HomeSecurity

DNS Spoofing

Abby Braden
Abby Braden
Updated on:

Also referred to as DNS cache poisoning, Domain Name Server (DNS) spoofing is a form of computer security hacking in which false information is placed in a DNS resolver cache. Altered DNS records are used to redirect online traffic to a fraudulent website that resembles its intended destination.

With DNS spoofing, unsuspecting victims end up on malicious websites. Once there, victims are prompted to login into their account (or a false version of it), giving the attacker the ability to steal their credentials and other types of sensitive information. The malicious website is also used to install worms or viruses on a victim’s computer, giving the attacker long-term access to both the computer and the data it stores.

How DNS spoofing works

A DNS server translates human-readable domain names into numerical IP addresses so that computers can process them. This is used to route communications between nodes. If the server does not know a requested translation it will ask another server, with the process continuing in a circular pattern. To increase performance, a server will cache these translations for a certain amount of time.

When a DNS server has received a false translation and caches it for performance, the false translation is considered to be poisoned and it supplies false information to clients. If a DNS server is poisoned, it will return an incorrect IP address, diverting traffic to another computer, often an attacker’s.

Methods for DNS spoofing

  • Man-in-the-middle attack: An attacker steps between the web browser and DNS server to infect both simultaneously. The result is a redirect to a malicious site hosted on the attacker’s own local server.
  • DNS server hijack: An attacker directly reconfigured the server to direct all requesting users to the malicious site. Once a fraudulent DNS entry is injected onto the DNS server, any IP request for the spoofed domain will result in the fake site.
  • DNS cache poisoning via spam: The code for cache poisoning is typically found in URLs sent via spam emails. These emails attempt to frighten users intp clicking on the URL, infecting their computer. Banner ads and images can also send users to this code. Once poisoned, the computer will take users to the fake website spoofed to appear like the real site.

Preventing DNS spoofing

Website owners and service providers can prevent DNS spoofing by:

  • Investing in DNS spoofing protection tools
  • Using domain name system security extensions
  • Using end-to-end encryption

Endpoint users can prevent DNS spoofing by:

  • Avoiding clicking on an unrecognized link
  • Regularly scanning a computer for malware
  • Flushing the DNS cache to solve poisoning
  • Using a Virtual Private Network (VPN)

 

Abby Braden
Abby Braden
Abby Braden is an award-winning writer and editor for websites such as TechnologyAdvice.com, Webopedia.com, and Project-Management.com, where she covers technology trends and enterprise and SMB project management platforms. When she’s not writing about technology, she enjoys giving too many treats to her dog and coaching part-time at her local gym.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.

Related Articles

Embedded Analytics

Applications Webopedia Staff - 0
Embedded analytics brings self-service business intelligence to everyday application users.

HRIS

Development Jenna Phipps - 0
Human resources information system (HRIS) solutions help businesses manage multiple facets of their workforce operations. They provide a central platform for human resources professionals...

Complete List of Cybersecurity Acronyms

Insights Kaiti Norton - 0
Cybersecurity news and best practices are full of acronyms and abbreviations. Without understanding what each one means, it's difficult to comprehend the significance of...

Human Resources Management System

Development Vangie Beal - 0
A Human Resources Management System (HRMS) is a software application that supports many functions of a company's Human Resources department, including benefits administration, payroll,...

Related Articles

Definitions

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...
Read more
Development

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...
Read more
Definitions

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...
Read more

Webopedia is an online information technology and computer science resource for IT professionals, students, and educators. Webopedia focuses on connecting researchers with IT resources that are most helpful for them. Webopedia resources cover technology definitions, educational guides, and software reviews that are accessible to all researchers regardless of technical background.

Advertisers

Advertise with TechnologyAdvice on Webopedia and our other IT-focused platforms.

Advertise with Us

Menu

Our Brands

Property of TechnologyAdvice.
© 2022 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.