Free AI web copilot to create summaries, insights and extended knowledge, download it at here
6979
Abstract
<div><h3>ACM.125: Strategy for protecting domain names and DNS configurations in your AWS Organization</h3></div>
<div><p>medium.com</p></div>
</div>
<div>
<div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*mqJVFSV9sP1dy2d92RTb6A.png)"></div>
</div>
</div>
</a>
</div><div id="ec46" class="link-block">
<a href="https://readmedium.com/dnssec-in-aws-route-53-and-google-domains-9c649b456f41">
<div>
<div>
<h2>DNSSEC in AWS Route 53 and Google Domains</h2>
<div><h3>Protect against DNS spoofing and improve email security</h3></div>
<div><p>medium.com</p></div>
</div>
<div>
<div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*Cd5GZV8fBeAFoZo6Jlin5g.png)"></div>
</div>
</div>
</a>
</div><div id="facf" class="link-block">
<a href="https://readmedium.com/configure-dnssec-manually-in-aws-route-53-7af49a45beb2">
<div>
<div>
<h2>Configure DNSSEC Manually in AWS Route 53</h2>
<div><h3>Steps to help prevent domain spoofing using the AWS Console</h3></div>
<div><p>medium.com</p></div>
</div>
<div>
<div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*J8LTuBWVhbrohbYPv8m23w.png)"></div>
</div>
</div>
</a>
</div><div id="0092" class="link-block">
<a href="https://readmedium.com/spf-records-for-email-8c40687da913">
<div>
<div>
<h2>SPF Records for Email</h2>
<div><h3>One DNS record to add for email security (more in other posts)</h3></div>
<div><p>medium.com</p></div>
</div>
<div>
<div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*dTKCpdzgoOuAzyN5Z9bEcA.png)"></div>
</div>
</div>
</a>
</div><div id="774e" class="link-block">
<a href="https://readmedium.com/dkim-for-email-security-a6dcbd630df1">
<div>
<div>
<h2>DKIM for Email Security</h2>
<div><h3>Another DNS record you can add to improve email security</h3></div>
<div><p>medium.com</p></div>
</div>
<div>
<div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*pepKdWO2gtv0NiTJKmYEWA.png)"></div>
</div>
</div>
</a>
</div><div id="2554" class="link-block">
<a href="https://readmedium.com/dmarc-for-email-security-792305c47ca7">
<div>
<div>
<h2>DMARC for Email Security</h2>
<div><h3>The next step to improving email security with DNSSEC, SPF, DKIM and DMARC</h3></div>
<div><p>medium.com</p></div>
</div>
<div>
<div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*IE8YKInrjxVW0TUQij5HfA.png)"></div>
</div>
</div>
</a>
</div><div id="e1a1" class="link-block">
<a href="https://readmedium.com/testing-dns-records-for-errors-eab753adf3d6">
<div>
<div>
<h2>Testing DNS records for errors</h2>
<div><h3>Validating DKIM, DMARC and SPF records with external sites</h3></div>
<div><p>medium.com</p></div>
</div>
<div>
<div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*qTjj2wYCiWB7xY018FzSug.png)"></div>
</div>
</div>
</a>
</div><div id="30bd" class="link-block">
<a href="https://readmedium.com/subdomains-uses-and-attacks-37de31b3ab25">
<div>
<div>
<h2>Subdomains — uses and attacks</h2>
<div><h3>ACM.235 Why you might want to configure a subdomain and how attackers can abuse misconfigurations through subdomain…</h3></div>
<div><p>medium.com</p></div>
</div>
<div>
<div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*PL_JyWQND5mxQO2Cs0_rSg.png)"></div>
</div>
</div>
</a>
</div><div id="1c7a" class="link-block">
<a href="https://readmedium.com/deploying-an-aws-route-53-dns-hosted-zone-39e2a5ef744b">
<div>
<div>
<h2>Deploying an AWS Route 53 DNS Hosted Zone</h2>
<div><h3>ACM.236 Creating a hosted zone for a static website hosted in S3</h3></div>
<div><p>medium.com</p></div>
</div>
<div>
<div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*5K_vvyMYg-VlB_adyrDLpA.png)"></div>
</div>
</div>
</a>
</div><div id="85c0" class="link-block">
<a href="https://readmedium.com/check-dns-requests-if-youre-not-using-dns-over-https-f845031aaf22">
<div>
<div>
<h2>Check DNS Requests — if you’re not using DNS over HTTPS</h2>
<div><h3>How to determine if your machine is contacting something it shouldn’t be</h3></div>
<div><p>medium.com</p></div>
</div>
<div>
<div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*CtAYXQErVvk-GYaYVm3NTA.png)"></div>
</div>
</div>
</a>
</div><div id="c693" class="link-block">
<a href="https://readmedium.com/firewall-rules-for-udm-pro-setup-6a8b352252d7">
<div>
<div>
<h2>Firewall Rules for UDM Pro Setup</h2>
<div><h3>Why. So. Many. IP. Ranges? And domains don’t resolve.</h3></div>
<div><p>medium.com</p></div>
</div>
<div>
<div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*HTgDaHRW54_chf_RBHa6Ug.png)"></div>
</div>
</div>
</a>
</div><div id="efd6" class="link-block">
<a href="https://readmedium.com/domain-names-used-by-devices-76440b1b0d0e">
<div>
<div>
<h2>Domain Names Used by Devices</h2>
<div><h3>Figuring out to what domain names your devices connect</h3></div>
<div><p>medium.com</p></div>
</div>
<div>
Options
<div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*K91DSi_KMn9Q0m7AQM6tkQ.png)"></div>
</div>
</div>
</a>
</div><div id="74e2" class="link-block">
<a href="https://readmedium.com/why-is-there-a-dns-server-running-on-ubuntu-on-aws-by-default-f6366c65077c">
<div>
<div>
<h2>Why is There a DNS Server Running On Ubuntu On AWS By Default?</h2>
<div><h3>Here’s how to turn it off if you don’t need it</h3></div>
<div><p>medium.com</p></div>
</div>
<div>
<div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*-yS_ww7HSCzPpwsT5t6Nmg.png)"></div>
</div>
</div>
</a>
</div><p id="09b2">A method for protecting DNS changes on AWS.</p><div id="3616" class="link-block">
<a href="https://readmedium.com/function-to-move-aws-accounts-between-organizational-units-c6a6c8e1f8f1">
<div>
<div>
<h2>Function to Move AWS Accounts Between Organizational Units</h2>
<div><h3>ACM.240 Governance by unlocking an account for a deployment and locking it back up after</h3></div>
<div><p>medium.com</p></div>
</div>
<div>
<div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*eXpYiH1pg6meUVPmOE063A.png)"></div>
</div>
</div>
</a>
</div><p id="05d7">Automated update of Name Server (NS) records for a domain registered via AWS Route 53 domains.</p><div id="af8e" class="link-block">
<a href="https://readmedium.com/update-ns-records-for-a-domain-name-on-aws-d09dc622d91d">
<div>
<div>
<h2>Update NS Records for a Domain Name on AWS</h2>
<div><h3>ACM.243 Matching name servers of a domain to an AWS Route 53 hosted zone</h3></div>
<div><p>medium.com</p></div>
</div>
<div>
<div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*dCttmUSoAKVkrJEtoiI_Zw.png)"></div>
</div>
</div>
</a>
</div><p id="706e">Automated creation of NS record on a primary domain hosted zone or a subdomain in a separate account using the AWS CLI. I explain things like CNAME, URL, A, AAAA, and NS records for a DNS Zone in this post.</p><div id="0690" class="link-block">
<a href="https://readmedium.com/updating-the-ns-records-for-a-subdomain-on-aws-with-the-aws-cli-4608f23a70d2">
<div>
<div>
<h2>Updating the NS Records for a Subdomain on AWS with the AWS CLI</h2>
<div><h3>ACM.244 Adding NS records to the primary domain in Route 53 for a subdomain used in a separate account</h3></div>
<div><p>medium.com</p></div>
</div>
<div>
<div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*-pAMyi9UcPs28HxnRvuw1Q.png)"></div>
</div>
</div>
</a>
</div><p id="a8b9">You should validate new TLS certificates with DNS, not email.</p><div id="19b8" class="link-block">
<a href="https://readmedium.com/validate-a-tls-certificate-deployed-with-cloudformation-7736170757ce">
<div>
<div>
<h2>Validate A TLS Certificate Deployed With CloudFormation</h2>
<div><h3>ACM.246 Adding the DNS records required to complete a TLS certificate deployment with CloudFormation</h3></div>
<div><p>medium.com</p></div>
</div>
<div>
<div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*NuuMahbdQCb8loENrjh4Ww.png)"></div>
</div>
</div>
</a>
</div><div id="4b4d" class="link-block">
<a href="https://readmedium.com/delete-a-dns-record-in-a-hosted-zone-with-the-aws-cli-ea2e8bfc78a2">
<div>
<div>
<h2>Delete a DNS Record in a Hosted Zone with the AWS CLI</h2>
<div><h3>ACM.249 It’s not as simple as you might imagine (as far as I know at the time of this writing)</h3></div>
<div><p>medium.com</p></div>
</div>
<div>
<div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*06HPCSnMPJuicuFwchwpMQ.png)"></div>
</div>
</div>
</a>
</div><div id="1d83" class="link-block">
<a href="https://readmedium.com/how-to-fix-tls-certificate-deployment-via-cloudformation-aa1af4a13259">
<div>
<div>
<h2>How to Fix TLS Certificate Deployment Via CloudFormation</h2>
<div><h3>ACM.248 This process needs some love ❤️</h3></div>
<div><p>medium.com</p></div>
</div>
<div>
<div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*wtDL_85US8GUOUjs2X6OMw.png)"></div>
</div>
</div>
</a>
</div><p id="d8ec">Follow for updates.</p><p id="4a3a">Teri Radichel | <i>© <a href="https://2ndsightlab.com/?source=post_page---------------------------">2nd Sight Lab</a> 2023</i></p><div id="8b5f"><pre><span class="hljs-section">About Teri Radichel:
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight Lab</pre></div><div id="caae"><pre><span class="hljs-section">Need Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~</span>
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for Presentation</pre></div><div id="5a42"><pre>Follow <span class="hljs-keyword">for</span> more stories like <span class="hljs-keyword">this</span>:
❤️ Sign Up my Medium Email List
❤️ Twitter: <span class="hljs-meta">@teriradichel</span>
❤️ LinkedIn: https:<span class="hljs-comment">//www.linkedin.com/in/teriradichel</span>
❤️ Mastodon: <span class="hljs-meta">@teriradichel</span><span class="hljs-meta">@infosec</span>.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab</pre></div><figure id="faf5"><img src="https://cdn-images-1.readmedium.com/v2/resize:fit:800/0*H9Ew1KCl-29nZiPR.jpeg"><figcaption></figcaption></figure></article></body>
