DNS Cache Poisoning

DNS Cache Poisoning

DNS Cache Poisoning , (aka “DNS Spoofing”), is a cyber attack that exploits vulnerabilities in the domain name system (DNS) by diverting Internet traffic away from legitimate servers and towards fake ones.

DNS cache poisoning enables an attacker to pollute the data in DNS servers-including those managed by your company and your service provider-with bogus information that re-routes your traffic to the attacker’s sites by changing data in DNS to point to their IP address instead of yours. Once traffic is re-routed attacks can take many forms, most of which are extremely difficult to detect:

  • An attacker may impersonate your Web presence and collect private data from your customers, partners and employees.
  • Your email may be sent to an intermediary server where it is opened and even modified before reaching you or your intended recipient.
  • Your anti-spam system can be fooled into allowing malicious email and blocking legitimate email.
  • Your Web traffic may be sent to a site that looks like your intended destination (say, your bank’s Web site) but is operated by attackers, where they can collect your user name, accounts and passwords.
  • An attacker can use the “Forgot Password” function on your Web site to retrieve your users’ passwords.
  • Your Web traffic or ecommerce transactions may be routed through an intermediary site where they are “sniffed” and modified before being passed on to the intended destination.

Did you find this article valuable?

Support Cyber Security by becoming a sponsor. Any amount is appreciated!