Talk Description: DNS is a locked system – you can’t model the domain space at scale unless you get an AXFR from every authoritative nameserver there is, but you might be able to get a good model going if you attempted to discover and resolve all FQDNs. So, we’ll do the latter! dnstrace is a volunteer-supported, free suite of software that harvests, analyzes, and visualizes the relationships between domains so we can finally turn “domain information” into “domain intelligence” for everyone. Ever wanted to generate better domain reputation so grandma doesn’t get sent to the 200th .ru domain registered today that serves Flash malware? Or wanted to evaluate patterns in cybercrime at a global scale using domain data? Through big data and careful analysis, we can push the security envelope until we’re ahead of the curve for the first time since Creeper.
Bio: Chris “tweedge” Partridge is a 3rd year student working on his Bachelor’s in the Computing Security major at RIT, Black Hat 2017 alum, and BSidesROC regular. He’s extremely passionate about making sure he doesn’t have to take any more 11pm phone calls from his family about their computers being infected, and has been putting a disproportionate amount of time into making that happen. He believes that writing and enhancing security technologies coupled with better security education can change people from “easy targets” to “not worth it.” As the core author of dnstrace, he’s starting to bring those dreams to life, one caffeine-fueled music-blasting coding-session at a time.