Why is DNS security important? DNS is the lifeblood of the internet and is a fundamental service that most of us take for granted. It is a highly specialized yet simple protocol that renders the vastly diverse resources abound on the internet available to its human users via a written linguistic abstraction. You interact with it every day when you type google.com, but you know this already so I will spare you the remedial math. As DNS functions via a mechanism that is invisible to us, it is easily manipulated without our knowledge. This article will demonstrate the methods and goals of bad actors that target the DNS attack service.
In a nutshell ( or an oystershell for that matter ), DNS Security is the discipline of preventing redirection attacks or having your traffic routed to a place you dont want to go. It also involves insulating your DNS servers from unwittingly being conscripted into DDOS attacks. For the most part, these kinds of attacks are discussed in highly abstracted terms and they fail to describe the method of engagement, i.e., where the attacker has to be and what he has to have in order to execute the attack — (read: gripe) I find the ommision of this detail to be a failing of most security articles — more on that later…
DNS Cache Poisoning: In its most exciting detail, cache poisoning is a form of DNS Spoofing that occurs when forged DNS entries have been injected into a resolver’s cache, then subsequently served as legitamate answers to a querying host. Imagine opening up your phone’s address book and clicking on someone’s name, just to have your phone call a different number!
Now unimagine it. After researching this for a while, it appears that this kind of attack ( on-LAN, brute-force method of pushing answers into a DNS server after making a request and relying on a race condition ) has been largely mitigated by using randominzed port number along with a randomized QueryID.
2. Examples of being poned via DNS
cache poisoning, Reflection Attack
:
3. Describe malware’s DNS necessity
4. How to address DNS security issues
5. What is all the fuss about 1.1.1.1?