Talk:DNS spoofing

This article is rated Start-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects:

Computer Security: Computing Mid‑importance This article is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks. Mid This article has been rated as Mid-importance on the project's importance scale. This article is supported by WikiProject Computing. Things you can help WikiProject Computer Security with: Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information... Answer question about Same-origin_policy Review importance and quality of existing articles Identify categories related to Computer Security Tag related articles Identify articles for creation (see also: Article requests) Identify articles for improvement Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc. Find editors who have shown interest in this subject and ask them to take a look here. Computing Low‑importance This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks. Low This article has been rated as Low-importance on the project's importance scale.

Wiki Education Foundation-supported course assignment

Latest comment: 2 years ago1 comment1 person in discussion

  This article was the subject of a Wiki Education Foundation-supported course assignment, between 26 May 2020 and 3 July 2020. Further details are available on the course page. Student editor(s): Junwei Sheng.

Above undated message substituted from Template:Dashboard.wikiedu.org assignment by PrimeBOT (talk) 18:57, 16 January 2022 (UTC)Reply

DNS Spoofing is not necessarily evil

Latest comment: 8 years ago2 comments2 people in discussion

The very first sentence of the article defines DNS Spoofing as a "computer hacking attack". This is not necessarily the case, as users may well want DNS results to be modified by a trusted firewall in order to protect their machines from malicious content. NAT32_Support (talk) 02:34, 7 August 2015 (UTC)Reply

Have you a reference we can cite? VisSci (talk) 14:30, 13 April 2016 (UTC)Reply

Not Clear

Latest comment: 17 years ago2 comments2 people in discussion

The explanation about the poisoning techniques is not clear. Splendour 07:02, 28 June 2006 (UTC)Reply

An example would help greatly. Nikle-on-wikipedia 17:59, 29 December 2006 (UTC)Reply

Invalid Information

Under prevention and mitigation it is stated that end-to-end validation can be performed once a connection is setup. This isn't entirely true because DNS uses UDP for many of its queries which is a connectionless protocol there is no transport layer connection set up. However, public/private key transaction signatures can be used to validate queries.

Responding before the real nameserver

Latest comment: 15 years ago2 comments2 people in discussion

Reference to "birthday attack" was removed. A birthday attack applies to a situation where you try something n times and the number of opportunities for success is proportional to n^2 (typically because there is an opportunity for success for each pair of things you try). In this case the number of opportunities for success (fooling the target DNS into believing your answer is the right one) is simply proportional to n (the number of spoof replies you send to it). —Preceding unsigned comment added by 89.241.154.128 (talk) 10:01, 30 July 2008 (UTC)Reply

This isn't quite correct. Some DNS cache poisoning attacks do use the birthday paradox effect. They send out n requests at the same time along with n spoofed replies. Since the replies are all received at around the same time, you get the n^2 factor increase in success. Wrs1864 (talk) 16:49, 12 September 2008 (UTC)Reply

External links

Latest comment: 11 years ago1 comment1 person in discussion

I took the liberty of nuking the external links that have been an eyesore for over a year. Some appear to be good reference candidates, so I'm leaving them here. If you use one as a reference (or find one to be useless spammery), please delete it from this post. Krushia (talk) 01:17, 8 February 2013 (UTC)Reply

• BIND 9 DNS Cache Poisoning - Discovered by Amit Klein (Trusteer)
• Predictable transaction IDs in Microsoft DNS server allow cache poisoning
• Microsoft Knowledge Base: How to prevent DNS cache pollution
• SANS DNS cache poisoning update
• DNS Threats & Weaknesses: research and presentations
• Blocking Unwanted Domain Names Creative Usage of the Hosts File
• Dnsstuff.com's DNS Vulnerability Check Test to see if you are Vulnerable
• Steve Gibson of GRC's ISP DNS testing tool Check your ISP's DNS resolvers for vulnerabilities
• Security-Database Tools Watch PorkBind Scanner for 13 DNS Flaws including the DNS Poisoning
• Movie explaining DNS Cache Poisioning
• An Illustrated Guide to the Kaminsky DNS Vulnerability
• US CERT advisory : Multiple DNS implementations vulnerable to cache poisoning
• Secret Geek A-Team Hacks Back, Defends Worldwide Web An article about defending against DNS poisoning
• Brazil ISP servers under Massive DNS cache Poisoning attack

Variants topic

Latest comment: 8 years ago1 comment1 person in discussion

Can anyone explain why there is a ^{[citation needed]} template against These attacks assume that the nameserver for target.example is ns.target.example, which appears simply to be preamble for the examples which follow? VisSci (talk) 12:38, 11 April 2016 (UTC)Reply

Domain name spoofing

Latest comment: 2 years ago1 comment1 person in discussion

FYI, I have created a disambiguation article Domain name spoofing since this is a generic term in common use. At present it contains IDN homograph attack, DNS spoofing and Email spoofing, as well as a see also of mitigation technologies. Please add any relevant articles. --John Maynard Friedman (talk) 18:19, 6 July 2021 (UTC)Reply