DNS Hijack Demonstration (Diverting User Application via DNS) Giovanni Marzot, Ólafur Guðmundsson,

Slides:



Advertisements
Similar presentations
TERMINAL SERVER DEPLOYMENT PLAN. STEP 1: PREPARATION  UTILIZE THE CURRENT SERVER FOR: ACTIVE DIRECTORY (AD) ACTIVE DIRECTORY (AD) NEEDED FOR STORAGE.
Advertisements

TOPIC LEARNING BTEC Level 3 Unit 28 Websites L01- All students will understand the web architecture and components which allow the internet and websites.
Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile.
Hands-On Ethical Hacking and Network Defense Lecture 15 Man in the Middle Attack to get Passwords from HTTPS Sessions.
Session Hijacking Why web security depends on communications security and how TLS everywhere is the only solution. Scott Helme - 6th Aug scotthel.me.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Services Networking for Home and Small Businesses – Chapter 6.
Network Layer and Transport Layer.
Design Aspects. User Type the URL address on the cell phone or web browser Not required to login.
1 Review For Exam 3 (Part 2) BUS Abdou Illia, Fall 2009.
Chapter 12: Anatomy of an Attack
Intro to Computer Networks DNS (Domain Name System) Bob Bradley The University of Tennessee at Martin.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Application Layer. Domain Name System Domain Name System (DNS) Problem – Want to go to but don’t know the IP addresswww.google.com Solution.
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.
DUKE UNIVERSITY DNSSEC 101 Kevin Miller.
Managing Client Access
First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.
1 Title ECI: Anatomy of a Cyber Investigation Who Are the Actors.
WEB SPOOFING by Miguel and Ngan. Content Web Spoofing Demo What is Web Spoofing How the attack works Different types of web spoofing How to spot a spoofed.
Module 4: Add Client Computers and Devices to the Network.
University of the Western Cape Chapter 15 – Application Layer The application layer is responsible for the following: Identifying and establishing the.
What DNS is Not 0 Kylie Brown, Jordan Eberst, Danielle Franz Drew Hanson, Dennis Kilgore, Charles Newton, Lindsay Romano, Lisa Soros 0 Paul Vixie
Computer & Network Security
Trouble-shooting Tips Georgia Bulldogs I can receive, but not send messages  If you can successfully receive messages, but can’t send.
15 Semester 1 JEOPARDY IndirectnetworksupportDNSDNSNetworkApps.NetworkApps.MoreNetworkApps.Misc.Misc
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 6: Name Resolution.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network, Enhanced Chapter 6: Name Resolution.
Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 OSI Transport Layer Network Fundamentals – Chapter 4.
Deploying a Web Application Presented By: Muhammad Naveed Date:
Phishing Pharming Spam. Phishing: Definition  A method of identity theft carried out through the creation of a website that seems to represent a legitimate.
Types of Electronic Infection
Drive-by pharming is an interesting type of networking attack that combines multiple networking vulnerabilities and average user laziness to create an.
The Inter-network is a big network of networks.. The five-layer networking model for the internet.
Information Flow Across the Internet. What is the Internet? A large group of computers that link together to form the Worldwide Area Network (WAN)
Outlook WEB How to access your Brevard County Schools Outlook from any Internet-based PC.
IT Essentials 1 Chapter 9 JEOPADY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.
1 After completing this lesson, you will be able to: Transfer your files to the Internet. Choose a method for posting your Web pages. Use Microsoft’s My.
Application Services COM211 Communications and Networks CDA College Theodoros Christophides
SchoolSite Online: An introduction. Session overview SchoolSite Online background What does it do? How is it different? How do I become a user? SchoolSite.
Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
* Agenda  What is the DNS ?  Poisoning the cache  Short term solution  Long term solution.
McLean HIGHER COMPUTER NETWORKING Lesson 13 Denial of Service Attacks Description of the denial of service attack: effect: disruption or denial of.
Accessing Evitech network via FTP by Susan Jansson.
Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION.
Attention After changing your internet browser (proxy) settings, you can only access those web sites allowed/directed by KHU Library. In order to browse.
Ziyad Ibrahim 10DD.  What is Internet? What is Internet?  Who owns the internet? Who owns the internet?  How do you connect to the internet? How do.
Family Connection Collaborative Webs A Tool for Creating and Managing Web sites.
Website Design:. Once you have created a website on your hard drive you need to get it up on to the Web. This is called "uploading“ or “publishing” or.
Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.
Lecture 16 Page 1 CS 236 Online Exploiting Statelessness HTTP is designed to be stateless But many useful web interactions are stateful Various tricks.
Trouble-shooting Tips Georgia Bulldogs I can receive, but not send messages  If you can successfully receive messages, but can’t send messages,
WHAT IS INTERNET?.  Today the internet offers the opportunity to access to any information, to correspond with someone who has an account, or.
BTT 10. What is the internet?  A question to all of you…  how-many-people-use-the-internet- more-than-2-billion-infographic/
Quiz 2 Post-Mortem Bruce Maggs. 2 Create a new BitCoin address, and use it only once. E.g., create a new wallet. Create a new address and mine a BitCoin.
Uniform Resource Locator URL protocol URL host Path to file Every single website on the Internet has its own unique.
E-Commerce & Bank Security By: Mark Reed COSC 480.
Threats Relating to Transport Layer Protocols Handling Multiple Addresses Masataka Ohta Tokyo Institute of technology
THE DNS (DOMAIN NAME SYSTEM). Before the DNS, all computers connected to the internet through ARPANET (the worlds first operational packet switching network).
How To Remove Flooders?-Get Help Website:
Understand Names Resolution
Some Common Terms The Internet is a network of computers spanning the globe. It is also called the World Wide Web. World Wide Web It is a collection of.
ICT Communications Lesson 1: Using the Internet and the World Wide Web
Providing Network Services
الانترنت والبريد الإلكتروني
Computer Security.
HTTP and Abstraction on the Internet / The Need for DNS
Protocol Application TCP/IP Layer Model
Presentation transcript:

DNS Hijack Demonstration (Diverting User Application via DNS) Giovanni Marzot, Ólafur Guðmundsson, Shinkuro, Russ Mundy, 1

Why Worry About DNS?  Users think in terms of names  Applications primarily use DNS names  Internet uses network addresses to create connections  DNS provides the translation from names to network addresses  Proper DNS functions required by essentially all Network Applications  If DNS doesn’t work right,   the applications won’t get to the intended server

DNS Hijack Threat  DNS attacks provide a way to divert users applications, e.g.,  Redirecting user applications to false locations to steal passwords or other sensitive information  Redirect to a man-in-the-middle location  See and copy an entire session  Web, , IM, etc.  Multiple DNS hijack tools available on the Internet  Some University courses have required students to write DNS hijack software as a class assignment!

Normal DNS & Web Exchange Web Server Auth NS ns1.ab.org User Recursive NS Query: “INTERNET”

Web Server Auth NS ns1.ab.org User Recursive NS Redirected Website 1 Query: Query: “INTERNET” DNS Hijacked Web Exchange DNS Hijacker ? ?

6 1 Webpage = Multiple Name Resolutions

How Can DNSSEC Help?  DNSSEC can ensure users that they are reaching the right location  DNSSEC provides crytographic information that can be used to verify that DNS information:  came from the proper source and  it was not changed enroute  Demonstration will show a web site tailored for effective use of DNSSEC and a web browser that uses DNSSEC

Questions, Thoughts or Comments?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.