- DNS spoofing also known as pharming attack. As we know, using the Domain Name System (DNS), people can identify Web sites with human-readable names (Such as yahoo.com). And computers can continue to treat them as IP addresses (such as 120.10.81.67). For this, a special server computer called a DNS server maintains the mappings between domain names and the corresponding IP addresses. The DNS server could be located anywhere. Usually, it is with the Internet Service Provider (ISP) of the users. With this background, the DNS spoofing attack works as follows.
- Suppose that there is a merchant (Bob) whose site’s domain name is bob.com. And the IP address is 100.10.10.20. Therefore, the DNS entry for Bob in all the DNS servers is maintained as follows: www.bob.com 100.1 0.10.20
- The attacker (say, Trudy) manages to hack and replace the IP address of Bob with her own (say 100.20.20.20) in the DNS server maintained by the ISP of a user, say Alice. Therefore, the DNS server maintained by the ISP of Alice now has the following entry: bob.com 100.2 0.20.20
- When Alice wants to communicate with Bob’s site, her web browser queries the DNS server maintained by her ISP for Bob’s IP address, providing in the domain name (bob.com). Alice gets the replayed (Trudy’s) IP address, 100.20.20.20.
- Now Alice starts communicating with Trudy, believing him to be Bob.
- Such attacks of DNS spoofing are quite common and cause a lot of havoc. Even worse, the attacker does not have to listen to the conversation on the wire. He has to simply be able to hack the DNS Server of the ISP and replace a single IP address with his own.
- A protocol called as DNSSec is use to repeal such attacks.
Related Articles
-
Explain modified version of Caesar Cipher
We all know in Caesar cipher we replace each alphabet with other alphabet which is 3 positions down the...
-
Implement Diffie Helman Key Exchange Algorithm
The following example implements Diffie Helman Exchange Algorithm. Click here to download the PDF File
-
Give the classification of Viruses
Parasitic Virus:- his is the most common form of virus. Such a virus attaches itself to executable files and...
-
Explain Caesar Cipher
Caesar cipher is substitution technique cipher In Caesar cipher we replace each alphabet with the alphabet that is actually...
-
What are ethical and legal issues in computer security system ?
Most ethical and legal issues in computer system are in the area of individual’s right to privacy versus the...
-
Implement Rail Fence Technology in Network Security – Tybscit Semester 5
In transposition cipher the alphabets of the plain text are rearranged in a different & usually quite complex...
-
Rail Fence Algorithm
Rail fence cipher The rail-fence technique is an example of transposition technique. It uses a simple algorithm. Steps...
-
Implement Caesar Cipher in Network Security tybscit Semester 5
The following example explains Caesar Cipher in Network Security and its implementation. Click here to download the PDF
