DNS Security @ SharkFest’25 EU

Authentication, Conference Talks, DNS/DNSSEC, Privacy, , , , , , , , ,

I was presenting at the annual “Wireshark Developer and User Conference“, the SharkFest’25 EU, talking about “Securing DNS – Attacks and Defences“. It covered all the buzzwords related to DNS security, such as malware using DNS, DNS spoofing, DNS exfiltration & tunnelling, while defending them with the keywords as DNSSEC, DoH/DoT, feeds & blocklists, and so on.

Quite many techniques. ;) Luckily, the whole session was recorded. So if you’re interested, have a look!

DNS is a foundational part of the Internet – but also a prime target for attackers. In this talk, we dive into common DNS attack vectors like spoofing, command-and-control traffic via DNS, or DNS tunnelling. We’ll explore modern defence mechanisms such as DNSSEC, DNS-over-HTTPS (DoH), and DNS-over-TLS (DoT), and how they help protect DNS integrity and privacy. You’ll also get insights into leveraging threat intel and malware feeds to detect malicious domains, plus a look at useful tools for DNS troubleshooting and analysis.

Here are the slides (PDF):

At the end of the talk, I showed a summary of all DNS security attack vectors and countermeasures. If you’re interested in this “simple” overview, you can find it here.

If you have any comments or questions, please go ahead and use the comment function. ;)

Me in action 😂:

Photo by Peter Conrad on Unsplash.

Leave a Reply

Your email address will not be published. Required fields are marked *