Undeniable the DNS (domain name system) is the Achilles heel of the Internet and the day this system fails, for whatsoever reason, we stuck in deep problems. We had to memorize IP addresses to connect to computers in the network and the situation would become even worse because the world hat to work withouht the HTTP (HyperText Transfer Protocol) virtual hosts we had to use IPv6 addresses (or maybe this situation would kill the world wide webs popularity and the growth of the net had been much smaller). Generally spoken this means : whoever controls the DNS, controls the data stream and has the power. This is the ideal point for attackers to start simple but very effective attacks.
An attacker can replace the DNS server entry by a server that is controlled by himself or modify the hosts file (this file exists on UNIX and Windows). That way an attacker can redirect the traffic for a specific host to a system that is controlled by him and send the requests afterwards to the real system.
This is a typical and straightforward MITM (Man In The Middle) attack. As long as the victim is not using an encrypted connection the attacker can read all the transmitted data and can extract sensitive data like user access credentials or the balance of the bank account.
SOURCE : modify DNS server entry
SOURCE : modify hosts entries
is there any document on DNS configurations,
or a guide to configuring DNS ina production environment using both linux and windows?
jobenbissong.wordpress.com
hi joben
this posting is about how attackers can reconfigure the dns settings on a system for a MITM attack. i guess it’s not a typical way how sysadmins configure their client or server systems.
carrumba