DNS Cache Poisoning.

Slides:



Advertisements
Similar presentations
Network Attacks Mark Shtern.
Advertisements

Concept Doppler: A weather Tracker For Internet Censorship Author: Jedidiah R. Crandall, Danial Zinn, Michael Byrd, Earl Barr, Rich East Presented At:
Information-Centric Networks05a-1 Week 5 / Paper 1 On the use and performance of content distribution networks –Balachander Krishnamurthy, Craig Wills,
Water Torture: A Slow Drip DNS DDoS Attack on QTNet
Module 3 DNS Types.
Harness Your Internet Activity. Zeroing in On Zero Days DNS OARC Spring 2014 Ralf Weber
Got DNS? A review of Domain Name Services and how it impacts website developers. By Jason Baker Digital North.
WEB SPOOFING by Miguel and Ngan. Content Web Spoofing Demo What is Web Spoofing How the attack works Different types of web spoofing How to spot a spoofed.
By Chris Racki. Outline  Introduction  How DNS works  A typical DNS lookup  Caching for later  Vulnerabilities of DNS  Anatomy of a cache poisoning.
Chapter 20 – Firewalls The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz.
DNS Security Pacific IT Pros Nov. 5, Topics DoS Attacks on DNS Servers DoS Attacks by DNS Servers Poisoning DNS Records Monitoring DNS Traffic Leakage.
Naming March 8, Networks What is naming?  Associations between some elements in a set of names and some elements in a set of values  Binding.
McLean HIGHER COMPUTER NETWORKING Lesson 14 Firewalls & Filtering Comparison of Internet content filtering methods: firewalls, Internet filtering.
Questions: What is the research question (in the field of International Relations) that you are interested in at this moment? How would you design your.
DNS Cache Poisoning. History 1993 – DNS protocol allowed attacker to inject false data which was then cached 1997 – BIND 16-bit transaction ids not randomized,
What's a Firewall? A security system that acts as a protective boundary between a network and the outside world Isolates computer from the internet using.
Grades update. Homework #1 Count35 Minimum Value47.00 Maximum Value Average
Short Intro to DNS (part of Tirgul 9) Nir Gazit. What is DNS? DNS = Domain Name System. For translation of host names to IPs. A Distributed Database System.
Matt Jennings.  What is DDoS?  Recent DDoS attacks  History of DDoS  Prevention Techniques.
SESSION HIJACKING It is a method of taking over a secure/unsecure Web user session by secretly obtaining the session ID and masquerading as an authorized.
Domain Name System: DNS To identify an entity, TCP/IP protocols use the IP address, which uniquely identifies the Connection of a host to the Internet.
© 2014 ISC Tales of the unexpected - handling unusual DNS client behaviour UKNOF29 – Cathy Almond, ISC.
DNS Security Risks Section 0x02. Joke/Cool thing traceroute traceroute c
THE DNS (DOMAIN NAME SYSTEM). Before the DNS, all computers connected to the internet through ARPANET (the worlds first operational packet switching network).
Polytechnic University Firewall and Trusted Systems Presented by, Lekshmi. V. S cos
DNS Cache Poisoning Detection at the end-user level.
The Domain Name System and You Presented by Myself B101 Technology Context Lecturer: Chi Nguyen.
Agenda Spoofing Types of Spoofing o IP Spoofing o URL spoofing o Referrer spoofing o Caller ID spoofing o Address Spoofing.
Internet Service Providers and types of internet connections
The Great Firewall of China What is it and how does it work?
Introduction to Information Security
DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses E.g., thesiger.cs.ucla.edu translates to DNS.
DNS Security Advanced Network Security Peter Reiher August, 2014
IP, TCP, DNS.
DNS Operation And Security Protection
DDoS.
Practical Censorship Evasion Leveraging Content Delivery Networks
Living on the Edge: (Re)focus DNS Efforts on the End-Points
DNS Session 5 Additional Topics
Unit 5: Providing Network Services
CPS 512 midterm exam #1, 10/5/17 Your name please: NetID:_______ Sign for your honor:____________________________.
DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses E.g., thesiger.cs.ucla.edu translates to DNS.
Who should be responsible for risks to basic Internet infrastructure?
DNS security.
Cookies, Web Cache & DNS Dr. Adil Yousif.
Domain Name System Presentation
Computer Networks: Domain Name System 1.
DoS - DNS Attacks A famous DNS attack was a DDoS "ping" attack. The attackers broke into machines on the Internet (popularly called "zombies") and.
CS4622: Computer Networking
Information Assurance Day Course Man-in-the-middle Attacks
The Challenges of DNS Resolution in China Tim Hale, Solutions Engineer.
Network Security: DNS Spoofing, SQL Injection, ARP Poisoning
DoS is Over MPICT June 12, 2012.
ARP Spoofing.
NET 536 Network Security Lecture 8: DNS Security
How traditional systems work:
NET 536 Network Security Lecture 6: DNS Security
System & Network Administration (MCSA & RHCSA)
Multilingual Domain Name(m-DNS)
Intro Cyber Security Labs on GENI
Firewalls Chapter 8.
Presentation slide for courses, classes, lectures et al.
Firewall Installation
(DNS – Domain Name System)
Temple BETT Technology Applications
DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses E.g., thesiger.cs.ucla.edu translates to DNS.
DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses E.g., thesiger.cs.ucla.edu translates to DNS.
Wireless Spoofing Attacks on Mobile Devices
Intro Cyber Security Labs on GENI
Presentation transcript:

DNS Cache Poisoning

How DNS Works Cached, or look … Who is ‘twitter.com’? “Authoritative” DNS Server Name IP www.twitter.com 104.244.42.1 www.rit.edu 129.21.1.40

How DNS Works (spoofed) Cached, or look … Who is ‘twitter.com’? “Authoritative” DNS Server Name IP www.twitter.com 104.244.42.1 www.rit.edu 129.21.1.40 www.chase.com ? Name IP www.twitter.com 104.244.42.1 www.rit.edu 129.21.1.40 www.chase.com 130.55.5.5 130.55.5.5 Fake DNS response to insert bogus name lookup into cache

Cache TTL DNS servers also have a “Time to Live” Basically, how long to keep the cached data By modifying TTL, the spoofed data can stay in the cache much longer, extending the time of the attack!

A famous but almost intentional attack Cached, or look … Who is ‘twitter.com’? Network traffic in China is restricted by blocking certain sites The country level DNS server is one way sites like twitter may be blocks by redirecting traffic All Chinese network traffic The IPS started pointing to the Chinese DNS server, effectively spoofing itself! “Authoritative” DNS Server [China] If twitter.com, redirect to Chinese page Non Chinese IPS Normal DNS Server

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.