 views

Presenters Tim April Rod Rasmussen Jay Daley | 5 Recent Domain Registration Hijacking 1. Attackers had the ability to modify registration records at the registry, typically by compromising login credentials 2. Attackers changed DNS

  5. Presenters ◉ Tim April ◉ Rod Rasmussen ◉ Jay Daley | 5

  7. Recent Domain Registration Hijacking 1. Attackers had the ability to modify registration records at the registry, typically by compromising login credentials 2. Attackers changed DNS delegations (NS) pointing the zones to the attackers' DNS servers. A and MX records also modified. 3. Once zones were redirected, attackers impersonated services hosted by the victims (e.g., e-mail, websites) 4. Attackers could Man-In-The-Middle (MITM) user traffic | 7

  9. A Review This section contains advice on securing the registrant to registrar interface For most of the audience this is going to be a review of things they already know | 9

  10. Credential Management ◉ Registrant credentials are critical for protecting zones ◉ Strong passwords are very important ◉ Multi-factor Authentication adds an additional layer(s) of protection, specifically helps against some MITM attacks etc ◉ The email address used for registrar communications should also have strong credentials as this path is used to reset registrar passwords and are targeted frequently ◉ Don’t forget credentials for email... | 10

  11. Credential Management: MFA ◉ Multi Factor Authentication(MFA) or 2-Factor Authentication(2FA) ◉ Use when offered, ask for it when it’s not ◉ Provides an additional layer of security over just using passwords | 11

  12. Credential Management: MFA ◉ Common MFA / 2FA types, roughly in order of preference ○ Universal 2nd Factor (U2F) most preferred ○ Time-based One-Time Password (TOTP) ○ HMAC-based One-Time Password (HOTP) ○ SMS Passcode ○ Phone Based Verification least preferred | 12

  13. Credential Management: Passwords Source: https://xkcd.com/936/ | 13

  14. Credential Management: Review ◉ Do: ○ Use strong unique passwords ○ Use a password manager ○ Use MFA ◉ Don’t: ○ Share passwords ○ Re-use passwords across multiple accounts | 14

  15. Email Security ◉ Email accounts, used for password resets, are often targets ◉ Senders: Use DMARC with SPF and/or DKIM ◉ Receivers: Enforce DMARC and SPF for mail, verify DKIM signatures ◉ Do not use a personal email address for critical domains (e.g., user@freemail.tld) ○ Use email address of a role in the organization (e.g., role@organization.tld) | 15

  16. Email Security (continued) ◉ Protect Email Access ○ Harden your email access to withstand MITM attacks ○ Require Transport Layer Security (TLS) ○ Use MFA for authentication ◉ Protect against phishing attacks ○ Conduct regular phishing training ○ Use spam filtering | 16

  17. Registry Locks ◉ Enable registry locks when available ◉ Registry locks must be disabled to make changes to records ◉ Not all registries or registrars support registry locks ○ Often comes at an extra charge ◉ Area for future work: registry lock process standardization | 17

  18. DNSSEC ◉ Sign your DNS zones ◉ Require users and services to use validating resolvers ◉ Will not protect from all types of attacks, but provides enhanced integrity protection ◉ DNSSEC Signed zones were less impacted than others in recent attacks ◉ DNSSEC Signed zones were like canaries in recent attacks | 18

  19. Be Careful What Nameservers You Use ◉ The security practices of your nameserver domain name and operators are just as important to the security of your own domain name | 19

  20. Monitoring ◉ Monitor your DNS infrastructure ◉ Monitor your DNS zones ◉ Monitor parent/registry for changes ◉ Monitor TLS certificate transparency logs ◉ Monitor for DNSSEC validation failures ◉ Monitor your nameserver records | 20

  22. Relevant SSAC Publications ◉ SAC040: Measures to Protect Domain Registration Services Against Exploitation or Misuse ◉ SAC044: A Registrant's Guide to Protecting Domain Name Registration Accounts ◉ SAC049: SSAC Report on DNS Zone Risk Assessment and Management ◉ SAC074: SSAC Advisory on Registrant Protection: Best Practices for Preserving Security and Stability in the Credential Management Lifecycle | 22

  24. Conclusions ◉ This is not the last time we will see these kinds of attacks ◉ Deploy security in-depth, there is no holy grail ○ Secure the credentials used to access your registrar ○ Use MFA where possible ○ Secure email addresses used for password reset ○ Deploy DNSSEC signing and validation ◉ Use Registry Locks ◉ Monitor your domains | 24

  25. Conclusions (Continued) Most of us are already aware of this advice, but here we are saying it again. Isn’t it time we have better industry security standards that all registrars are required to adopt? | 25

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

U.S., the U.K. and France April 18, 2018 1 Presenters 2 Presenters 3 Presenters 4

U.S., the U.K. and France April 18, 2018 1 Presenters 2 Presenters 3 Presenters 4

Anti-Corruption Enforcement: Analyzing the Enforcement Approaches of the U.S., the U.K. and France April 18, 2018 1 Presenters 2 Presenters 3 Presenters 4 Presenters 5 Topics Statutes and Jurisdiction Specific Differences:

703 views • 52 slides
Attendees: approx. 45 residents Attendees: approx. 45 residents Presenters: 5 presenters/outside

Attendees: approx. 45 residents Attendees: approx. 45 residents Presenters: 5 presenters/outside

Attendees: approx. 45 residents Attendees: approx. 45 residents Presenters: 5 presenters/outside people: Officer Whetston (APD), Mary Rudrig (LoveNorthAustin.com & NxNA Garden Tour), Sabrina Joblin (Adelphi Acre), Kernan Hornburg (WXNA) Board

833 views • 40 slides
A Reference Guide for Conference Presenters Planning Your Presentation As presenters we sometimes

A Reference Guide for Conference Presenters Planning Your Presentation As presenters we sometimes

A Reference Guide for Conference Presenters Planning Your Presentation As presenters we sometimes get so focused on presenting the information we think is important that we forget the audience. What do they expect? What are their needs? These

331 views • 4 slides
Taxing E-Cigarettes: the Next (Complicated) Frontier March 26, 2015 PRESENTERS PRESENTERS: Mark

Taxing E-Cigarettes: the Next (Complicated) Frontier March 26, 2015 PRESENTERS PRESENTERS: Mark

Taxing E-Cigarettes: the Next (Complicated) Frontier March 26, 2015 PRESENTERS PRESENTERS: Mark Meaney, JD, MA , Staff Attorney Tobacco Control Legal Consortium, Public Health Law Center Molly Moilanen, MPP , Director of Public Affairs ClearWay

1.36k views • 70 slides
HEROS Frequently Asked Questions WEBINAR SERIES 2020 Presenters Presenters: Lauren Hayes

HEROS Frequently Asked Questions WEBINAR SERIES 2020 Presenters Presenters: Lauren Hayes

HEROS Frequently Asked Questions WEBINAR SERIES 2020 Presenters Presenters: Lauren Hayes Knutson and Sean Joyner (Office of Environment and Energy) Moderator: Ben Sturm (Cloudburst) Presentation is in listen-only mode Q & A session

1.15k views • 75 slides
FOR PRESENTERS G ENERAL GUIDELINES FOR SPEAKERS & PRESENTERS Avo void backli lights or r

FOR PRESENTERS G ENERAL GUIDELINES FOR SPEAKERS & PRESENTERS Avo void backli lights or r

GENERAL GUIDELINES FOR PRESENTERS G ENERAL GUIDELINES FOR SPEAKERS & PRESENTERS Avo void backli lights or r lights Dress as if you wer ere Clea ean, neu eutral l background fr from ab above you our hea ead pres pr esentin ing

509 views • 7 slides
HEROS Frequently Asked Questions WEBINAR SERIES 2016 Presenters Presenters: Lauren Hayes,

HEROS Frequently Asked Questions WEBINAR SERIES 2016 Presenters Presenters: Lauren Hayes,

HEROS Frequently Asked Questions WEBINAR SERIES 2016 Presenters Presenters: Lauren Hayes, Lauren McNamara, and Liz Zepeda (HUD OEE) Moderator: Ben Sturm (Cloudburst) Presentation is in listen-only mode Q & A session at end of

743 views • 45 slides
HEROS Frequently Asked Questions WEBINAR SERIES 2017 Presenters Presenters: Lauren Hayes,

HEROS Frequently Asked Questions WEBINAR SERIES 2017 Presenters Presenters: Lauren Hayes,

HEROS Frequently Asked Questions WEBINAR SERIES 2017 Presenters Presenters: Lauren Hayes, Lauren McNamara, and Liz Zepeda (HUD OEE) Moderator: Ben Sturm (Cloudburst) Presentation is in listen-only mode Q & A session at end of

1.09k views • 53 slides
Native Bank On: Addressing Native Banking Access September 18, 2019 PRESENTERS Christy Finsel

Native Bank On: Addressing Native Banking Access September 18, 2019 PRESENTERS Christy Finsel

Native Bank On: Addressing Native Banking Access September 18, 2019 PRESENTERS Christy Finsel Executive Director, Oklahoma Native Assets Coalition, Inc. PRESENTERS Paige Diner Associate, Cities for Financial Empowerment Fund PRESENTERS

897 views • 27 slides
Oral Presentation Guidelines The presenters will have about 15 minutes to present their paper.

Oral Presentation Guidelines The presenters will have about 15 minutes to present their paper.

Oral Presentation Guidelines The presenters will have about 15 minutes to present their paper. The main purpose of these sessions is to allow presenters the opportunity to convey the importance of their research to a large gathering audience.

61 views • 3 slides
One Study - Two Dissertations **May not use without permission from the presenters. Please see

One Study - Two Dissertations **May not use without permission from the presenters. Please see

Evidence-based Practices for Autism Spectrum Disorders: Through the Eyes of Practitioners, Sustaining, and Scaling-up in the Educational Setting Sue Corbin and Susan Harmeyer **May not use without permission from the presenters. Please see

452 views • 43 slides
Instructions for Presenters Thank you for participating in SCURC 201 7 ! Please take careful note

Instructions for Presenters Thank you for participating in SCURC 201 7 ! Please take careful note

ACS/SAACS SCURC 201 7 , University of California, Los Angeles Instructions for Presenters Thank you for participating in SCURC 201 7 ! Please take careful note of the instructions below. POSTER PRESENTERS Posters should be no larger than 48 x

541 views • 5 slides
for the Cloud April 2016 Austin Openstack Summit Panelists & Presenters Panelists &

for the Cloud April 2016 Austin Openstack Summit Panelists & Presenters Panelists &

Panel Discussion: Performance Measuring Tools for the Cloud April 2016 Austin Openstack Summit Panelists & Presenters Panelists & Presenters Douglas Shakshober Das Kamhout XiaoFei Wang Nicholas Wakou Yuting Wu Red Hat Intel

408 views • 27 slides
1 Presentation Agenda Presenters Organization Chart Project Scope Challenges &

1 Presentation Agenda Presenters Organization Chart Project Scope Challenges &

1 Presentation Agenda Presenters Organization Chart Project Scope Challenges & Key Milestones Project Approach Similar Projects/Lessons Learned Summary Q & A 2 Our Presenters Jorge Ortiz, PE Senior

639 views • 15 slides
EPA 2016 PACCAR MX-11 Engine Month XX, 20XX EPA 2016 PACCAR MX-11 Engine PRESENTERS NAME

EPA 2016 PACCAR MX-11 Engine Month XX, 20XX EPA 2016 PACCAR MX-11 Engine PRESENTERS NAME

EPA 2016 PACCAR MX-11 Engine Month XX, 20XX EPA 2016 PACCAR MX-11 Engine PRESENTERS NAME PRESENTERS POSITION TRADITION OF ENGINE INNOVATION MX, NA PX MX, EU MX 11, EU DD575 PR 1960 1970 1980 1990 2000 2010 2015 Turbo

783 views • 30 slides
Disclosures The presenters have nothing to disclose (

Disclosures The presenters have nothing to disclose (

9/30/15 Disclosures The presenters have nothing to disclose ( except a nerdy passion for an0coagula0on ) Atrial Fibrilla0on: Developing a pathway to

284 views • 9 slides
Fellowship Hall Wi-Fi Network Access SSID: Fellowship_Hall-guest_2GHz Password: guest TVCUC,

Fellowship Hall Wi-Fi Network Access SSID: Fellowship_Hall-guest_2GHz Password: guest TVCUC,

Fellowship Hall Wi-Fi Network Access SSID: Fellowship_Hall-guest_2GHz Password: guest TVCUC, Connecting Your World TVCUC, Connecting Your World Welcome and Opening Comments Bylaws Change Review & Vote New Member Welcome

743 views • 60 slides
Building Environmental JusticeTogether Jeanette Fitzsimons address to The Salvation Army

Building Environmental JusticeTogether Jeanette Fitzsimons address to The Salvation Army

Building Environmental JusticeTogether Jeanette Fitzsimons address to The Salvation Army Just Action Conference, Auckland, 19 September 2013 First I must take issue with the theme of your conference. How can we rebuild justice when there

489 views • 11 slides
A Farewell to Trust: An Approach to Confidentiality Control in the Cloud Asmund Ahlmann Nyre ,

A Farewell to Trust: An Approach to Confidentiality Control in the Cloud Asmund Ahlmann Nyre ,

A Farewell to Trust: An Approach to Confidentiality Control in the Cloud Asmund Ahlmann Nyre , Stian Alapnes and Gansen Zhao Martin Gilje Jaatun , SINTEF ICT, Norway Email: { martin.g.jaatun,aasmund.a.nyre } @sintef.no

369 views • 5 slides
ABOUT TRAINER ABOU 2 My Name Is Is Vikra kram, m, I I Am A A Full - Time T rader, T

ABOUT TRAINER ABOU 2 My Name Is Is Vikra kram, m, I I Am A A Full - Time T rader, T

ABOUT TRAINER ABOU 2 My Name Is Is Vikra kram, m, I I Am A A Full - Time T rader, T rainer, Y ouT uber and Fou ounder of Tradi ding ng educati tiona nal blog pivotc tcall. ll.co com m and a YouT ube c channel called pivo

149 views • 11 slides
Beta Presentation My Conference Room The Capstone Experience Team GM Thomas Smale Dan Bachelis

Beta Presentation My Conference Room The Capstone Experience Team GM Thomas Smale Dan Bachelis

Beta Presentation My Conference Room The Capstone Experience Team GM Thomas Smale Dan Bachelis Jeff Girbach Matt Tarnowsky Department of Computer Science and Engineering Michigan State University Spring 2013 From Students to

537 views • 19 slides
Software smart by design. SoftMachine.ws 1 PAGE Who We Are We design,

Software smart by design. SoftMachine.ws 1 PAGE Who We Are We design,

Software smart by design. SoftMachine.ws 1 PAGE Who We Are We design, supply, implement and support customized software development , including development of Internet and intranet applications, SQL based database

433 views • 14 slides
The Internet of Things Afloat by Digital Yacht What is the Internet of Things ? The

The Internet of Things Afloat by Digital Yacht What is the Internet of Things ? The

The Internet of Things Afloat by Digital Yacht What is the Internet of Things ? The Internet of Things (IoT ). A proposed development of the Internet in which everyday objects have network connectivity, allowing them to send

575 views • 24 slides
Where does architecture end and technology begin? Rami Razouk The Aerospace Corporation

Where does architecture end and technology begin? Rami Razouk The Aerospace Corporation

Where does architecture end and technology begin? Rami Razouk The Aerospace Corporation Introduction Over the last several years, the software architecture community has reached significant consensus about what we mean by architecture; what

225 views • 5 slides

More recommend