DNS Poisoning may be a technique that tricks a DNS server into believing that it’s received authentic information when, actually, it’s not. It leads to the substitution of false IP address at the DNS level where web addresses are converted into numeric IP addresses. It allows an attacker to exchange IP address entries for a target site on a given DNS server with IP address of the server controls. An attacker can create fake DNS entries for the server which can contain malicious content with an equivalent name.

For instance, a user types www.google.com, but the user is shipped to a different fraud site rather than being directed to Google’s servers. As we understand, DNS poisoning is employed to redirect the users to fake pages which are managed by the attackers.

DNS Poisoning − Exercise

Let’s do an exercise on DNS poisoning using an equivalent tool, Ettercap.

DNS Poisoning is sort of almost like ARP Poisoning. To initiate DNS poisoning, you’ve got to start out with ARP poisoning, which we’ve already discussed within the previous chapter. we’ll use DNS spoof plugin which is already there in Ettercap.

Step 1 − Open up the terminal and sort “nano etter.dns”. This file contains all entries for DNS addresses which is employed by Ettercap to resolve the name addresses. during this file, we’ll add a fake entry of “Facebook”. If someone wants to open Facebook, he are going to be redirected to a different website.

Step 2 − Now insert the entries under the words “Redirect it to www.linux.org”. See the subsequent example −

Step 3 − Now save this file and exit by saving the file. Use “ctrl+x” to save lots of the file.

Step 4 − After this, the entire process is same to start out ARP poisoning. After starting ARP poisoning, click on “plugins” within the menu bar and choose “dns_spoof” plugin.

Step 5 − After activating the DNS_spoof, you’ll see within the results that facebook.com will start spoofed to Google IP whenever someone types it in his browser.

It means the user gets the Google page rather than facebook.com on their browser.

In this exercise, we saw how network traffic are often sniffed through different tools and methods. Here a corporation needs an ethical hacker to supply network security to prevent of these attacks. Let’s see what an ethical hacker can do to stop DNS Poisoning.

Defenses against DNS Poisoning

As an ethical hacker, your work could very likely put you during a position of prevention instead of pen testing. What you recognize as an attacker can assist you prevent the very techniques you use from the surface .

Here are defenses against the attacks we just covered from a pen tester’s perspective −

Use a hardware-switched network for the foremost sensitive portions of your network in an attempt to isolate traffic to one segment or collision domain.
Implement IP DHCP Snooping on switches to stop ARP poisoning and spoofing attacks.
Implement policies to stop promiscuous mode on network adapters.
Be careful when deploying wireless access points, knowing that each one traffic on the wireless network is subject to sniffing.
Encrypt your sensitive traffic using an encrypting protocol like SSH or IPsec.
Port security is employed by switches that have the power to be programmed to permit only specific MAC addresses to send and receive data on each port.
IPv6 has security benefits and options that IPv4 doesn’t have.
Replacing protocols like FTP and Telnet with SSH is an efficient defense against sniffing. If SSH isn’t a viable solution, consider protecting older legacy protocols with IPsec.
Virtual Private Networks (VPNs) can provide an efficient defense against sniffing thanks to their encryption aspect.
SSL may be a great defense along side IPsec.

Summary

In this chapter, we discussed how attackers can capture and analyze all the traffic by placing a packet sniffer during a network. With a real-time example, we saw how easy it’s to urge the credentials of a victim from a given network. Attackers use MAC attacks, ARP and DNS poisoning attacks to smell the network traffic and obtain hold of sensitive information like email conversations and passwords.

So, this brings us to the end of blog. This Tecklearn ‘Concept of DNS Poisoning’ blog helps you with commonly asked questions if you are looking out for a job in Cyber Security. If you wish to learn Ethical Hacking and build a career in Cyber Security domain, then check out our interactive, Certified Ethical Hacker Training, that comes with 24*7 support to guide you throughout your learning period. Please find the link for course details:

https://www.tecklearn.com/course/certified-ethical-hacker-training/

Certified Ethical Hacker Training

About the Course

Tecklearn’s CEH certification training course provides you the hands-on training required to master the techniques hackers use to penetrate network systems and fortify your system against it. In this training, you will master how to identify security vulnerabilities by inspecting network infrastructures and defend the malicious hacker with essential tools and techniques, advanced network packet analysis and system penetration testing techniques to build your network security skill-set and prevent hackers. We will train you on the advanced step-by-step methodologies that hackers actually use such as writing virus codes and reverse engineering so you can better protect corporate infrastructure from data breaches.

Why Should you take Certified Ethical Hacker Training?

The average salary for a Cybersecurity Specialist is $110,881 per year in the United States and INR 900,000 per year in India – Indeed.com
Global Cybersecurity industry is estimated to cross US$ 220 billion by 2021.
Today cyber security is one of the most important aspects for any organization. In today’s digitally-driven world every organization needs professionals who can keep the hackers at bay. Hence the salaries for certified ethical hackers are among the best in the industry.

What you will Learn in this Course?

Introduction to Ethical hacking

Scope of ethical hacking
Enterprise information security architecture
Introduction and PCI Data Security Standard Overview
Role of Security and Penetration Testers
Vulnerability assessment
Various cyber security laws
Penetration testing

Various aspects of Information Security

Information security attacks
OS attacks
Application level attacks
Phases and Concepts of Hacking
Information Security Law and Standards

System Hacking

What is System Hacking
Goals of System Hacking
Understanding the certified ethical hacker methodology
About Kali Linux
Hands On

Technology Standards

Introduction to F5 Technology and Terms
POS (Point of Sale ) , mPoS
What is GLBA Compliance
OWASP
Site monitoring Tools
Introduction to PCI DSS Standard

Semantics and Introduction to Footprinting

What is Semantics
Fuzzy Logic
Footprinting

Threats

Types of Threats
Threats against the Application
Threat modelling
Hands on

Threat modelling

Threat modelling with STRIDE model
Ways to Find Security Issues
Penetration Testing Tools
Modelling Models – Whiteboard Diagrams, Brainstorming, Structured Diagrams etc.
Trust Boundaries
Threat Trees
DREAD Model

Example of Attack

Vulnerability Scanning Tools

OpenVAS
Wapiti
Burp Suite Community
Metasploit

Threat Modelling with Different models

Various Threat Models
PASTA Model in Depth

Advanced concepts like network packet analysis

Network scanning
How to scan the network, overview of scanning
WireShark
Sniffing attacks
File Signature

Got a question for us? Please mention it in the comments section and we will get back to you.

564