DNS cache poisoning - Are you Impacted ?
Thursday, July 24, 2008
What is DNS cache poisoning ?
DNS cache poisoning (also known as DNS cache pollution) is a maliciously created or unintended situation that provides data to a Domain Name Server that did not originate from authoritative DNS sources. It occur if DNS "spoofing attack" has been encountered. An attacker will send malicious data / non-secure data in response to a DNS query. For example dns query for www.google.com can be redirected to www.example.com
There are several DNS servers vulnerable to these attack, http://www.kb.cert.org/vuls/id/800113
How do I verify that my ISP or my own recursive resolvers are free from DNS cache poisoning bug ?
There are serveral tools online to find out,
http://member.dnsstuff.com/tools/vu800113.php
http://www.doxpara.com/
Regards,
VINOD M
DNS cache poisoning (also known as DNS cache pollution) is a maliciously created or unintended situation that provides data to a Domain Name Server that did not originate from authoritative DNS sources. It occur if DNS "spoofing attack" has been encountered. An attacker will send malicious data / non-secure data in response to a DNS query. For example dns query for www.google.com can be redirected to www.example.com
There are several DNS servers vulnerable to these attack, http://www.kb.cert.org/vuls/id/800113
How do I verify that my ISP or my own recursive resolvers are free from DNS cache poisoning bug ?
There are serveral tools online to find out,
http://member.dnsstuff.com/tools/vu800113.php
http://www.doxpara.com/
Regards,
VINOD M
Labels: DNS, Technology