Module 2: Propagation of malware using DNS Module 1 exercises: All exercises in this module exploit the spoofing of DNS cache running against FLARE-VM. Forensic packet analysis using Sans SIFt Workstation (SSW), Kali Linux (2018.4 or above), ApateDNS (1.0 or above), FakeNet-NG, Flare VM (1.0 or above), and Wireshark.Understanding the types of DNS attacks (attacks that have different variations) can be more easily understood through the use of a target as an example, in which case a site can be very timely for learning. For this purpose, a website will be created that will serve as the target address. We will use Sans Sift Workstation and Kali Linux to perform forensic analysis of the attack through captured traffic. In this module, a DNS pharming attack will be performed so that the format of the attack, its target and the network traffic that will be captured with Wireshark are understood. The student needs to understand these concepts before start the course. The basic concepts that will be addressed before the course include: DDoS attacks, CnC (or C2) servers, malware vectors and malware propagation. To escape from reality, in my spare time, I go to some place to practice fly fishing in the rivers that cut through the mountains and I keep going to programming in C and Python my own pieces of software. Nowadays, I teach forensics at the University Nove de Julho (UNINOVE) and I work with forensic analysis and malware analysis (reverse engineering of malware) as a free consultant. So, I invested my time in this area since 1989. I never work in this area.but, one day, walking on a Sunday morning, I discovered that I could use my statistical skills to analyze malware behavior, like a math model. I obtained my PhD at São Paulo University (USP) in analytical induction, a math, logic, statistical and philosophic area. I was born in São Paulo, the big, boring and bestial industrial city of my country, Brazil.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |