Like most of the network protocols and systems in widespread use today, the Domain Name System (DNS) harbors significant security vulnerabilities. Though DNS provides a deceptively simple service — translating human-friendly website addresses such as http://www.cnn.com into computer-friendly numerical IP addresses such as http://188.8.131.52 — the system’s integrity is a crucial cornerstone of Internet operations and trustworthiness.
One common attack on the DNS infrastructure is called “DNS spoofing.” In this type of attack, also known as “DNS cache poisoning,” an attacker tricks a DNS server into returning an incorrect IP address for a target website. For example, an attacker might perform cache poisoning on the DNS entry for a legitimate bank’s website, thereby directing visitors to the hacker’s fake look-a-like site in order to capture their login or banking details. This type of attack is difficult for users to detect, because the website address displayed in the user’s web browser is not altered in any way. A single compromised DNS server at an Internet Service Provider can in this way affect potentially thousands of users.
Resource: eSecurity Planet
For more information on protecting your organizations data and privacy visit MBM Consulting Services.