Presentation is loading. Please wait.

Presentation is loading. Please wait.

DNS Hijack Demonstration (Diverting User Application via DNS) Giovanni Marzot, Ólafur Guðmundsson,

Published byScot Harper Modified over 9 years ago

Similar presentations

Presentation on theme: "DNS Hijack Demonstration (Diverting User Application via DNS) Giovanni Marzot, Ólafur Guðmundsson,"— Presentation transcript:

1 DNS Hijack Demonstration (Diverting User Application via DNS) Giovanni Marzot, giovanni.marzot@cobham.com, Cobhamgiovanni.marzot@cobham.com Ólafur Guðmundsson, ogud@shinkuro.com, Shinkuro, Inc.ogud@shinkuro.com Russ Mundy, russ.mundy@cobham.com, Cobhamruss.mundy@cobham.com 1

2 Why Worry About DNS?  Users think in terms of names  Applications primarily use DNS names  Internet uses network addresses to create connections  DNS provides the translation from names to network addresses  Proper DNS functions required by essentially all Network Applications  If DNS doesn’t work right,   the applications won’t get to the intended server

3 DNS Hijack Threat  DNS attacks provide a way to divert users applications, e.g.,  Redirecting user applications to false locations to steal passwords or other sensitive information  Redirect to a man-in-the-middle location  See and copy an entire session  Web, email, IM, etc.  Multiple DNS hijack tools available on the Internet  Some University courses have required students to write DNS hijack software as a class assignment!

4 Normal DNS & Web Exchange Web Server www.ab.org 192.168.2.80 Auth NS ns1.ab.org 192.168.2.252 User 192.168.1.3 192.168.1.1 192.168.2.1 Recursive NS 10.2.2.2 10.1.1.2 10.1.1.253 10.1.1.1 10.2.2.1 1 Query: www.ab.org? 2 www.ab.org=192.168.2.80 4 5 3 “INTERNET”

5 Web Server www.ab.org 192.168.2.80 Auth NS ns1.ab.org 192.168.2.252 User 192.168.1.3 192.168.1.1 192.168.2.1 Recursive NS 10.2.2.2 10.1.1.2 10.1.1.253 10.1.1.1 10.2.2.1 Redirected Website 1 Query: www.ab.org? 2 www.ab.org=10.2.2.1 Query: www.ab.org? www.ab.org=192.168.2.80 “INTERNET” DNS Hijacked Web Exchange DNS Hijacker 192.168.1.99 3 ? ?

6 6 1 Webpage = Multiple Name Resolutions

7 How Can DNSSEC Help?  DNSSEC can ensure users that they are reaching the right location  DNSSEC provides crytographic information that can be used to verify that DNS information:  came from the proper source and  it was not changed enroute  Demonstration will show a web site tailored for effective use of DNSSEC and a web browser that uses DNSSEC

8 Questions, Thoughts or Comments?

Download ppt "DNS Hijack Demonstration (Diverting User Application via DNS) Giovanni Marzot, Ólafur Guðmundsson,"

Similar presentations

TERMINAL SERVER DEPLOYMENT PLAN. STEP 1: PREPARATION  UTILIZE THE CURRENT SERVER FOR: ACTIVE DIRECTORY (AD) ACTIVE DIRECTORY (AD) NEEDED FOR STORAGE.

TERMINAL SERVER DEPLOYMENT PLAN. STEP 1: PREPARATION  UTILIZE THE CURRENT SERVER FOR: ACTIVE DIRECTORY (AD) ACTIVE DIRECTORY (AD) NEEDED FOR STORAGE.
TOPIC LEARNING BTEC Level 3 Unit 28 Websites L01- All students will understand the web architecture and components which allow the internet and websites.

TOPIC LEARNING BTEC Level 3 Unit 28 Websites L01- All students will understand the web architecture and components which allow the internet and websites.
Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile.

Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile.
Hands-On Ethical Hacking and Network Defense Lecture 15 Man in the Middle Attack to get Passwords from HTTPS Sessions.

Hands-On Ethical Hacking and Network Defense Lecture 15 Man in the Middle Attack to get Passwords from HTTPS Sessions.
Session Hijacking Why web security depends on communications security and how TLS everywhere is the only solution. Scott Helme - 6th Aug 2013 - scotthel.me.

Session Hijacking Why web security depends on communications security and how TLS everywhere is the only solution. Scott Helme - 6th Aug scotthel.me.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Services Networking for Home and Small Businesses – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Services Networking for Home and Small Businesses – Chapter 6.
Network Layer and Transport Layer.

Network Layer and Transport Layer.
Design Aspects. User Type the URL address on the cell phone or web browser Not required to login.

Design Aspects. User Type the URL address on the cell phone or web browser Not required to login.
1 Review For Exam 3 (Part 2) BUS3500 - Abdou Illia, Fall 2009.

1 Review For Exam 3 (Part 2) BUS Abdou Illia, Fall 2009.
Chapter 12: Anatomy of an Attack

Chapter 12: Anatomy of an Attack
Intro to Computer Networks DNS (Domain Name System) Bob Bradley The University of Tennessee at Martin.

Intro to Computer Networks DNS (Domain Name System) Bob Bradley The University of Tennessee at Martin.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Application Layer. Domain Name System Domain Name System (DNS) Problem – Want to go to www.google.com, but don’t know the IP addresswww.google.com Solution.

Application Layer. Domain Name System Domain Name System (DNS) Problem – Want to go to but don’t know the IP addresswww.google.com Solution.
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.

Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.
DUKE UNIVERSITY WWW.OIT.DUKE.EDU DNSSEC 101 Kevin Miller.

DUKE UNIVERSITY DNSSEC 101 Kevin Miller.
Managing Client Access

Managing Client Access
First Community Bank www.fcbnm.com Prevx Safe Online Rollout & Best Practice Presentation.

First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.
1 Title ECI: Anatomy of a Cyber Investigation Who Are the Actors.

1 Title ECI: Anatomy of a Cyber Investigation Who Are the Actors.
WEB SPOOFING by Miguel and Ngan. Content Web Spoofing Demo What is Web Spoofing How the attack works Different types of web spoofing How to spot a spoofed.

WEB SPOOFING by Miguel and Ngan. Content Web Spoofing Demo What is Web Spoofing How the attack works Different types of web spoofing How to spot a spoofed.

Similar presentations

Ads by Google