Ever feel like a deer-in-the-headlights? This is PDIH Preventing Deer In Headlights. 

Commercial- CISSP starts this Saturday Oct.13th; please tell your friends!  Our new courses will be introduced this Thursday.

PDIH TOPIC:  DNS over TLS and why you should implement this security in the enterprise.

Several years ago I talked about avoiding DNS from Internet Service Providers because they were spying on us, and today it’s worse.


Our search leads us to a site, the site is queried via DNS, and both are resolved and consumed by our Internet service provider. Most of the query data is sold back to an add/keyword/search company. Bottom line, your query is worth money. Don’t believe me? Look at one of the experiments.

What to do?

  1. Point upstream DNS queries to OPENDNS, not to your ISP, Google or cloudflare.
  2. Install DNScrypt on all endpoints.
  3. Done

Impact on security?

This is not one simple “done-n-dusted.” You need to think about the good and bad impact. How will the Blue team’s effectiveness be changed? Will this work with Umbrella? And a few other questions. This is what we will talk about on Thursday. Come be a part of cyber-security. Don’t be a deer-in-the-headlights.

Can’t make it?

If you are a past student, you will have access to the recordings.

CPEs – Yesssss!

Most CPE requirements have both a validation step and an audit-able requirement. We do both for our past students. Free.

I hope you attend – it will be fun.


Categories: Uncategorized