DNS Poisoning
. So a service has been created to convert these domain names into their respective IP addresses, this service is known as Domain Name Service (DNS), a computer or system which provides this service is known as Domain Name System. Now you can call it a coincidence that Domain Name Service and Domain Name System both end having same abbreviation DNS and the best part they don't even conflict with each other while using.
A DNS runs on DNS protocol that translates web address into its respective IP address. Now DNS poisoning or DNS spoofing is technique by which an attacker provides wrong IP address to DNS server for misdirecting users to fake websites. Following are types of DNS poisoning, in future post we will cover them briefly,
- Intranet DNS Spoofing/Poisoning
- Internet DNS Spoofing/Poisoning
- Proxy Server DNS Spoofing/Poisoning
- DNS Cache Spoofing/Poisoning
Intranet DNS poisoning is done over a LAN. It is usually performed over switched network with help of ARP poisoning. You can use Cain And Abel to perform this kinda attack. Internet DNS poisoning can be done over any system across world by changing DNS entries of victim's computer. In Proxy Server DNS poisoning we change proxy settings of victim to our IP address then redirect victim to fake website. In DNS cache poisoning an attacker changes IP address entries of target website on some specific DNS server then if any person asks that DNS for information it'll provide fake IP information to it.
