From the course: Network Forensics
Join today to access over 23,300 courses taught by industry experts.
DNS poisoning
- DNS poisoning occurs when an attacker gets access to a domain name IP address mapping list or database and alters it for malicious purposes the concept is very similar to that of app poisoning the only difference is the scale of the data stored first of all we use a dedicated server to store the DNS information we are talking about millions or even billions of records we know that the IP address of Linked in is 108.174.10.10 what if bad guys change the domain name IP mapping on our DNS server so that it now points to a fake web server designed to disguise as an authetic linked in website when suspecting users will type their log in credentials and the phishing server will steal their sensitive information basically this is what we mean by DNS poisoning . Let me demonstrate this localy on my VM . Windows OS keeps a file called hosts which acts like a DNS server it maintains its own list of domain name and IP addresses your Operating System or OS will check the host file before…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.