The Ohio Information Security Forum is a group of enthusiasts and professionals involved in information security, networking, system administration, engineering, and other computing environments. I was asked to present on the following topic to the group on April 12th, 2007. My presentation will be posted online and also with OISF (www.ohioinfosec.org).
Presentation: DNS Protocol Design, Attacks, and Security - Michael Earls
This presentation will cover topics related to DNS with regards to design, attacks, and security including:
DNS Reconnaissance
Cache Poisoning using DNS
Denial of Service Attack (Query Flooding DNS)
Man in the Middle Attacks (DNS Hijacking)
DNS Design Best Practice
A seasoned networking and security technology implementer and planner, Michael has extensive experience with large and complex IT environments in finance and healthcare. His experiences as both an IT end-user and a consulting engineer enable him to consider both realistic business use and technical requirements in designing systems. Michaels areas of expertise in IT networking and security include: switching and routing; application high availability; application traffic load balancing; core network services (including DNS, DHCP, etc); BGP; 802.11* wireless; firewalls; IPSec VPNs; and strong authentication. He also contributes to open source projects for IP Address Management (phpIP) and syslog-to-mySQl (php-syslog-ng). At Nexum, Michael is a senior security engineer, diagnosing complex issues and designing, testing, implementing sound and secure application delivery systems.
Michael also holds a wide range of certifications including:
Cisco Certified Network Professional (CCNP)
Microsoft Certified Professional (MCP+I)
Microsoft Certified Systems Engineer (MCSE)
Infoblox Certified Systems Associate (CISA)
F5 Certified System Engineer (F5-SE-LTM)
F5 Certified System Engineer (F5-SE-GTM)
F5 Certified System Engineer (F5-SE-FirePass)
|
