DNS Sinkholing to Reduce Network Compromises
Wednesday, May 16 | 2:00pm - 3:00pm | Meeting Room 103/104
Session Type: Professional Development
Large university networks are often decentralized as a result of organic growth and federation between schools. These environments therefore tend to lack centralized network security controls, which makes mitigating threats difficult. Antivirus software and patching aren't enough to protect clients from zero-day threats, polymorphic malware, and malicious third-party ads hosted on otherwise legitimate websites. We'll compare and contrast two different implementations of a DNS sinkhole, which ultimately led to a minimum 70% reduction in compromises at two different universities. Attendees will come away with a firm understanding of two different DNS sinkhole implementations, with quantitative evidence of their effectiveness, and with a model for handling privacy concerns.
Melissa MuthSr Information Security Analyst, University of Pennsylvania
Matthew WollenweberPrincipal Security Engineer, The George Washington University