Questions tagged [dns-spoofing]
DNS Spoofing is a network attack whereby data is introduced into a Domain Name System (DNS) resolver's cache by an attacker that has no authority, causing diverting injected names to redirect traffic to a host controlled by the attacker.
136
questions
2
votes
3
answers
689
views
Effects of CVE-2017-9445?
http://thehackernews.com/2017/06/linux-buffer-overflow-code.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9445
"that could allow remote attackers to potentially trigger a buffer ...
- 21
0
votes
0
answers
196
views
DNS hijacking to infect computers with ransomware?
While speaking to a friend regarding protecting personal computers from ransomware, I mentioned that I use a limited user account with application white-listing via SRP (I am running Windows). He ...
user125213
0
votes
1
answer
1k
views
MITM attack DNS spoofing problem [closed]
I’ve tried to DNS spoof
dnsspoof -i eth0 -f spoofhosts.txt
(inside spoofhosts.txt there is my (the attacker) local ip and the domain which i want to poison)
and I just keep receiving this:
...
- 149
4
votes
3
answers
3k
views
DNS hijack redirect from one HTTPS hostname to another?
I just finished reading a Wired article about a DNS hijack where the attackers redirected all bank traffic to servers they hosted on Google Cloud. What I thought was interesting about the story is ...
- 143
0
votes
1
answer
496
views
Is my DNS being poisoned?
Today I was greeted by this error in Firefox:
It was happening consistently for a minute or two, and reverted back to normal. I confirmed that it happens on another browser and that other HTTPS sites ...
- 1,468
1
vote
0
answers
179
views
What would an attacker need to know about the DNS request (itself) to successfully poison a DNS cache?
According to a thread I recently read, in general, for one method of DNS poisoning, an attacker only needs to know the victim's DNS server (see this thread: DNS cache poisoning). [I'm assuming the "...
0
votes
1
answer
137
views
Would DNSSec and DANE be more secure if the same key was published to different TLDs?
Assuming that it's tough to get many government owned TLDs to cooperate to spoof DANE or DNSSec, would it be wise to publish the same certificate (different SAN names) to various TLDs?
For example:
...
- 51k
11
votes
2
answers
5k
views
dnsspoof not spoofing (requests and forwards real DNS packet)
I was trying to use dnsspoof but it did not work as expected. These are the steps I followed:
Set IP forward in kernel to 1
arpspoof -i eth0 -t 192.168.1.39 -r 192.168.1.1 and arpspoof -i eth0 -t 192....
- 496
14
votes
2
answers
3k
views
What problem does DNSSEC solve?
I have read through the questions tagged DNSSEC on this site, and over the years you hear statistics about DNSSEC adoption and about organizations enabling it on their domains... but nobody mentions ...
- 33k
0
votes
2
answers
345
views
DNS Spoof saves IP to Domain Name after attack is finished, Is there a way to stop this?
As I understand after a Domain Name is resolved to a specefic IP through DNS www.example.com resolves to 10.10.10.10, this cache is saved in RAM in a computer for a little bit, AKA five or so minutes. ...
- 71
4
votes
1
answer
764
views
Stop DNSSpoof after login
Preface: I had an argument with a buddy the other day, he said it was impossible I disagreed.
So say I have a large network of computers all visiting the same website for some reason. Then I have a ...
- 71
0
votes
1
answer
2k
views
DnsSpoof Target machine wont connect
SETUP:
Target Machine:
VM on my network, on a machine that is hardwired to the router
Kali Box:
Tried both in a VM on the same machine as my target and a live boot on a laptop over wifi. Both ...
- 1,471
0
votes
1
answer
1k
views
DC server integrated with DNS trying to contact Blacklisted DNS hostname
Need some help in understanding below attack.
The below logs are extracted from the firewall and i could see a outbound connection from ldap server to 194.169.218.42. But walking through the logs(...
- 95
7
votes
2
answers
31k
views
Modify the hosts file of the router and redirect trafic
My question is how can I modify the hosts file of the router (If it exists), And redirect users to my server when they prompt a specific website?
user90685
0
votes
2
answers
869
views
Why do SSL enabled sites don't reply back according to "hosts" file record?
I was playing with the hosts file under my linux distro. Added an entry
192.168.3.121 www.facebook.com
in the /etc/hosts file. Created 2 servers which link to an index.html file at ports 80 ...
- 218