meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Tuesday, October 24th 2017

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News

4.9754 Ratings

🗓️ 23 October 2017

⏱️ 6 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. SOCKS Proxies; DNS over TLS Coming to Android; Fake Crypt Currency Trading App

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Tuesday, October 24th, 2017 edition of the San Antonio Storm Center's Stormcast. My name is Johannes Ulrich, and today I'm recording from Berlin, Germany.

0:12.9

And if you happen to be in Berlin as well this week, Thursday evening I'll be giving a presentation here about the Internet Storm Center and how we

0:23.0

track some of the Internet of Things exploits. Just drop me a note if you're interested in attending.

0:30.4

You can use the Internet Storm Center's contact page or just drop me an email. Today we got a guest diary by Alan too. He's writing about

0:40.8

SOX proxies. First of all, he lists a couple of sites that list SOX proxies that may be interesting

0:48.4

intelligence in order to figure out where some of the attacks that you are seeing coming from.

0:54.5

And he also made some interesting observations how these proxies appear to be focusing on a couple

1:00.9

different networks that apparently, which appear to attract a particular large amount of

1:06.6

these types of services.

1:09.6

And a common problem for networks these days is the ever-increasing

1:15.9

amount of encrypted traffic. Now, this isn't always a security issue necessarily.

1:22.4

Encryption does help protect the privacy of traffic and does protect the integrity in many cases.

1:30.3

But if you're trying to inspect traffic for data infiltration,

1:34.3

or if you're trying to uncover matter command control channels,

1:38.3

it's often quite useful to be able to gain some information about what traffic is exchanged and in particular what

1:46.1

sites people connect to. Now my usual recommendation is that you take a close look at DNS traffic,

1:53.7

but this may no longer really be an option. There is an increasing effort to encrypt DNS traffic. We have DNSSEC,

2:05.0

but DNSSEC really only deals with the authenticity and integrity of DNS messages. It doesn't

2:12.3

encrypt them. The one standard that's gaining a little bit steam here is DNS over TLS.

2:20.3

And it looks like Android is now adding this to its implementation of DNS.

2:26.3

There have been some recent commits to the Android code based

2:31.3

that a couple of Android blogs noticed that do implement DNS over TLS.

...

Please login to see the full transcript.

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2026.