Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
All You Need to Know About DNS Spoofing to Keep Your Organization Safe
#1
Bug 
Quote:
[Image: heimdal-logo.svg]

What is DNS spoofing and how can you prevent it?

The DNS in and of itself has never been secure. Being created in the ‘1980s when the Internet was a complete novelty, security had not been a priority in its design. Throughout time, this has led malicious actors to take advantage of this issue and develop elaborate attack techniques that leverage the DNS, such as DNS spoofing.

What is DNS spoofing?

DNS spoofing is a cyber-attack in which fake data is introduced into the DNS resolver’s cache, which causes the name server to return an incorrect IP address. In other words, these types of attacks exploit vulnerabilities in domain name servers and redirect traffic towards illegitimate websites.

But before diving into more info about DNS spoofing, let’s take a look at how the DNS works and try to understand more about DNS security.

Understanding DNS

DNS stands for Domain Name System. In short, it is a database that provides information about domain names. DNS is built upon a structure of hierarchy, with a single domain at the top called the root domain and with top-level domains below it that split the DNS into different segments.

Figuratively speaking, DNS is commonly described as the phonebook of the Internet, as it translates domain names to IP addresses.

Another metaphor used for DNS is oftentimes a tree:
 
Quote:DNS has a root, and the various Top-Level Domains (TLDs) are similar to branches that shoot off the root. Each branch has small branches, which are Second Level Domains, and the leaves are Fully Qualified Domain Names (FQDNs), sometimes referred to as hostnames. Do not get the idea that this tree is a peaceful Palm Tree or a strong Oak. This is a monstrosity of a tree, planted in cement with roots ensnarling each other and branches spread in every direction, that often feels like it is held together by force of will more than anything else. If DNS is a tree, it is more like the Banyan Tree, in Lahaina, Maui.

An extract from “DNS Security: Defending the Domain Name System” by Allan Liska & Geoffrey Stowe

Before I go into more detail, I will try to summarize how the DNS resolution process works.

Let’s say a user types a web address into the browser.

First, the operating system scans its cache for the IP. If it can’t find it, it asks the DNS resolver (which can be recursive, non-recursive, and iterative – but let’s save this topic for a later time) to provide an answer.

What are DNS resolvers?

When a user tries to access a website, a request is sent to a DNS resolver by the operating system.

The DNS resolver answers with the IP address, which is taken from the web server, and thus the website is loaded. In essence, DNS resolvers find IP addresses that are associated with domain names. Simply put, they translate website addresses like “heimdalsecurity.com” which can be easily read by people into numerical IP addresses, that would be almost impossible for us to learn by heart.

If the DNS resolver does not have the IP stored in its cache, it will ask the root server.

Today, there are only 13 root name servers in the world operated by 12 different organizations, which have been operating root servers since the DNS has been created.

However, this does not mean there are only 13 physical locations which sustain the Internet. In fact, there are over 750 root server instances worldwide, distributed throughout each continent. They can be accessed using 13 IP addresses, one assigned to each entity (with the exception of Verisign, which runs two root servers). The majority of these addresses are allocated to various servers around the world, so DNS queries that are sent to these addresses get a timely response from the local servers.
...
Continue Reading
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
AWZ Screen Recorder
AWZ Screen Recorder ...zevish — 11:05
Website X5 Go 2024.1
Website X5 Go 2024.1...zevish — 09:32
Apple's rules to allow third-party app ...
Apple has announ...alison30 — 09:28
Intel: Microsoft AI PCs need a Copilot K...
Microsoft hopes th...harlan4096 — 08:55
Synchredible 8 Professional Edition v8.2...
          Synchredib...zevish — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>