DNS-Spoofing: Cache poisoning is simply explained

You will receive an e -mail from your home bank where you are asked to confirm the access data for your online bank account. A few days later, they discover that strangers stole several thousand euros from their account. Scenarios like this are the result of the so called Spoofing DNS, In the hacker, redirect their internet requests secretly for false websites to get their sensitive data. In this article you will learn how DNS-Spoofing works and what you can do to protect yourself from such attacks.

1. What is DNS-Spoofing?

DNS-Spoofing represents a series of attacks in which Information stored on the DNS server replaced become the goal of To transfer users to a false website. For example Sensitive data intercepted or malware introduced on the system become.

A basic distinction is made between Two types of attacks:

• Al DNS-Cache-Poleising False information is introduced in the user’s DNS cache.
• Von DNS-Spoofing On the other hand, you speak when false information is sent using IP Spoofing.

Good to know: A related form of DNS attacks is the so -called DNS hijacking. In which hackers manipulate the DNS system so that there are intentionally false answers.

2. How does DNS-Spoofing work?

In the first step, hackers attack the so -called server of names on which the DNS system is created. This is a service to which the IP address of the domain is known and which is able to translate it into both directions. THE Namesever It works like a kind of column: he Convert addresses used on the Internet (e.g. www.google.de) in the corresponding IP addresses.

So that you can recall a domain, it must always be assigned to a server of names. The hacker gives access to its configuration and guarantees it Information on the item included when called a website become. This «wrong» The data from the name server are archived on the user’s computerThis later «remembers» it and uses it. The purpose of hackers is directly Get access to your sensitive data or for this purpose exactly To provide false content.

For example, open your online banking, lands through Spoofing DNS on a page, It seems deceptively similar to the original of your bank of the house. But it only serves a Capture access information and / or malware to load your computer, With the hacker it then gives access to your accounts. The pages are in most cases So fake that only experts are able to recognize the difference.

2.1. E -mail as «bad» messages of the supplier

The code for Spoofing software is often hidden also As an appendix in spam’s e -email. These come At first glance from a serous source. If the recipient opens the attached file, the polluting code is installed, the The cache information has changed And therefore intercept sensitive data during daily background. Even behind advertising images or banners, malware of this type can hide, often a click is enough to infect the computer.

3. What dangers derive from the DNS cache?

THE The laying of DNS has a series of dangersFrom the theft of sensitive data to serious virus or trojan infections.

Faanding known websites, such as banks or large online retailers, Hackers arrive at credit card data, passwords or personal information. Once these are in the hands of the criminals of the Internet, this does not present itself only in most cases Great financial damagebut often also the theft a huge intervention in the privacy of the victims Consequentially.

If the Websites of IT security suppliers, such as scanner manufacturers for viruses or anti-Malware programsthe computer becomes one Further threat from malware Exipose because it is not possible to perform more adequate security measures (for example, the installation of safety updates is blocked).

4. How can I protect myself from DNS-Spoofing?

DNS spoofing is One of the oldest forms of attacks on the internetThanks to better security measures and vast awareness of users No more danger in these days represent.

In recent years they have already been Numerous approaches implemented to improve safety. This mainly includes the Sensitive data encryption and content. Another defense measure, on the other hand, starts directly with the DNS server: modernity The name server sends several random information with a querywho are not known to the attacker. In order for the user’s browser to recognize the false data as allowed, it should first guess it. However, this represents In most cases something of impossibility But.

In addition, many browsers now also protect users During your questions To receive unwanted information. Also Mark Website certificates Like HTTPS SAFE SIDES. When it is called a (presumably) side not safe A browser message informs you about it.

It However, the user always makes the biggest contribution to security. With prudent behavior, all forms of DNS spoofing can be almost completely avoided. Therefore, never click on unknown connections or open Websites that have been classified as unsafe. Perform regular safety scans on your system and use it as much as possible A program installed locally and no guest. Otherwise there is the risk that the results can be false by spoofing.

5. And if he had taken me?

If there has been an attack on DNS spoofing despite all protective measures, the removal of «poisoning» is unfortunately a very difficult undertaking. Cleaning the interested server It does not automatically remove the problem on your client computer. In the opposite case, this is infected again when you create a connection to the server. Customer users can overcome the problem Empty the cache memory But at least solve on your computer locally.

(22 votes, media: 4.30 out of 5)
Loading …