<BODY><script type="text/javascript"> function setAttributeOnload(object, attribute, val) { if(window.addEventListener) { window.addEventListener('load', function(){ object[attribute] = val; }, false); } else { window.attachEvent('onload', function(){ object[attribute] = val; }); } } </script> <div id="navbar-iframe-container"></div> <script type="text/javascript" src="https://apis.google.com/js/platform.js"></script> <script type="text/javascript"> gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://www.blogger.com/navbar.g?targetBlogID\x3d18755935\x26blogName\x3dVINOD+MEDIA%E2%84%A2\x26publishMode\x3dPUBLISH_MODE_BLOGSPOT\x26navbarType\x3dBLUE\x26layoutType\x3dCLASSIC\x26searchRoot\x3dhttps://dmnvinod.blogspot.com/search\x26blogLocale\x3den_US\x26v\x3d2\x26homepageUrl\x3dhttp://dmnvinod.blogspot.com/\x26vt\x3d-1483311251890623224', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe" }); } }); </script>

DNS cache poisoning - Are you Impacted ?

Thursday, July 24, 2008
What is DNS cache poisoning ?

DNS cache poisoning (also known as DNS cache pollution) is a maliciously created or unintended situation that provides data to a Domain Name Server that did not originate from authoritative DNS sources. It occur if DNS "spoofing attack" has been encountered. An attacker will send malicious data / non-secure data in response to a DNS query. For example dns query for www.google.com can be redirected to www.example.com

There are several DNS servers vulnerable to these attack, http://www.kb.cert.org/vuls/id/800113

How do I verify that my ISP or my own recursive resolvers are free from DNS cache poisoning bug ?

There are serveral tools online to find out,

http://member.dnsstuff.com/tools/vu800113.php
http://www.doxpara.com/

Regards,
VINOD M

Labels: ,