This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
DNS cache poisoning
DNS cache poisoning

Version management

Difference between version and

At line 1 added 19 lines
!!! Overview[1]
[{$pagename}] ([DNS] [Spoofing]) is a [Spoofing Attack] where the [attacker] spoofs the [IP Address] [DNS] entries for a target [website] on a given [DNS] server and replaces them with the [IP Address] of a server under their control.
Normally, a networked computer uses a [DNS resolver] provided by an [Internet Service Provider] ([ISP]) or the computer user's organization. [DNS resolvers] are used in an organization's network to improve resolution response performance by [caching|cache] previously obtained query results. Poisoning attacks on a single [DNS] server can affect the users serviced directly by the compromised server or those serviced indirectly by its downstream server(s) if applicable.
A server [SHOULD] correctly validate [DNS] responses to ensure that they are from an authoritative source (for example by using [DNSSEC]); otherwise the server might end up caching the incorrect entries locally and serve them to other users that make the same request.
This [attack] can be used to redirect users from a website to another site of the attacker's choosing.
!! For [example]
An [attacker] uses [{$pagename}] the [IP Address] [DNS] entries for a target [website] on a given [DNS] server and replaces them with the [IP Address] of a server under their control. The attacker then creates files on the server under their control with names matching those on the target server. These files usually contain [malicious] content, such as computer worms or viruses. A user whose computer has referenced the poisoned [DNS] server gets tricked into accepting content coming from a non-authentic server and unknowingly downloads the [malicious] content. This technique can also be used for [phishing] attacks, where a fake version of a genuine [website] is created to gather personal details such as bank and credit/debit card details.
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [DNS spoofing|Wikipedia:DNS_spoofing|target='_blank'] - based on information obtained 2017-01-12
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop