PLUG's Security Meeting, Thurs July 18th - passiveDNS For fu…

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
 
 
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ infhiipekjnknkhl.png (image/png)
+ (text/plain)
+ (text/plain)
Delete this message
Reply to this message
Author: PLUG Announcements
Date:  
To: plug-announce
Subject: PLUG's Security Meeting, Thurs July 18th - passiveDNS For fun and Profit (Part 1)

*PLUG's *Security Meeting

Meets on the*3rd Thursday of every month*, starting at 7pm.
For more information see:
https://phxlinux.org/index.php/meetings/20-plug-security.html

------------------------------------------------------------------------
At this month's PLUG Security meeting:
*Donald McCarthy: passiveDNS For fun and Profit (part1)*

For more information:
http://phxlinux.org/index.php/meetings/20-plug-security.html

*Description*:
If you DNS infrastructure has a bad day, your network has a bad day. If
your DNS infrastructure has a good day, something else is bound to go
wrong. PassiveDNS generally wont help you fix either.

PassiveDNS is a historical look at observed DNS queries over time. It is
akin to The Internet Archive's Way Back Machine, but for DNS zones. Its
utility as an operations and security tool is valuable and not easily
replaced by another type of data.

In this presentation we will cover exactly what passiveDNS is and isn't,
passiveDNS architecture, some security use cases, and if time allows
some live demonstration.

In part 2 of the presentation (another month) I will demonstrate some
passiveDNS tooling and more in depth practical knowledge to turn
theoretical use cases into automated assistance for a SOC or NOC.

*About Donald*:
Donald "Mac" McCarthy is a 15 year veteran of the IT industry with the
last 8 years focused on InfoSec. He has worked on a variety of different
systems ranging from cash registers to super computers. It was while
serving as a systems administrator for a scientific computing cluster
that he discovered his passion for using linux for highly distributed
complex tasks. His current focus is using linux with open source
technologies like kafka and elastic search to build tooling for security
analysts and network operations. He is a proud Veteran of the United
States Army and recently relocated from Atlanta to the East Valley.*

*
------------------------------------------------------------------------

*Meeting Location*:
Desert Breeze Substation
251 North Desert Breeze Blvd West
Chandler, AZ 85226 

The Desert Breeze Substation is on Chandler Blvd and Desert Breeze Blvd, 
which is half way between McClintock and Rural.  It is very close
to both the south 202 and 101 freeways.  Public transportation is
available into the late hours.
    <https://www.google.com/maps/place/251+Desert+Breeze+Blvd+W,+Chandler,+AZ+85226/@33.3076899,-111.9220921,17z/data=%214m5%213m4%211s0x872b06cdd50c43c7:0x7d3e9c66bdb7f8a2%218m2%213d33.3070191%214d-111.9193025?hl=en>


See the meeting information on our web site
<http://phxlinux.org/index.php/meetings/20-plug-security.html> for more
information.

See you there,
Brian Cluff


_______________________________________________
PLUG-announce mailing list -
https://lists.phxlinux.org/mailman/listinfo/plug-announce
PLUG Website at http://PhxLinux.org/---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss
This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Re: ClusterSSH in screen?Mint update fails ...->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)