LSEC - Leaders in Security

DNS & Security and Security & DNS

Office building infrastructures tend to collapse in the event of weak(-ened) foundations. If an organisations’ DNS infrastructure is compromised, the event can be equally devastating, though less obvious: the casual surfer may not notice he/she is ending up at a phishing site, or that e-mail to business partners is being redirected, but confidentiality, integrity and availability all can be impacted by attacks on one’s DNS infrastructure. This is a risk that is often misunderstood or underestimated.

Therefore we are very pleased to be able to bring to you this long-awaited technical ISSA event by renown DNS & Security expert Marc Lampo!

Telindus - Belgacom ICT is kindly providing the venue as well as food and beverages.

Program Details

1800h : Welcome with drinks and sandwiches
1830h : “DNS & Security - part 1”
1930h : short break
1945h : “DNS & Security - part 2”
2045h : networking drink
2130h : end of the event

Abstract :
DNS & Security

The impact of Dan Kaminsky’s presentation on DNS cache poisoning, during the Black Hat security conference in July 2008, is still vibrating. Despite the positive results of proof-of-concept code - the vulnerability is real - Dan admits fewer then expected/anticipated attacks have been noticed. In this talk Marc Lampo will address the priciples of the attack, in order to make everybody understand it.
And from that understanding, it will become clear why the attack is not so popular from the Internet; but why the danger remains for internal networks !
Still building on the understanding, he will show some true approaches to obtain protection - and also warn against a wrong approach, that even increases the danger.
Finally , one consequence of Dan’s speech will hit us all, somewhere in 2010 : DNSSEC is coming.  Marc Lampo will elaborate on “DNS with signatures” - the protection offered for whom and ... what the prerequisites are.

Bio :
Marc Lampo is senior technical consultant for Telindus - Belgacom ICT. Focus is on network security, a believer of “security by design” - as will also become clear in his talk. He has been configuring and consulting on DNS matters for over 15 years, both from the ISP side (EUnet) as well as from the integrators’ point of view. For the John Cordier Academy, he has developped a course - “DNS Explained” - of which he is still the teacher.

Practical Details

Date : Tuesday December 15th, 2009
Place : The John Cordier Academy Auditorium, Geldenaaksebaan 335, B-3001 Leuven (Haasrode)

Route description and access plan : check out http://www.jcacademy.be/infrastructure/_down/Location_JCA_Leuven.pdf

Please bear in mind :

(1) when coming from Brussels via E40 : the exit Haasrode has been reengineered, you need to take the second exit immediately after the old exit that is currently only leading to Blanden instead of Haasrode
(2) when entering the parking garage underneath the building, please do so cautiously in order not to bump into cars leaving the garage!

Registration procedure :

Registration for the event is free but mandatory. In case there would be more registrations than available seats (sixty), ISSA members in good standing will be favoured over other people in a ratio of 70% Members to 30% non-members. Early registrants will have precedence over late registrants. Registration starts as of November 23rd. Members as well as non-members register by e-mailing their contact details (name, surname, company/organisation, ISSA Membership Nr) to register at issa-be.org mentioning “DNS & Security” in the subject line.

Kind regards,

Tom Van den Eynde
ISSA-BE
Communications Officer