Brief Overview: Types of DNS Attacks & its Mitigation
First, we understand what is DNS? DNS, short for Domain Name System, is a protocol that acts as a directory that translates a domain name, e.g. allabouttesting.org, into an IP address, e.g. 18.104.22.168. In simple words, when a user types allabouttesting.org, DNS converts the URL into its corresponding IP address, e.g. 22.214.171.124.
Now, what are DNS attacks? DNS attacks are the possible exploits that may be executed against the system by taking advantage of weaknesses in DNS. This blog list out DNS Attacks & Mitigation techniques.
Types of DNS Attack & its Mitigation
Cache Poisoning - In this type of attack, the attacker poisons DNS cache entries and redirects genuine requests to malicious websites. Another name of the attack is DNS poisoning. DNS cache entries may be corrupted either by malicious malware or by network attacks that inject invalid DNS entries into the cache. You can use the tool Ettercap, which is an open-source tool and available on the Linux Kali distro.
Mitigation: Use reputed antivirus on your system, keep Antivirus up-to-date, ensure HTTPS connection on visiting websites, Never download suspicious files on your system as those files may be malicious, use VPN, etc.
DNS amplification - In this type of attack, the attacker sends UDP packets with spoofed IP addresses to a DNS resolver. The spoofed address is actually the real IP address of the victim. Here, the target is not able to distinguish between authentic and bogus DNS replies.
Mitigation: Usage of configured firewall, sufficient network capacity
Distributed Denial of Service (DDoS) - The attacker uses multiple botnets to generate massive resolution requests to flood the target.
Mitigation: Usage of large distributed DNS system
Fast-flux DNS - Attacker use a technique of Fast Flux DNS to swap DNS records with compromised hosts to delay or evade detection.
Mitigation: This type of attack may not be easily mitigated.
Zero-day attack - This type of attack uses unknown vulnerabilities in DNS and exploits the system.
Mitigation: Difficult to mitigate as very limited information is available in the public domain.
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.