14,927
edits
Changes
Jump to navigation
Jump to search
Line 22:
Line 22: − However, there is also a broader set of DNS security threats, including:+ Line 29:
Line 29: + + + + + + + +
→Overview
* [[spam]] (when it is used to deliver other forms of DNS Abuse), accounting for over 85% of DAAR-reported DNS abuse in February 2021.<ref>[https://www.icann.org/en/system/files/files/daar-monthly-report-28feb21-en.pdf DAAR monthly report Feb 2021]</ref>
* [[spam]] (when it is used to deliver other forms of DNS Abuse), accounting for over 85% of DAAR-reported DNS abuse in February 2021.<ref>[https://www.icann.org/en/system/files/files/daar-monthly-report-28feb21-en.pdf DAAR monthly report Feb 2021]</ref>
A broader set of DNS security threats include:
* [[DoS Attack]]s,
* [[DoS Attack]]s,
* [[DDoS Attack]]s,
* [[DDoS Attack]]s,
* the exploitation of implementation vulnerabilities, <ref>[https://www.verisign.com/en_US/company-information/dns-abuse/index.xhtml DNS Abuse, Verisign]</ref>
* the exploitation of implementation vulnerabilities, <ref>[https://www.verisign.com/en_US/company-information/dns-abuse/index.xhtml DNS Abuse, Verisign]</ref>
* [[Registrar Hopping]], aka TLD Hopping<ref>[https://annualreport2020.iwf.org.uk/trends/international/other/toplevel TLD Hopping, IWF 2020 Annual Report]</ref>
* [[Registrar Hopping]], aka TLD Hopping<ref>[https://annualreport2020.iwf.org.uk/trends/international/other/toplevel TLD Hopping, IWF 2020 Annual Report]</ref>
===DNS abuse adjacent issues===
* [[Credential stuffing]]
* [[password spraying attacks]]
* Compromise of email accounts
* Password compromise
* Poor password management
* Insider credential theft and abuse
==Vectors==
==Vectors==