The Kaminsky bug, announced at Black Hat last year, sent everyone scrambling to update their DNS infrastructure. But most people stopped after the patchwork. Over 10 TLDs, including .gov are already deployed using DNSSEC. CIRA has launched a “friends & family” test program for those who want to test DNSSEC with .ca domains (and should be in full production at the time of SecTor) Why are you not using the added security provided by DNSSEC?
This presentation will show you how to take advantage of DNSSEC within minutes. It will show you how to do the minimum to protect your .ca domain against cache poisoning. And for those who only care about their .com domain, DNSSEC Lookaside Verification will be demonstrated.
The presentation will include a live demo configuring DNSSEC on a stock Windows and Linux machine and a demo deploying DNSSEC on a .ca domain.