Scribd
Upload
49 views3 pages

DNS Attacks: Homework 1 Abrar Mohammad (117145253)

This document discusses DNS hijacking attacks. DNS hijacking involves unauthorized modifications made to hosted DNS solutions, redirecting users to rogue DNS servers controlled by attackers. The attackers are able to intercept and modify public key exchanges, allowing them to pose as legitimate servers and clients to manipulate website requests and records. This man-in-the-middle attack compromises user credentials. DNSSEC helps prevent such attacks by allowing DNS servers to validate response origins.

Uploaded by

Abrar Mohammad
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
49 views3 pages

DNS Attacks: Homework 1 Abrar Mohammad (117145253)

This document discusses DNS hijacking attacks. DNS hijacking involves unauthorized modifications made to hosted DNS solutions, redirecting users to rogue DNS servers controlled by attackers. The attackers are able to intercept and modify public key exchanges, allowing them to pose as legitimate servers and clients to manipulate website requests and records. This man-in-the-middle attack compromises user credentials. DNSSEC helps prevent such attacks by allowing DNS servers to validate response origins.

Uploaded by

Abrar Mohammad
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

DNS Attacks

Homework 1
Abrar Mohammad [117145253]

Microsoft account
[Email address]
DNS hijacking

Also called DNS hijacking, DNS poisoning, or DNS redirection.


It’s mainly targeted attacks against DNS infrastructure in which
unauthorized modifications is made on hosted DNS solutions. These
modifications to DNS records were made to allow malicious entities to
perform man in the middle attacks. By changing your records to direct
your users or customers to a rogue DNS server under the control of
an attacker, or through modifying the behavior of a trusted DNS
server so that it does not comply with internet standards. [Wikipedia + YouTube ]
The attacker takes control of an established connection while it is in
progress. The attacker intercepts messages in a public key exchange
and then retransmits them, substituting their own  public key for the
requested one, so that the two original parties still appear to be
communicating with each other directly. The attacker uses a program
that appears to be the server to the client and appears to be the client
to the server. [search security]
The shapes represent the communicating
parties, as the arrows shows the track of
communication, The red rectangle represents
the attacks as it surrounds the DNS server,
Internet
attackers captures public keys while exchange
and retransmit their own on both side of
communication so that clients think of them as
server and server think of them as clients then
they manipulate records of a website or
DNS server v
requests of clients and direct them to the
attackers’ website. [man in the middle attacks].
This type of attacks may be used for many
reasons such as collecting statistics,
advertisements, to block access for a certain
Client domain or other malicious purposes.
Thus compromise users’ credentials to the DNS
server or website.
There is a solution for this attacks and the easiest one is DNS SEC which
allows the DNS server to validate every response it gets from the internet,
and checks if it belongs to it’s owner ,and only if its validated it gets passed
to the client.
As green arrows shows above.

Resources :
https://en.wikipedia.org/wiki/DNS_hijacking Wikipedia.
https://www.youtube.com/watch?v=4HkRpCBcXoE&feature=youtu.be YouTube.
https://searchsecurity.techtarget.com/definition/hijacking search security.

You might also like