1 min read

Malware Trivia: Episode 7

Bogdan BOTEZATU

March 14, 2011

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Malware Trivia: Episode 7

Hello everyone and welcome to another round of questions and answers

How to identify if the DNS cache is poisoned? As some of the phishing pages look exactly the same to the authentic one”¦ – Question asked by Chani

Detecting DNS cache poisoning attempts is pretty difficult and requires the use of a special tool called ncaptool, an instrument that statefully detects unsolicited responses by listening at the Network layer of a DNS cache server. What happens inside the tool is an intricate process, but the main idea is to compare the output of the DNS cache server (such as the one deployed into your organization or at the ISP level) with a response delivered by an authoritative name server (the one responsible for resolving queries in specific zones). If the responses are different, then the cached entry of the DNS server has been poisoned. Alternatively, you might want to run this simple, yet efficient web-based test developed by the DNS OARC (Domain Name System Operations Analysis and Research Center).

And more importantly, how to repair the problem if one finds to be victim of such an attack? ” Question asked by Chani

DNS poisoning attacks rely on a design vulnerability in the DNS protocol architecture that has been inherited in most implementations of the DNS services. Back in 2008, when the vulnerability was initially discovered, the protocol flaws have been patched and the vast majority of DNS servers have been updated.

If you however run the test and find your DNS server vulnerable to cache poisoning, you should immediately contact your ISP or network administrator and urge them to upgrade the DNS server to a version that is not vulnerable. Bear in mind that the DNS system is a critical piece of network infrastructure, as it is responsible for everything you do on the Internet, from sending mail to reading press or enjoying a IM conversation.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

How to keep your Android device immune to malicious vaccine themed apps How to keep your Android device immune to malicious vaccine themed apps
Cristina POPOV

April 22, 2021

2 min read
Facebook Takes Down Two Hacking Groups Operating out of Palestine Facebook Takes Down Two Hacking Groups Operating out of Palestine
Silviu STAHIE

April 22, 2021

2 min read
Ransomware attack causes supermarket cheese shortage in the Netherlands Ransomware attack causes supermarket cheese shortage in the Netherlands
Graham CLULEY

April 13, 2021

2 min read