Questions tagged [dns-spoofing]
DNS Spoofing is a network attack whereby data is introduced into a Domain Name System (DNS) resolver's cache by an attacker that has no authority, causing diverting injected names to redirect traffic to a host controlled by the attacker.
136
questions
3
votes
1
answer
487
views
Does subdomain DNS cache poisoning depend on the authoritative name server ignoring requests for non-existing domains?
I'm reading "Introduction to Computer Security", Pearson New International Edition, 1st edition, by Goodrich and Tamassia.
On the subject of DNS cache poisoning, they mention that a "...
1
vote
1
answer
893
views
DNS spoofing over https [duplicate]
If a device sends a request to https://example.com and someone spoofs the DNS response to redirect the request to some malicious server. Would the attacker be able to modify the packets during the TLS ...
0
votes
1
answer
2k
views
How do I redirect HTTPS site to another HTTPS site over LAN using a linux? [closed]
Is there a tool, or a command for linux that can make possible to redirect HTTPS site to another HTTPS site on LAN? i'm using Kali Linux, and all the tools and commands that i found was to redirect ...
0
votes
1
answer
887
views
DNS spoofing protection in Chrome and Firefox
I'm using hostapd to setup a wireless access point and dnsmasq as a DNS/DHCP server. I defined in dnsmasq to reply with the IP of the access point (10.0.10.1) when it receives a query for www....
1
vote
1
answer
2k
views
How to prevent from DNS spoofing in Java code which obtains a name of localhost
FORTIFY static scan has detected that this piece of our java code is vulnerable to DNS spoofing attack:
public String getLocalhostName(){
try {
return Inet4Address.getLocalHost()....
0
votes
1
answer
240
views
Spoofed DNS answers ignored by target machine applications
Attacker: Arch Linux
Target: Windows 10
Scenario
The attackers launches an ARP spoof attack to redirect all target traffic to the attacker. (This works)
The target sends DNS queries for domain name ...
-2
votes
2
answers
213
views
Dns poisoning for any search [closed]
DNS poisoning works only if we open a certain website.
For example, a victim enters 192.168.21.56 in a browser, it will be directed to a phishing page.
What if we want to redirect the victim to 192....
1
vote
0
answers
116
views
How do you mitigate the risk of stolen unencrypted data because you are using Cloud DNS to proxy the request that are sent to your server?
Goal
My goal is to build a PWA. I am new to programming and I believe it is better to start with NGINX.
I have not found a good article (explaining the security risk) about using the Cloud DNS (such ...
1
vote
1
answer
162
views
What portion of recursive (ISP, public, etc.) nameservers validate DNSSEC strictly?
I'm adopting/setting up DNSSEC on my domains for the first time, and curious about the practical benefits I can expect. In theory, regardless of whether client/stub resolvers want checking, recursive ...
1
vote
2
answers
1k
views
The security of IP whitelisting large ranges
I am not a network expert but; a recent conversation has come up with a client asking to whitelist a range of ip's (let's say 250 odd for now) to transfer their data to us for processing.
I should ...
2
votes
1
answer
1k
views
ARP spoofing + DNS spoofing
To make a prank on a friend, and also for educational purposes, I am trying to hack a DNS server in my local network. I am using Windows. I used arpspoof from GitHub.
Can someone please elaborate on ...
1
vote
0
answers
2k
views
DNS Packet Spoof Scapy
I am looking into local DNS spoofing by sniffing DNS-requests with Scapy, and sending a spoofed packet in response.
Here is the code I used:
from scapy.all import *
def spoof_dns(pkt):
if (DNS ...
16
votes
3
answers
40k
views
What is the most secure way to store cross subdomain cookies
I am working for a company we will call "Company x". This company has a domain companyx.com. They have a cloud platform that manages things like SSL, but in order to do this you are required to use ...
1
vote
2
answers
1k
views
Can I alter the DNS cache on my Computer?
Can I alter the DNS cache of my computer.
When I search online it only shows result to flush DNS cache and not how to alter it.
The DNS cache saved on Windows consist of URL,serverIP and many other ...
-1
votes
2
answers
2k
views
How to conduct this MITM attack [duplicate]
For educational purposes, I want to conduct a demo for a Man In The Middle attack. The attack scenario is:
1) The client request aaa.com
2) The MITM changes the client request to bbb.com
3) The ...