What is DNS Cache Poisoning ?
DNS cache poisoning, also known as DNS spoofing, is a type of attack that exploits vulnerabilities in the domain name system (DNS) to divert Internet traffic away from legitimate servers and towards fake ones.
What Is a DNS Cache?
A DNS cache contains entries that translate Internet domain names *such as “www.rumittips.comcom”) to IP addresses. The Internet’s Domain Name System (DNS) involves caching on both Internet DNS servers and on the client computers that contact DNS servers. These caches provide an efficient way for DNS to efficiently keep the Internet synchronized as the IP addresses of some servers change and as new servers come online.
DNS Cache Poisoning :-
A DNS cache becomes poisoned (sometimes also called polluted) when unauthorized domain names or IP addresses are inserted into it. Occasionally a cache may become corrupted due to technical glitches or administrative accidents, but DNS cache poisoning is typically associated with computer viruses or other attacks that insert invalid entries which redirect clients to malicious Web sites or other Internet servers.
The Solution :-
208.67.222.222 208.67.220.220
Free openly distributed DNS servers that provide greater reliability and security for business and home users surfing the web.
8.26.56.26 8.20.247.20
3. If you are using Comodo dragon browser, you must be enable “Enalbe malware domain filtering ” in your dragon browser properties
4. The long-term solution to DNS cache poisoning is DNSSEC. DNSSEC will allow organizations to sign their DNS records using public-key cryptography, ensuring that your computer will know whether a DNS record should be trusted or whether it’s been poisoned and redirects to an incorrect location.
Enable DNSSec in windows server and Windows7/8
Open group policy > Run > gpedit.msc
Hope you like my post What is DNS Cache Poisoning. Please Share with others.
