Episode 5 - Detecting DNS Covert Channels in the Wild (Part 1)
Corelight DefeNDRs
In Episode 5 of Corelight Defenders, I, Richard Bejtlich, engage with Corelight's co-founder and chief scientist, Vern Paxson, to delve into the intricate world of DNS covert channels. We explore how adversaries exploit DNS lookups to silently communicate within tightly controlled enterprise environments. Vern explains various methods attackers may use, from encoding data in seemingly benign domain names to manipulating the timing of requests. Our discussion highlights the challenges of detecting these covert channels, especially in the presence of network monitoring. Join us as we uncover the nuances of this critical cybersecurity issue and set the stage for part two, where Vern will share insights from his extensive research on detecting these covert channels in production networks. Stay tuned for more on the network.
Loading