What Is DNS Spoofing?

What Is DNS Spoofing?

Before understanding DNS Spoofing, the concept of DNS should be cleared.

So What Is DNS?

DNS stands for Domain Name System.It is a type of database framework that interprets the domain name into an IP address and vice versa.Every network PCs use IP addresses to find and associate with one another,but it is quite difficult to remember every individual domains IP. For example it is easy to remember website www.example.com than its relating IP address (e.g: DNS automatically converts the name we type into our web browsers to IP addresses of servers hosting that site.

Coming back to our topic: DNS Spoofing:

DNS spoofing (or DNS cache poisoning) is an attack in which altered DNS records are introduced into the DNS resolver's cache, causing the name server to return an incorrect IP address.This results in traffic being diverted to a fake server.

Methods of perfoming DNS Spoofing:

1.Man in the middle: The interception of communications between users and a DNS server in order to divert users to a different/malicious IP address.

2.DNS Server Compromise:The direct hijacking of a DNS server, which is configured to return a malicious IP address.

Tools like ettercap are widely used to perform such attacks.