14 hours 39 minutes
Okay, The third part of our network protection, we've gotta look. ATT Service is on the network
now. The first service that we have to look at is Dean s domain naming system.
I firmly believe the root of all good and evil on the network is D N s.
Now that seems perhaps a bit dramatic, but I cannot tell you the number of times D. N s has been at the root of record register properly. Deena's cash was poisoned, something was modified. The service to start properly
and D and s controls the functionality of so many other service is on the network.
You know, that's how your system locates. A domain controller or key distribution center or the global catalog server. D. N s just, you know, has a lot of knowledge. And
that information is so critical to the functionality of a network
not even to speak about name resolution being so essential, right? I don't know that i p address of Amazon, but I can get there just like that because of d N S course. The problem is, I trust Ian s. So I type out amazon dot com or whatever that website might be.
And I'm directed to a server that
seems legitimate, but I don't know that it is because if Deena's is compromised Belson me. You know that that attacker will send me wherever they want. So D N s from an attacker standpoint is extremely desirable.
Everybody needs name resolution.
Not to mention the fact that, you know, if I don't modify d N s, you know, that's one big threat is modified D n s change the records misdirect you. But if I take d. N s off the network, you know a denial of service aimed at D. N S will bring your network to a screeching halt.
So D N s is very desirable.
Farming is all about modification of records and hired. A ton of people use that term farming, but D N s uses records for location. So there's a specific record called the a record of the host record. And that's what says kelly dot com is at 10 111
Hey, so when you type in kelly dot walk to calm, your host asks D, and as Indiana says, Hey, that's 10 111
Well, that's because of the A record. So if you were to modify those A records through any one of numerous means, you know, but the least of which compromising the Venus system,
um, then we would call it for me.
Now, Cash poisoning also applies to D. N s. And the idea is cash, whether it's Dean s cash, our cash, a Webcast or whatever
cash is always where I put something I think I'll need again because I want to be ableto access it quickly.
So once I learned that kelly dot com is 10 111 while I store that in my local D. N s cash.
So the idea is, I trust that I don't wanna have to go out and ask the d n a server again. So if you could modify my cash, that's Justus. Good. Is you having modified the D. N s server so anytime caches modified, that's cold.
Let's call poison.
All right. Another vulnerable service de HCP dynamic host configuration protocol.
That's the protocol on an I P network that will automatically assign ip addresses toe hosts Very, very helpful 2000 host. I don't wanna walk around manually typing out i p addresses. But DCP first of all, any time you allow something to happen on your network auto magically
right, You know you don't have your hands on it. There's always a little bit of a concern of having an impostor or rogue device. And that's certainly concerned with the HCP.
The client will accept an I p address from any DHD piece over.
So whichever server is the quickest to respond is going to give your client and I p address
probably default gateway and also probably your client learns who it's d N s server is three d h e allocation we just talked about
I'm fighting you on. I'm sorry, the on one Please forgive me. And it is not that I don't find d. N s thrilling because I do. It's just the bone sneak up on you sometimes. So what I'm saying is that D H C P will often give clients a lot more information than just an I p address.
With Dean s being so critical
getting who your d n a server is from an untrusted entity. That's a big problem too.
All right, Elda. Lightweight directory access protocol. That is the database protocol or structure that active directory uses. When you see held up in Windows, that means it's a domain controller
if you see it. Another operating systems think authentication Sophie
Web service is mail service. Is any surfaces or vulnerable just by default, right? I mean, just making a service available toe outside users or even the internal users. There's a degree of vulnerability. So we harden our systems, we
and we make sure that for our applications, we do application testing. We look at input validation in all of those different elements so hard in your network Service is be very careful and very cautious. What you automate. Make sure that, um,
when you do your network scans, you're scanning for rogue devices or devices that
are not part of your existing network infrastructure, because that's gonna be an indication that you may have a road service