DNS Cache Poisoning:
Definition and Prevention
by
Tom Olzak
March 2006
The Internet would grind to a halt – would not be possible – without a Domain Name System (DNS). As you’ll see in this paper, the proper operation of DNS is fundamental to the maintenance and distribution of the addresses for the vast number of nodes around the globe. So it would be too much to hope for crackers (malicious hackers) to ignore DNS as they continuously look for new ways to circumvent your security.
There are several facets to DNS security. In this paper we focus on one of the most dangerous types of attack – DNS cache poisoning. To provide a complete picture of this threat, we’ll explore how DNS works, two ways crackers facilitate cache poisoning, what impact this type of attack can have on your organization, and steps you can take to protect your information assets.
What is DNS?
In the world of the Internet and TCP/IP, IP addresses are used to route packets
from source to destination. A single IP address, for example 203.192.135.234, is not
difficult to remember. But trying to learn or track thousands of these addresses, including
which server/node is associated with each address, is a daunting task. So instead, we use
domain names to refer to systems with which we want to communicate.
A real-world Internet domain name example is Google.com. When you enter the
Google domain name into the address bar of your browser, the Google page appears.
This is because your PC executed a process to resolve Google.com to an IP address.
Only by having the IP address is a system able to initiate a session with another system
across the Internet. Let’s look at two ways IP address resolution can occur.
Read more here:
![Game Booster | Bug Fix & Lag Fix v5.6rs [Premium]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDNlV_bBqFQFY4IsW692wFsNvExC_0iWRugXUq31vqgokitWU8bbZ3AQHVr_IVn3UONl2mUKWtPXdglvaxvZ06pYjU-Nu9ISxVjDm7JxVfJsek2DSNq1ijaT3C5JHQ5TjjOhKAC4hEEG8/w680/Screenshot_2021-01-30-17-01-59-77.jpg)
