Episode 57 — Secure DNS and name resolution so attackers cannot redirect trust or hide access
This episode focuses on DNS as a trust system and shows why it becomes both an attack tool and a defense dependency in cloud environments. You’ll learn how name resolution influences where traffic goes, how service discovery works, and why DNS misconfigurations can quietly bypass intended controls or enable redirection attacks. We’ll connect this to exam scenarios involving data exfiltration, man-in-the-middle risk, and persistence methods where attackers change records to route traffic through their infrastructure. You’ll also explore best practices like controlling who can modify DNS zones, monitoring for unexpected record changes, using consistent naming and segmentation, and validating that resolution paths match intended network boundaries. Troubleshooting topics include split-horizon behavior, caching effects that delay changes, and diagnosing “it resolves but won’t connect” issues without widening access. Produced by BareMetalCyber.com, where you’ll find more cyber audio courses, books, and information to strengthen your educational path. Also, if you want to stay up to date with the latest news, visit DailyCyber.News for a newsletter you can use, and a daily podcast you can commute with.
