New Video: Donald McCarthy presented "passiveDNS For fun and Profit (Part 1)"

Brian Cluff brian at SnapTek.com
Thu Oct 31 17:53:20 MST 2019


Donald McCarthy presented "passiveDNS For fun and Profit (Part 1)" to 
the Phoenix Linux Users Group's Security meeting on Jul 18th, 2019

https://youtu.be/PyzfmcQwumY

If you DNS infrastructure has a bad day, your network has a bad day. If 
your DNS infrastructure has a good day, something else is bound to go 
wrong. PassiveDNS generally wont help you fix either.

PassiveDNS is a historical look at observed DNS queries over time. It is 
akin to The Internet Archive's Way Back Machine, but for DNS zones. Its 
utility as an operations and security tool is valuable and not easily 
replaced by another type of data.

In this presentation we will cover exactly what passiveDNS is and isn't, 
passiveDNS architecture, some security use cases, and if time allows 
some live demonstration.

In part 2 of the presentation (another month) I will demonstrate some 
passiveDNS tooling and more in depth practical knowledge to turn 
theoretical use cases into automated assistance for a SOC or NOC.

About Donald:
Donald "Mac" McCarthy is a 15 year veteran of the IT industry with the 
last 8 years focused on InfoSec. He has worked on a variety of different 
systems ranging from cash registers to super computers. It was while 
serving as a systems administrator for a scientific computing cluster 
that he discovered his passion for using linux for highly distributed 
complex tasks. His current focus is using linux with open source 
technologies like kafka and elastic search to build tooling for security 
analysts and network operations. He is a proud Veteran of the United 
States Army and recently relocated from Atlanta to the East Valley.


Feedback on the video is appreciated....

Enjoy,
Brian Cluff






More information about the PLUG-discuss mailing list