Security: Attack-Defense (Default)
This page includes basic definitions of security attacks and defenses for DNS and does not contain detailed information.
Last updated
This page includes basic definitions of security attacks and defenses for DNS and does not contain detailed information.
Last updated
DNS queries and responses are transmitted in plain text without encryption, making them vulnerable to interception and spoofing attacks. This can lead to malicious activities, such as redirecting emails to unauthorized servers.
Adds security by digitally signing DNS responses to ensure their authenticity and integrity. However, implementing DNSSEC requires additional configuration and setup.
DNS Over TLS (DoT): Encrypts DNS queries and responses using TLS/SSL over TCP port 853, protecting the data from eavesdropping and tampering.
DNS Over HTTPS (DoH): Encrypts DNS queries and responses by sending them over HTTPS, using TCP port 443. This disguises DNS traffic as regular web traffic and is utilized by some browsers by default for enhanced privacy.
Involves modifying DNS server data or the client’s host file to redirect or manipulate DNS responses. This is not common and requires sophisticated techniques. For instance, an attacker might send a fake response to a legitimate DNS request, leading users to malicious websites. This attack often involves real-time redirection and is considered an on-path attack.
Example: An attacker poisons a DNS server to redirect users trying to access a bank's website to a fake site designed to steal login credentials.
Involves gaining unauthorized control over a domain registration, which can then be used to redirect traffic or disrupt services.
Example: An attacker takes control of a company's domain name to redirect traffic to a malicious site, impacting the company's online presence and reputation.
Also known as phishing or typosquatting attack, this involves creating deceptive URLs to trick users into visiting fake websites or entering sensitive information.
Example: A phishing attack uses a URL like "www.bankofamreica.com" (a slight misspelling of "Bank of America") to deceive users into entering their login credentials on a fake site.