DNS continues to be a very attractive target for hackers and a very important piece of network from a user's point of view. We use it seamlessly almost every time we hit a web page or application throughout a day, without even knowing that it exists.
DNS provides a way to resolve the IP address of any host on the internet with directory services.
A host sends a DNS query request to a DNS server and, in response, gets the IP address 1.1.1.1
for www.abc.com
. The host can now make a direct request to www.abc.com
using the IP address:
DNS spoofing or DNS cache poisoning: DNS spoofing occurs when particular DNS server records are altered to redirect traffic to the attacker. This redirection of traffic allows the attacker to steal data because it is hard for users to recognize the difference between an actual web page and a false web page.
In this example, users are trying to get the IP address for a real web server which is 1.1.1.1
but...