Main Nav

May 16th, 2012
1:00 PM - 2:00 PM
Meeting Room 103/104
Large university networks are often decentralized as a result of organic growth and federation between schools. These environments therefore tend to lack centralized network security controls, which makes mitigating threats difficult. Antivirus software and patching aren't enough to protect clients from zero-day threats, polymorphic malware, and malicious third-party ads hosted on otherwise legitimate websites. We'll compare and contrast two different implementations of a DNS sinkhole, which ultimately led to a minimum 70% reduction in compromises at two different universities. Attendees will come away with a firm understanding of two different DNS sinkhole implementations, with quantitative evidence of their effectiveness, and with a model for handling privacy concerns.