Questions tagged [dns-spoofing]
DNS Spoofing is a network attack whereby data is introduced into a Domain Name System (DNS) resolver's cache by an attacker that has no authority, causing diverting injected names to redirect traffic to a host controlled by the attacker.
136
questions
1
vote
2
answers
1k
views
VPN protection against DNS poisoning on AP
Does a VPN protect against a malicious DNS configuration on the Access Point?
By my understanding it should, since traffic to the final destination should be encrypted and encapsulated inside packets ...
1
vote
1
answer
1k
views
Bypassing HSTS and Public-key pinning with lookalike characters
Using lookalike character symbols to circumvent HSTS and public-key pinning with DNS spoofing via MITM Attack.
Redirect: facebook.com --> faceḃook.com
--
I have seen SSLStrip+ using the technique ...
2
votes
1
answer
191
views
To whom do I report this bizarre behavior (possibly hijacked website or DNS highjack)?
My coworker searched for "cutadapt" at Google Scholar and the top hit was http://journal.embnet.org/index.php/embnetjournal/article/view/200. When he clicked on it, it took him to a site that said ...
0
votes
1
answer
323
views
DNSSEC - does the domain owner owns a key?
The purpose of DNSSEC is to prevent some attacks like cache poisoning so a client can be sure that the answer it gets from a recursive DNS server are correct (the IP is the correct IP). The root DNS ...
5
votes
1
answer
4k
views
dnsspoof and bettercap not dns-spoofing
I want to dns spoof my own phone, because I feel like it would be a cool experiment to do. It's not working (damn phone keeps connecting to the internet), and I would really appreciate any suggestions ...
0
votes
1
answer
3k
views
Is IP spoofing possible in Windows Desktop with user privileges?
I read on WinSockAPI that IP spoofing is disabled for Desktop windows devices (non-servers like Windows 7, etc). However, I've been able to do IP spoofing using nmap, so clearly this is possible. ...
2
votes
0
answers
641
views
Mitigating reverse DNS lookup danger / exploitation
I have read several posts indicating that reverse dns lookup cannot be trusted, as someone can spoof DNS -- so when a rule is made that allows traffic through dns, its possible to exploit.
However, ...
1
vote
0
answers
131
views
Where are the DNS resolvers? [closed]
I'm trying to understand the principle behind DNS poisoning attacks. It seems like the DNS Resolver is just a piece of software. Where is this software located, and how is it shared among all the ...
2
votes
2
answers
2k
views
Active Directory DNS server security misconfiguration or an acceptable practice?
I work for a large Eastern European bank as a programmer.
Recently, I was setting up a documentation website for my team. We came up with the host name, and now all we needed was to pick the best ...
2
votes
0
answers
172
views
DNS sinkhole usability
Although I know what the use of a DNS sinkhole is (I guess I do) I'm struggling to understanding how well scalable such solution is.
DNS sinkhole or black hole DNS is used to spoof DNS servers to ...
2
votes
1
answer
382
views
DNS spoofing+firewall port hijack/redirect to capture HTTPS requests without getting "certificate untrusted error" on the client browser [duplicate]
If i could setup a DNS server that responds with my server's IP for a certain domain, along with redirecting https and all DNS queries requests to my local https site and my local DNS server ...
0
votes
1
answer
1k
views
How to make dnsspoof work for https sites?
I tried to dnsspoof the victim machine for say "www.imdb.com" (with the help of setoolkit and ettercap). But the site is ssl https, so I read here that dnsspoof won't work for https sites. As quoted ...
0
votes
2
answers
856
views
resolv.conf: my router acts as a nameserver - a vulnerability? How to change it?
I'm running Debian 9.1 with KDE and when connecting to the Internet by default I get these two lines in my /etc/resolv.conf file:
search localdomain
nameserver {ipofmyrouter}
I guess that these - or ...
2
votes
2
answers
261
views
DNS Poisoning - How to edit the "list" it in the target server?
I know how to redirect some DNS name to another DNS name. For example, access security.stackexchange.com and redirect to facebook.com. But I am doing this with my own server and the connected ...
0
votes
3
answers
580
views
How do I recognize or prevent using a malicious WiFi network?
Suppose I unknowingly connect to a malicious WiFi-network. I want to visit my bank's website. When entering its domain name (or clicking my bookmark), my laptop does a DNS request. My requests ...