Kaminsky on DNS rebinding attacks, hacking techniques

Noted network security researcher Dan Kaminsky, director of penetration testing at IOActive, shares his research on Web-based attack techniques.

Noted network security researcher Dan Kaminsky, director of penetration testing at IOActive, dives into his latest work around DNS rebinding attacks and what enterprises can do to protect their resources from these Web-based attacks. Kaminsky also covers some of his research on the spoofing of SSL VPN certificates and other emerging threats. Kaminsky is a frequent speaker at industry conferences. He is probably best known for his Black Ops talks at the annual Black Hat Briefings. Kaminsky, formerly with Cisco and Avaya, is also an advocate for Net Neutrality.

  Program highlights:  

  • Your presentations have focused a lot on network security, lately you've been talking a lot about Web 2.0 attacks, why the change in direction? (0:17)
  • What are some down in the weeds Web flaws that organizations need to be aware of? 1:45)
  • Tell me about some of the DNS rebinding research that you've been presenting. (3:07)
  • Can you share any practical advice for organizations on how to defend themselves? (6:25)
  • If the Web protocols are bad and the network protocols are bad what's the answer there? Certainly starting over isn't practical. (7:21)
  • You do work in a lot of organizations. Can you tell me about the state of security in most of those that you work in? (9:17)

Dig deeper on Web Application Security

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close