DNS Cache Poisoning

I found an article explaining DNS cache poisoning, an attack used by phishers to redirect “www.mybank.com” to a fake site.

Summary: DNS requests are not authenticated, and therefore the information mapping a domain name to an IP address cannot be trusted. It is possible to send a false broadcast message, such as “The IP of www.banksite.com is A.B.C.D”, to a server.

Many computer protocols (email, IP, DNS, etc.) were designed without authentication in mind– it was a time when security abuses were not a concern.

Join 450k Monthly Readers

Enjoy the article? There's plenty more to help you build a lasting, intuitive understanding of math. Join the newsletter for bonus content and the latest updates.