|
DNS cache poisoning is a maliciously created or unintended situation that provides data to a caching name server that did not originate from authoritative Domain Name System (DNS) sources. This can happen through improper software design, misconfiguration of name servers, and maliciously designed scenarios exploiting the traditionally open-architecture of the DNS system. Once a DNS server has received such non-authentic data and caches it for future performance increase, it is considered poisoned, supplying the non-authentic data to the clients of the server. A domain name server translates a domain name (such as www.example.com) into an IP Address that Internet hosts use to contact Internet resources. If a DNS server is poisoned, it may return an incorrect IP Address, diverting traffic to another computer. From Wikipedia under the
GNU Free Documentation License DNS Cache Poisoning - How To Fix DNS Poisoning & Secure PC Connection Across The Internet? Q. DNS Cache Poisoning - How To Fix DNS Poisoning & Secure PC Connection Across The Internet? Asked by Ace - Sun Jul 27 05:23:29 2008 - - 2 Answers - 0 Comments A. Dan Kaminsky of DoxPara Research was among the first to report on DNS cache poisoning which involved diverting users to non-authentic sites through loopholes in the user's Internet security settings. This mainly involves 'poisoning' and remotely controlling the DNS cache (Domain Name Servers), which is key to how you access the Internet. DNS maps the path between the textual address of a website and its numeric IP address. Kaminsky said in a late-July post that 52% of servers are vulnerable to cache poisoning but the numbers were reducing after people starting taking preventive measures. The best way to tackle DNS poisoning is through tools like OpenDNS which reroutes your Internet traffic through its own safe-secure-reliable servers and… [cont.] Answered by Justin L - Sun Jul 27 06:17:22 2008 DNS cache poisoning?? Q. Yeah...please don't tell me that what am trying to do is 'illegal' or 'immoral'...I just have plenty of free time the past several days(hm havin annoying flu...) and trying to figure out a succesful DNS cache poisoning attack. But I experience some really nitty problems: - How to determine if my IP is still natted? - How to determine if the ISP allows me to send spoofed UDP packets? - Possible reasons for incompatibility of perl/python scripts on different Linux platforms? I mean I compiled some scripts under fedora but impossible to compile under madnriva... Anyway, any practical link to how a cache poisoning could be done would be greatly appr. Thanks... Asked by 90210 - Mon Nov 5 17:12:17 2007 - - 1 Answers - 0 Comments A. try this one Answered by steven25t - Mon Nov 5 17:22:53 2007 How do DNS servers work?
Q. Is there always an intermediate name server (local) between your pc and the ISP DNS? Also, are there any documented cases of DNS cache poisoning being used for psychological harassment? I know that's a weird question, but just curious. Asked by Mr. B - Mon Jul 20 03:47:46 2009 - - 1 Answers - 0 Comments A. no thats just the default behaviour of windows/mac when on a LAN. the router that connects your LAN to the ISP acts as your LAN's DNS server,m unless you specify the IP-adress of a DNS server on your computer. as for the second question, i have absolutely no idea.. Answered by Alexander882 - Mon Jul 20 11:55:52 2009 From Yahoo Answer Search: "DNS cache poisoning"  news.google.com Computerworld Australia Gersch was at the Black Hat conference last summer when Kaminsky detailed the DNS cache poisoning threat in front of a standing-room-only crowd. and more » news.google.com newswireless.net "I was impressed at the cooperation of police and NGOs," he said of the work he observed there, "but I don't like DNS poisoning . It's not effective enough ... Will the internet filter in New Zealand be welcomed enough to ... SC Magazine UK all 2 news articles » news.google.com From Google News Search: "DNS cache poisoning"  securosis.com rmogull ue, 08 Jul 2008 18:28:02 GM I''m ignorant though - is this a . dns cache poisoning. issue or what? So you spoofed a TXID, what next? By rmogull on 07/08 at 04:53 AM. Ya- cache poisoning, but a new exploit method. That's my understanding. ...  web.nvd.nist.gov Fri, 22 Jan 2010 08:00:00 GM allows remote attackers to conduct . DNS cache poisoning. attacks by receiving a recursive client query and sending a response that contains (1) CNAME or (2) DNAME records, which do not have the intended validation before . caching. , ...  bug-blog.de Stefan Wed, 30 Dec 2009 22:35:14 GM Description: F5 has acknowledged a vulnerability in BIG-IP, which can be exploited by malicious people to . poison. the . DNS cache. . For more information: SA37426. The vulnerability is reported in the following products and versions: ... From Google Blog Search: "DNS cache poisoning" |
