Slideshow: How DNS cache poisoning works

Tips to thwart DNS cache-poisoning attacks

Slideshow: How DNS cache poisoning works next

Loading...

Expiration of domain entry opens door: With cache poisoning an attacker tries to insert a fake address entry into a DNS server. In the past an attacker could only attack a DNS server when it was refreshing a cache entry.

1. Attacker figures out when a domain entry will expire on a caching server using readily available tools. 2. Attacker "races" the legitimate DNS server, trying to get the caching server to accept a fake response. 3. In order to be accepted the fake response must match query parameters of the actual response.

Next 1/8

Comments on this image

Close

Slideshow: How DNS cache poisoning works

8 images
Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?