Domain Name Resolution Attacks

Domain Name Resolution attacks
by
David Schlecht

DNS Attacks

Domain Name Resolution, often referred to as Domain Name Service (DNS) attacks are the preferred approach for Man-in-the-middle attacks.

There are occasionally vulnerabilities reported in the major DNS service providers, such as BIND, which will allow a hijacker to force your DNS server to feed you the wrong IP address for a host name. That way, when you think you’re going to you bank’s website, you’re really going to the attacker’s site and he’s using your user name and password to log in to your bank account while you think you’re logging in.

You don’t even need a vulnerability in the DNS software to suffer this fate. Any time you are relying on a service you don’t control, you can be fed false domain name information. This is common for hackers that leave open WiFi and broadband access. If you accidentally let your laptop log into one of these, you are believing everything the attacker’s domain name service is giving you, and that’s usually not what you want.

The problem with DNS attacks and man-in-the-middle attacks is that you seldom know you’ve been attacked until you start seeing your bank accounts dwindling.

DNS Attack Solution

So, what’s the solution to this type of attack? The first thing is to ensure that your software is up to date, especially your DNS software.

The second solution is training. It’s important that every company that ever has employees traveling has their employees trained on the most current attack methods and the best ways to avoid them.

Training

We provide numerous training opportunities for both the small and large company to keep their employees informed. Give us a call.