Cache Poisoning: Difference between revisions

Revision as of 14:31, 12 July 2021

Cache Poisoning is the insertion of false data into recursive Name Server, which remember previous lookups.

Overview

The attacker sends fake DNS answers in response to a query and tricks it into thinking the wrong data is correct for a given domain. The server remembers the wrong answer in its cache and provides that wrong answer in future lookups.^[1]

History

Mitigation

Use a randomized source port to reduce the risk of a cache poisoning attack instead of using the same source port number for every DNS query.

References

↑ Frequently Asked Questions on Cache Poisoning and Cross Pollination, IANA

[1] Frequently Asked Questions on Cache Poisoning and Cross Pollination, IANA

[1]

@@ Line 1: / Line 1: @@
-'''Cache Poisoning''' is the insertion of false data into recursive [[name server]], which remember previous lookups. The attacker sends fake [[DNS]] answers in response to a query and tricks it into thinking the wrong data is correct for a given domain. The server remembers the wrong answer in its cache and provides that wrong answer in future lookups.<ref>[https://www.iana.org/reports/2008/cross-pollination-faq.html Frequently Asked Questions on Cache Poisoning and Cross Pollination, IANA]</ref>
+'''Cache Poisoning''' is the insertion of false data into recursive [[Name Server]], which remember previous lookups.
 ==Overview==
+The attacker sends fake [[DNS]] answers in response to a query and tricks it into thinking the wrong data is correct for a given domain. The server remembers the wrong answer in its cache and provides that wrong answer in future lookups.<ref>[https://www.iana.org/reports/2008/cross-pollination-faq.html Frequently Asked Questions on Cache Poisoning and Cross Pollination, IANA]</ref>
 ==History==