DNS (Domain Name System) Spoofing Attacks

DNS is the short for Domain Name System. DNS is a required service in TCP/IP networks and it translates domain names into IP addresses. Computers in the network communicate using IP address. IP addresses are a 32 bit numbers which are difficult to remember. Domain names are alphabetic and for humans they are easier to remember. When we use a domain name to communicate with another host, DNS service must translate the name into the corresponding IP address.

DNS Servers keep a database of domain names and corresponding IP addresses. DNS Spoofing attacks are made by changing a domain name entry of a legitimate server in the DNS server to point to some IP other than it, and then hijacking the identity of the server.

Generally there are two types of DNS poisoning attacks; DNS cache poisoning and DNS ID Spoofing.

In DNS cache poisoning a DNS server is made to cache entries which are not originated from authoritative Domain Name System (DNS) sources. IN DNS ID spoofing, an attacker hack the random identification number in DNS request and reply a fake IP address using the hacked identification number.

Related Tutorials