Presentation is loading. Please wait.

Presentation is loading. Please wait.

DNS Cache Poisoning.

Published byVeronica Berry Modified over 5 years ago

Similar presentations

Presentation on theme: "DNS Cache Poisoning."— Presentation transcript:

1 DNS Cache Poisoning

2 How DNS Works Cached, or look … Who is ‘twitter.com’?
“Authoritative” DNS Server Name IP

3 How DNS Works (spoofed)
Cached, or look … Who is ‘twitter.com’? “Authoritative” DNS Server Name IP ? Name IP Fake DNS response to insert bogus name lookup into cache

4 Cache TTL DNS servers also have a “Time to Live”
Basically, how long to keep the cached data By modifying TTL, the spoofed data can stay in the cache much longer, extending the time of the attack!

5 A famous but almost intentional attack
Cached, or look … Who is ‘twitter.com’? Network traffic in China is restricted by blocking certain sites The country level DNS server is one way sites like twitter may be blocks by redirecting traffic All Chinese network traffic The IPS started pointing to the Chinese DNS server, effectively spoofing itself! “Authoritative” DNS Server [China] If twitter.com, redirect to Chinese page Non Chinese IPS Normal DNS Server

Download ppt "DNS Cache Poisoning."

Similar presentations

Network Attacks Mark Shtern.

Network Attacks Mark Shtern.
Concept Doppler: A weather Tracker For Internet Censorship Author: Jedidiah R. Crandall, Danial Zinn, Michael Byrd, Earl Barr, Rich East Presented At:

Concept Doppler: A weather Tracker For Internet Censorship Author: Jedidiah R. Crandall, Danial Zinn, Michael Byrd, Earl Barr, Rich East Presented At:
Information-Centric Networks05a-1 Week 5 / Paper 1 On the use and performance of content distribution networks –Balachander Krishnamurthy, Craig Wills,

Information-Centric Networks05a-1 Week 5 / Paper 1 On the use and performance of content distribution networks –Balachander Krishnamurthy, Craig Wills,
Water Torture: A Slow Drip DNS DDoS Attack on QTNet

Water Torture: A Slow Drip DNS DDoS Attack on QTNet
Module 3 DNS Types.

Module 3 DNS Types.
Harness Your Internet Activity. Zeroing in On Zero Days DNS OARC Spring 2014 Ralf Weber

Harness Your Internet Activity. Zeroing in On Zero Days DNS OARC Spring 2014 Ralf Weber
Got DNS? A review of Domain Name Services and how it impacts website developers. By Jason Baker Digital North.

Got DNS? A review of Domain Name Services and how it impacts website developers. By Jason Baker Digital North.
WEB SPOOFING by Miguel and Ngan. Content Web Spoofing Demo What is Web Spoofing How the attack works Different types of web spoofing How to spot a spoofed.

WEB SPOOFING by Miguel and Ngan. Content Web Spoofing Demo What is Web Spoofing How the attack works Different types of web spoofing How to spot a spoofed.
By Chris Racki. Outline  Introduction  How DNS works  A typical DNS lookup  Caching for later  Vulnerabilities of DNS  Anatomy of a cache poisoning.

By Chris Racki. Outline  Introduction  How DNS works  A typical DNS lookup  Caching for later  Vulnerabilities of DNS  Anatomy of a cache poisoning.
Chapter 20 – Firewalls The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz.

Chapter 20 – Firewalls The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz.
DNS Security Pacific IT Pros Nov. 5, 2013. Topics DoS Attacks on DNS Servers DoS Attacks by DNS Servers Poisoning DNS Records Monitoring DNS Traffic Leakage.

DNS Security Pacific IT Pros Nov. 5, Topics DoS Attacks on DNS Servers DoS Attacks by DNS Servers Poisoning DNS Records Monitoring DNS Traffic Leakage.
Naming March 8, 2001. 2 Networks What is naming?  Associations between some elements in a set of names and some elements in a set of values  Binding.

Naming March 8, Networks What is naming?  Associations between some elements in a set of names and some elements in a set of values  Binding.
McLean 20061 HIGHER COMPUTER NETWORKING Lesson 14 Firewalls & Filtering Comparison of Internet content filtering methods: firewalls, Internet filtering.

McLean HIGHER COMPUTER NETWORKING Lesson 14 Firewalls & Filtering Comparison of Internet content filtering methods: firewalls, Internet filtering.
Questions: What is the research question (in the field of International Relations) that you are interested in at this moment? How would you design your.

Questions: What is the research question (in the field of International Relations) that you are interested in at this moment? How would you design your.
DNS Cache Poisoning. History 1993 – DNS protocol allowed attacker to inject false data which was then cached 1997 – BIND 16-bit transaction ids not randomized,

DNS Cache Poisoning. History 1993 – DNS protocol allowed attacker to inject false data which was then cached 1997 – BIND 16-bit transaction ids not randomized,
What's a Firewall? A security system that acts as a protective boundary between a network and the outside world Isolates computer from the internet using.

What's a Firewall? A security system that acts as a protective boundary between a network and the outside world Isolates computer from the internet using.
Grades update. Homework #1 Count35 Minimum Value47.00 Maximum Value100.00 Average84.94 90 - 1009 80 - 8914 70 - 7910 40 - 491.

Grades update. Homework #1 Count35 Minimum Value47.00 Maximum Value Average
Short Intro to DNS (part of Tirgul 9) Nir Gazit. What is DNS? DNS = Domain Name System. For translation of host names to IPs. A Distributed Database System.

Short Intro to DNS (part of Tirgul 9) Nir Gazit. What is DNS? DNS = Domain Name System. For translation of host names to IPs. A Distributed Database System.
Matt Jennings.  What is DDoS?  Recent DDoS attacks  History of DDoS  Prevention Techniques.

Matt Jennings.  What is DDoS?  Recent DDoS attacks  History of DDoS  Prevention Techniques.
SESSION HIJACKING It is a method of taking over a secure/unsecure Web user session by secretly obtaining the session ID and masquerading as an authorized.

SESSION HIJACKING It is a method of taking over a secure/unsecure Web user session by secretly obtaining the session ID and masquerading as an authorized.

Similar presentations

Ads by Google