Bert Hubert, author of the open source PowerDNS nameserver discusses DNS security and all aspects of the Domain Name System with its flaws and history. Host Gavin Henry spoke with Hubert about what DNS is, DNS history, DNS attacks, DNS flaws, DNS privacy, DNS Encryption, DNS integrity, how DNS is used against your privacy, how to not trust your DNS server, how to defend against DNS query failure in your code, DNS over HTTPS, DNS over TLS, DNSSEC, HTTP/2 with DNS, QUIC, monitoring DNS traffic, DNS cache poisoning, DNS amplification attacks, UDP attacks, URL fetch attacks via Twitter, browser DNS lookups, social engineering attacks and what you need to worry about as a software engineer.
Show Notes
Related Links
- Show 345: Tyler McMullen on Content Delivery Networks (CDNs)
- Show 378: Joshua Davies on Attacking and Securing PKI
- Show 347: Daniel Corbett on Load Balancing and HAProxy
- DNS-IDS: Securing DNS in the Cloud Era
- Securing DNS: Extending DNS Servers with a DNSSEC Validator
- Twitter – @PowerDNS_Bert
- Bert Hubert – personal site
- PowerDNS
- DNS Queries over HTTPS (DoH)
- NLNOG 2019 – DNS over HTTPS considerations, Bert Hubert
- Paul Vixie talks about DNS over HTTPS
- DNS over HTTPS / DNS over TLS / DNSSEC
- Encrypted DNS Deployment Initiative
- RFC8484: DNS Queries over HTTPS (DoH)
SE Radio theme: “Broken Reality” by Kevin MacLeod (incompetech.com — Licensed under Creative Commons: By Attribution 3.0)
