Title :
Algorithms for Extraction and Visualization of Metadata from Domain Name Server Records
Author :
da Silveira, Arley Barros Leal ; Garcia, Nuno M.
Author_Institution :
Univ. Lusofona de Humanidades e Tecnol., Lisbon, Portugal
Abstract :
Nowadays, security awareness is on every industry agenda. Mitigating threats and assessing risks is key to successful security posture and business continuity. Penetration tests are state-of-the-art and one of the main processes used by security professionals to discover, assess and evaluate a given infrastructure for potential security risks. On this paper we discuss Domain Name Server (DNS) information reconnaissance, a critical phase of any penetration test assessment, and present a tool that implements four different techniques to extract DNS metadata from a given domain namespace: TLD Rotation, Dictionary Attack, Brute Force Permutation and Typos. We present each algorithm and discuss the details of implementation of the tool. Finally, the integration of the tool with a powerful visualization engine to provide seamless graphical representations of the extracted data is discussed. The source code of the tool is available to further research.
Keywords :
Internet; data visualisation; meta data; security of data; DNS metadata extraction; TLD rotation; brute force permutation; business continuity; dictionary attack; domain name server; graphical representation; information reconnaissance; metadata extraction; metadata visualization; penetration tests; security awareness; security posture; Databases; Dictionaries; Force; HTML; Security; Semiconductor optical amplifiers; Servers;
Conference_Titel :
Advances in Mesh Networks (MESH), 2010 Third International Conference on
Conference_Location :
Venice
Print_ISBN :
978-1-4244-7508-7
DOI :
10.1109/MESH.2010.20
