Questions tagged [dns-spoofing]

DNS Spoofing is a network attack whereby data is introduced into a Domain Name System (DNS) resolver's cache by an attacker that has no authority, causing diverting injected names to redirect traffic to a host controlled by the attacker.

131 questions
41
votes
4 answers

How could a public DNS server return bad results?

I live in a country which is under many sanctions. Both internal sanctions (government on people) and external sanctions (US on our people). In our country, YouTube, Twitter, Facebook and many other sites are blocked by default and we can only…
AlwaysLearner
  • 499
  • 4
  • 6
32
votes
2 answers

DNS zone transfer attack

Can anyone explain what is DNS zone transfer attack or give any link, paper? I have already googled, but could not find anything meaningful.
user6809
30
votes
3 answers

How does DNSSec work? Are there known limitations or issues?

Based on information from this site, DNSSec is needed to protect us from a number of DNS and SSL / TLS hacks, including: DNS spoofing, especially on wifi or shared medium Registrars that abuse their trust and insert invalid data into the root…
makerofthings7
  • 50,090
  • 54
  • 250
  • 536
25
votes
5 answers

How secure is binding to localhost in order to prevent remote connections?

Let's say we're running a service that's bound to localhost (127.0.0.1), and the goal is to only allow local clients (i.e. from the same machine only) What techniques might be used to break this security, are there additional measures that could be…
davidkomer
  • 521
  • 4
  • 9
22
votes
5 answers

Does DNS allow third parties to register subdomains?

I have one of those questions that rely on the rule sets for DNS lookup. Let us say Person A owns the site https://www.example.com. A different person, Person B, not associated with A, attempts to register https://sub.example.com with the local…
Tony Barry
  • 347
  • 2
  • 4
21
votes
2 answers

Why doesn't DNS spoofing work against HTTPS sites?

How does using SSL protect aginst dns spoof? since DNS is at a lower level and it is always work the same whether the user is visiting an HTTP or HTTPS site.
Gray
  • 371
  • 1
  • 3
  • 6
17
votes
4 answers

DNSSec (Comcast) vs DNSCurve (OpenDNS)

I was previously using OpenDNS on my internal network. I found out today that Comcast has switched over to DNSSec: Comcast DNSSec. I've done a little research on DNSSec and its benefits. I understand the basics of DNSSec. Pretty much DNSSec signs…
coding4fun
  • 303
  • 2
  • 6
15
votes
2 answers

How easy/difficult is it to spoof DNS? Are some scenarios safer/more risky than others?

Practically speaking, how easy difficult is it to spoof DNS? What scenarios are more risky than others? For example: A phishing email or twitter link that attracts users to click a hyperlink A link on an internal sharepoint site on a different…
makerofthings7
  • 50,090
  • 54
  • 250
  • 536
15
votes
5 answers

Can I avoid DNS spoofing by typing the IP address?

The question is in the title. I have been reading about DNS spoofing. What if I were to save the IP addresses of websites I consider sensitive and then just enter the IP address when I am using a suspicious connection to prevent myself from DNS…
Lmk
  • 151
  • 1
  • 3
14
votes
2 answers

What problem does DNSSEC solve?

I have read through the questions tagged DNSSEC on this site, and over the years you hear statistics about DNSSEC adoption and about organizations enabling it on their domains... but nobody mentions what they are actually trying to solve. Well, that…
Luc
  • 31,973
  • 8
  • 71
  • 135
12
votes
2 answers

When using https but not DNSSEC, under what situation, a client is vulnerable?

So DNSSEC is to ensure that returned IP address is not poisoned. And https is to verify the remote server. My question is that when protected by https, under what circumstances, a client is vulnerable? Say I go to https://www.facebook.com, even if…
Eniaczz
  • 123
  • 4
12
votes
1 answer

DNS Spoofing vs DNS Cache Poisoning

What is the difference between DNS Spoofing and DNS Cache Poisoning ??? It seems like there are little differences between two attacks, with an exception that DNS server is actually might cache the "fake" response from malicious DNS server.
newprint
  • 223
  • 1
  • 2
  • 4
11
votes
2 answers

Could somebody explain how DNS poisoning might occur in this scenario?

I read the following statement in a security blog using the same source port over and over again for dns queries instead of randomizing them is a vulnerability for dns poisoning Could somebody elaborate on how this is a vulnerability and how it…
DaTaBomB
  • 635
  • 1
  • 6
  • 16
11
votes
2 answers

dnsspoof not spoofing (requests and forwards real DNS packet)

I was trying to use dnsspoof but it did not work as expected. These are the steps I followed: Set IP forward in kernel to 1 arpspoof -i eth0 -t 192.168.1.39 -r 192.168.1.1 and arpspoof -i eth0 -t 192.168.1.1 -r 192.168.1.39. Checked with arp -a and…
user1156544
  • 456
  • 3
  • 14
9
votes
3 answers

DNSspoof not working

My aim is to DNSspoof. My network is using a wireless router with the address 192.168.1.1 and primary DNS is the same as the router address. I have enabled Kernel IP forward in Linux. DNS host file is spoofhosts.txt 173.252.74.22 google.co.in My…
ashok
  • 231
  • 1
  • 3
  • 5
1
2 3
8 9