<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview[1]
[{$pagename}] ([DNS] [Spoofing]) is a [Spoofing Attack] where the [attacker] spoofs the [IP Address] [DNS] entries for a target [website] on a given [DNS] server and replaces them with the [IP Address] of a server under their control.



Normally, a networked computer uses a [DNS resolver] provided by an [Internet Service Provider] ([ISP]) or the computer user's organization. [DNS resolvers] are used in an organization's network to improve resolution response performance by [caching|cache] previously obtained query results. Poisoning attacks on a single [DNS] server can affect the users serviced directly by the compromised server or those serviced indirectly by its downstream server(s) if applicable.

A server [SHOULD] correctly validate [DNS] responses to ensure that they are from an authoritative source (for example by using [DNSSEC]); otherwise the server might end up caching the incorrect entries locally and serve them to other users that make the same request.

This [attack] can be used to redirect users from a website to another site of the attacker's choosing. 

!! For [example]
An [attacker] uses [{$pagename}] the [IP Address] [DNS] entries for a target [website] on a given [DNS] server and replaces them with the [IP Address] of a server under their control. The attacker then creates files on the server under their control with names matching those on the target server. These files usually contain [malicious] content, such as computer worms or viruses. A user whose computer has referenced the poisoned [DNS] server gets tricked into accepting content coming from a non-authentic server and unknowingly downloads the [malicious] content. This technique can also be used for [phishing] attacks, where a fake version of a genuine [website] is created to gather personal details such as bank and credit/debit card details.

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [DNS spoofing|Wikipedia:DNS_spoofing|target='_blank'] - based on information obtained 2017-01-12
</pre>