Skip to main content
Information Security

All Questions

Ask Question
Tagged with
10 questions
Newest Active Bountied Unanswered
0 votes
1 answer
236 views

DNS local cache spoofing with malware or RAT

I was learning networking and knew that browsers don't have algorithms to convert domain names to IPs. It queries a DNS server. After that, the computer remembers the IP, so next time the domain is ...
Jenia's user avatar
Jenia
  • 119
0 votes
1 answer
240 views

Spoofed DNS answers ignored by target machine applications

Attacker: Arch Linux Target: Windows 10 Scenario The attackers launches an ARP spoof attack to redirect all target traffic to the attacker. (This works) The target sends DNS queries for domain name ...
Burst's user avatar
Burst
  • 23
3 votes
1 answer
6k views

Why does DNS Spoofing not working on HTTP ,HTTPS Sites? [in my case]

I am trying to perform a DNS spoofing attack, but the confusing thing is that when I'm performing the attack on HTTP sites, nothing happens. But when I perform it on HTTPS sites, when I reach the ...
Golden Eagle's user avatar
Golden Eagle
  • 31
1 vote
3 answers
912 views

Does ARP or DNS spoofing play a role when performing MITM in fake AP attacks?

I have a test environment, where I try some wireless hacking tools and approaches, and lately I have been interested in evil twin attacks. I created a fake AP using airbase-ng, and specified the IP ...
typos's user avatar
typos
  • 473
-2 votes
1 answer
5k views

How to dnsspoof against HTTPS

I am doing a dnsspoof PoC, but apparently it doesn't work with HTTPS because of the certificate. Please don't tell me that I have to generate a certificate or send a legitimate certificate, I want ...
aDoN's user avatar
aDoN
  • 293
1 vote
1 answer
296 views

How does the DNS-spoofer know the original destination of the packet?

It's perhaps my lack of deeper knowledge of how the DNS, NAT or TCP works, but I have been thinking about the following scenario and can't figure out the following problem which arises in DNS-spoofing ...
NumberFour's user avatar
NumberFour
  • 195
6 votes
1 answer
2k views

DSL Modem Compromised?

Just found out that the primary & secondary DNS servers have been changed to 95.211.156.101 & 5.45.75.11. I had the following setup in place. MAC filtering and WPA2 for WiFi. ...
saleem's user avatar
saleem
  • 63
15 votes
5 answers
5k views

Can I avoid DNS spoofing by typing the IP address?

The question is in the title. I have been reading about DNS spoofing. What if I were to save the IP addresses of websites I consider sensitive and then just enter the IP address when I am using a ...
Lmk's user avatar
Lmk
  • 151
6 votes
3 answers
3k views

Does NAT break source port randomization?

The standard defense against the Kaminsky attack is to use source port randomization for all DNS requests. Does NAT break the security benefits of source port randomization? In more detail, consider ...
D.W.'s user avatar
D.W.
  • 100k
2 votes
1 answer
205 views

DNS Cache poisioning examples, or other criteria when a client ignores a response

Is there a concise set of rules that describe what 99% percent of DNS responders accept? Conversely, are there are set of rules that define when DNS queries are invalid? I would think that the ...
makerofthings7's user avatar
makerofthings7
  • 51k