Questions tagged [dns-spoofing]
DNS Spoofing is a network attack whereby data is introduced into a Domain Name System (DNS) resolver's cache by an attacker that has no authority, causing diverting injected names to redirect traffic to a host controlled by the attacker.
136
questions
0
votes
1
answer
906
views
How to implement an active Man-In-The-Middle attack that changes the request URL address
For training purposes, I need some pointers on the tools and tips to implement an active Man-In-The-Middle attack.
The attack scenario that I want to do is a toy example (which has countermeasures ...
0
votes
2
answers
762
views
Spam Russian Subdomains on my Website
I have the EXACT same problem that was addressed in a former thread on Stack Exchange here:
https://webmasters.stackexchange.com/questions/103087/spam-russian-subdomain-in-my-website
As you can see ...
1
vote
1
answer
207
views
Work internet redirecting to Twitch?
When connecting my laptop with the work LAN, I noticed that certain websites get redirected always to a twitch channel.
I have changed the DNS configuration and used 8.8.8.8 and 8.8.4.4, but the ...
0
votes
1
answer
249
views
DNS Spoof Adware
Someone recently boasted about adware which can inject ads from most networks, and using DNS spoofing would make the providers think that the ads were on a website owned by me (i.e. www.myscamsite.com)...
0
votes
1
answer
132
views
DNS cache poisoining prevention by directly using ip instead of url
My basic understanding of DNS cache poisoining is that at some local server the cache is been altered. i.e (some urls will be directed to malicious ip address instead of original).
So If I entered ...
0
votes
1
answer
854
views
DNS Spoofing Detection with JavaScript
I've came across an interesting question today - how can a JavaScript detect that a DNS Spoofing attack has been made against the client its running upon?
Scenario:
Edit: wrong scenario was ...
1
vote
3
answers
280
views
Does EV SSL certificate makes any difference while used instead of self signed ssl in case of API for android app?
I understand that self signed ssl is risky incase of dns spoofing since the attacker may generate a self signed ssl himself and place it in his ip address and it will trigger a warning in the client ...
1
vote
1
answer
243
views
What are the ways to identify a DNS cache poisoning attack?
Consider a scenario: (at victims end) in DNS cache poisoning attack. When the victim will go to a website (eg: gmail.com), he will be taken to some other phishy website. Now here the URL remains the ...
2
votes
1
answer
1k
views
Certificates for localhost, MITM Attack
Excerpt from https://letsencrypt.org/docs/certificates-for-localhost/
You might be tempted to work around these limitations by setting up a domain name in the global DNS that happens to resolve to ...
1
vote
1
answer
974
views
DNS Hijack: Only spoofing sites listed in etter.dns
I'm trying to create a more practical DNS Hijack MITM attack. I do the traditional ARP poison with dns_spoof method. I don't have any issues getting it to work. The intended domain redirects exactly ...
0
votes
1
answer
849
views
How to force users on my LAN to use a specific DNS server with arp poisoning?
I'm attempting to force all hosts on my LAN to use a specific DNS server to filter certain material, however I'm running into problems.
I've had problems in the past trying to configure my router's ...
23
votes
5
answers
9k
views
Does DNS allow third parties to register subdomains?
I have one of those questions that rely on the rule sets for DNS lookup.
Let us say Person A owns the site https://www.example.com. A different person, Person B, not associated with A, attempts to ...
7
votes
2
answers
1k
views
Strange Problem - DNS Cache Poisoning?
I'm a developer by trade, but not that well versed in information security. I've encountered a strange problem at home:
About three times now in the past year, when I open some website - I'm thrown ...
41
votes
4
answers
7k
views
How could a public DNS server return bad results?
I live in a country which is under many sanctions. Both internal sanctions (government on people) and external sanctions (US on our people).
In our country, YouTube, Twitter, Facebook and many other ...
1
vote
1
answer
221
views
How does DNSCurve protect against forgery in a man-in-the-middle attack scenario?
This Question is about DNSCurve. I thought of DNSCurve as "HTTPS for DNS" (like in this Answer) but had some resent thoughts about the trust-relationship between resolvers and nameservers serving the ...