SlideShare una empresa de Scribd logo

How DNS Poisoning works?

M
monark111

This tutorial is about the DNS Poisoning attacks and how to prevent it.

Tecnología
1 de 10
Descargar para leer sin conexión
Monark Modi || +918866601590 || monark111@yahoo.com facebook.com/monark111 || twitter.com/monark111 Page 1 How does DNS Poisoning Work? Full Tutorial Presented By: Monark Modi
Monark Modi || +918866601590 || monark111@yahoo.com facebook.com/monark111 || twitter.com/monark111 Page 2 DNS POISONING  What do you mean by DNS? The DNS (Domain Name System) translates Internet domain and host names to IP addresses. DNS automatically converts the names we type in our Web browser address bar to the IP addresses of Web servers hosting those sites. In today’s world with botnets, viruses and other nefarious applications that use the Domain Name System (DNS) to further their harmful activities.  How DNS works? Whenever your computer contacts a domain name like “google.com,” it must first contact its DNS server. The DNS server responds with one or more IP addresses where your computer can reach google.com. Your computer then connects directly to that numerical IP address. DNS converts human- readable addresses like “google.com” to computer-readable IP addresses like “173.194.67.102″.
Monark Modi || +918866601590 || monark111@yahoo.com facebook.com/monark111 || twitter.com/monark111 Page 3 Thus now,  What is DNS Cache? A DNS cache contains entries that translate Internet domain names (such as "google.com") to IP addresses. The Internet's Domain Name System (DNS) involves caching on both Internet DNS servers and on the client computers that contact DNS servers. These caches provide an efficient way for DNS to efficiently keep the Internet synchronized as the IP addresses of some servers change and as new servers come online.
Monark Modi || +918866601590 || monark111@yahoo.com facebook.com/monark111 || twitter.com/monark111 Page 4 So, what if this DNS Cache becomes polluted???? This is known as DNS Poisoning!  DNS Poisoning A DNS cache can become poisoned if it contains an incorrect entry. For example, if an attacker gets control of a DNS server and changes some of the information on it — for example, they could say that google.com actually points to an IP address the attacker owns — that DNS server would tell its users to look for Google.com at the wrong address. The attacker’s address could contain some sort of malicious phishing website DNS poisoning like this can also spread. For example, if various Internet service providers are getting their DNS information from the compromised server, the poisoned DNS entry will spread to the Internet service providers and be cached there. It will then spread to home routers and the DNS caches on computers as they look up the DNS entry, receive the incorrect response, and store it.
Monark Modi || +918866601590 || monark111@yahoo.com facebook.com/monark111 || twitter.com/monark111 Page 5  DNS Poisoning using Cain and Abel Requirements: 1. Tool- Cain and Abel 2. A Wifi network 3. A windows operating system 4. Some Victims :P Procedure: 1-After you install cain , open it and go to the sniffer tab 2-Click on configure and choose your adapter 3-Enable the sniffer (click on the second icon in the toolbar next to the open icon)
Monark Modi || +918866601590 || monark111@yahoo.com facebook.com/monark111 || twitter.com/monark111 Page 6 4-Right click in the empty area and choose scan MAC addresses. We get the results above. 5-Click on the APR Tab 6-Click on the + sign in the toolbar to add a new ARP poison routing
Monark Modi || +918866601590 || monark111@yahoo.com facebook.com/monark111 || twitter.com/monark111 Page 7 7-choose the gateway which is 172.128.254.1 , in the next list you’ll get the IP of the computer 2 which is 172.128.254.10 and click ok 8-now click on the APR-DNS tab 9-click on the + sign
Monark Modi || +918866601590 || monark111@yahoo.com facebook.com/monark111 || twitter.com/monark111 Page 8 10-enter the web address that you want to spoof , (in this case when the user goes to facebook he’ll be redirected to myspace) click on resolve type the web address that you want to redirect the user to it, and click ok, and you’ll get the IP of the web address, then click ok you'll get something like this: 11-now to make this work we have to enable APR poisoning , click on the icon next to the sniffer icon, and everything should work as we expect.
Monark Modi || +918866601590 || monark111@yahoo.com facebook.com/monark111 || twitter.com/monark111 Page 9  What is ARP? Short for Address Resolution Protocol, a network layer protocol used to convert an IP address into a physical address (called a DLC address, such as an Ethernet address. A host wishing to obtain a physical address broadcasts an ARP request onto the TCP/IP network. The host on the network that has the IP address in the request then replies with its physical hardware address.  Disadvantages of DNS Poisoning DNS Poisoning has the limitation that it can only block a whole URL, not a page on a URL as more sophisticated filtering methods can. It is also very easy to bypass, as all a user needs to do is change his settings to use a DNS server outside of his ISP connection, and this can be done very easily by many children today.  How to remove DNS Poison  In the Start Menu, locate the Command Prompt menu item usually found in the Accessories. Right click on the Command Prompt menu item and select Run as Administrator.
Monark Modi || +918866601590 || monark111@yahoo.com facebook.com/monark111 || twitter.com/monark111 Page 10  In the command prompt window type the following command: ipconfig /flushdns  If the problem persists. Type the following 2 commands: net stop dnscache net start dnscache Thus, this is how the DNS Poisoning Attack can be used while the method to prevent it and avoid being a victim of it is shown here. * Just for Educational Purposes. We are not responsible for any wrong doings by you. Credits: Mr. Rahul Tyagi

Recomendados

DNS spoofing/poisoning Attack
DNS spoofing/poisoning AttackDNS spoofing/poisoning Attack
DNS spoofing/poisoning Attack
Fatima Qayyum
 
Class Project Showcase: DNS Spoofing
Class Project Showcase: DNS SpoofingClass Project Showcase: DNS Spoofing
Class Project Showcase: DNS Spoofing
Beibei Yang
 
Understanding DNS Security
Understanding DNS SecurityUnderstanding DNS Security
Understanding DNS Security
Nihal Pasham, CISSP
 
Detecting dns-tunneling-34152
Detecting dns-tunneling-34152Detecting dns-tunneling-34152
Detecting dns-tunneling-34152
huynhvanphuc
 
Build Dynamic DNS server from scratch in C (Part1)
Build Dynamic DNS server from scratch in C (Part1)Build Dynamic DNS server from scratch in C (Part1)
Build Dynamic DNS server from scratch in C (Part1)
Yen-Kuan Wu
 
Dns
DnsDns
Dns
princejhulan
 
Dns
DnsDns
Dns
Intekhab Alam Khan
 
dns-sec-4-slides
dns-sec-4-slidesdns-sec-4-slides
dns-sec-4-slides
kj teoh
 

Recomendados

DNS spoofing/poisoning Attack
DNS spoofing/poisoning AttackDNS spoofing/poisoning Attack
DNS spoofing/poisoning Attack
Fatima Qayyum
 
Class Project Showcase: DNS Spoofing
Class Project Showcase: DNS SpoofingClass Project Showcase: DNS Spoofing
Class Project Showcase: DNS Spoofing
Beibei Yang
 
Understanding DNS Security
Understanding DNS SecurityUnderstanding DNS Security
Understanding DNS Security
Nihal Pasham, CISSP
 
Detecting dns-tunneling-34152
Detecting dns-tunneling-34152Detecting dns-tunneling-34152
Detecting dns-tunneling-34152
huynhvanphuc
 
Build Dynamic DNS server from scratch in C (Part1)
Build Dynamic DNS server from scratch in C (Part1)Build Dynamic DNS server from scratch in C (Part1)
Build Dynamic DNS server from scratch in C (Part1)
Yen-Kuan Wu
 
Dns
DnsDns
Dns
princejhulan
 
Dns
DnsDns
Dns
Intekhab Alam Khan
 
dns-sec-4-slides
dns-sec-4-slidesdns-sec-4-slides
dns-sec-4-slides
kj teoh
 
DEF CON 27 - GERALD DOUSSOT AND ROGER MEYER - state of dns rebinding attack ...
DEF CON 27 - GERALD DOUSSOT AND ROGER MEYER - state of dns rebinding attack ...DEF CON 27 - GERALD DOUSSOT AND ROGER MEYER - state of dns rebinding attack ...
DEF CON 27 - GERALD DOUSSOT AND ROGER MEYER - state of dns rebinding attack ...
Felipe Prado
 
Content Navigation
Content NavigationContent Navigation
Content Navigation
sanjoysanyal
 
Dns and irc
Dns and ircDns and irc
Dns and irc
ZekriaMuzafar
 
VolgaCTF | Bo0oM - DNS and attacks
VolgaCTF | Bo0oM - DNS and attacksVolgaCTF | Bo0oM - DNS and attacks
VolgaCTF | Bo0oM - DNS and attacks
Дмитрий Бумов
 
PLNOG 17 - Patryk Wojtachnio - DDoS mitygacja oraz ochrona sieci w środowisku...
PLNOG 17 - Patryk Wojtachnio - DDoS mitygacja oraz ochrona sieci w środowisku...PLNOG 17 - Patryk Wojtachnio - DDoS mitygacja oraz ochrona sieci w środowisku...
PLNOG 17 - Patryk Wojtachnio - DDoS mitygacja oraz ochrona sieci w środowisku...
PROIDEA
 
DNS
DNSDNS
DNS
KABILESH RAMAR
 
CensorMeOrNot - P2P System of DNS Caches - DefCamp 2012
CensorMeOrNot - P2P System of DNS Caches - DefCamp 2012CensorMeOrNot - P2P System of DNS Caches - DefCamp 2012
CensorMeOrNot - P2P System of DNS Caches - DefCamp 2012
DefCamp
 
You've Got Fail
You've Got FailYou've Got Fail
You've Got Fail
James Boyd
 
Prism-Proof Cloud Email Services
Prism-Proof Cloud Email ServicesPrism-Proof Cloud Email Services
Prism-Proof Cloud Email Services
hughpearse
 
Dns
DnsDns
Dns
Dom Mike
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
Yiwei Gong
 
DNS spoofing/poisoning Attack Report (Word Document)
DNS spoofing/poisoning Attack Report (Word Document)DNS spoofing/poisoning Attack Report (Word Document)
DNS spoofing/poisoning Attack Report (Word Document)
Fatima Qayyum
 
DNSPresentation.pptx
DNSPresentation.pptxDNSPresentation.pptx
DNSPresentation.pptx
KailashTayde
 
What is private dns & how to use it on i phone, android & laptop
What is private dns & how to use it on i phone, android & laptopWhat is private dns & how to use it on i phone, android & laptop
What is private dns & how to use it on i phone, android & laptop
Temok IT Services
 
3.3_-_Lecture_3_Installing_the_DNS_Server_Role.pdf
3.3_-_Lecture_3_Installing_the_DNS_Server_Role.pdf3.3_-_Lecture_3_Installing_the_DNS_Server_Role.pdf
3.3_-_Lecture_3_Installing_the_DNS_Server_Role.pdf
ssuserfd0132
 
Installation of Active Directory on Windows Server 2003 Server
Installation of Active Directory on Windows Server 2003 ServerInstallation of Active Directory on Windows Server 2003 Server
Installation of Active Directory on Windows Server 2003 Server
► Supreme Mandal ◄
 
How to stop a VPN DNS leak.
How to stop a VPN DNS leak.How to stop a VPN DNS leak.
How to stop a VPN DNS leak.
LimeVPN
 
DHCP DNS P1 DHCP & Wireless Communication Methods Unicasting.pptx
DHCP DNS P1 DHCP & Wireless Communication Methods Unicasting.pptxDHCP DNS P1 DHCP & Wireless Communication Methods Unicasting.pptx
DHCP DNS P1 DHCP & Wireless Communication Methods Unicasting.pptx
MUHAMMADATTAURREHMAN7
 
Installation of Active Directory on Windows 2000 Server
Installation of Active Directory on Windows 2000 ServerInstallation of Active Directory on Windows 2000 Server
Installation of Active Directory on Windows 2000 Server
► Supreme Mandal ◄
 
How domain name servers work
How domain name servers workHow domain name servers work
How domain name servers work
RaxTonProduction
 
Celebrating 31 Years Of The Domain Name System (DNS) This Month!
Celebrating 31 Years Of The Domain Name System (DNS) This Month!Celebrating 31 Years Of The Domain Name System (DNS) This Month!
Celebrating 31 Years Of The Domain Name System (DNS) This Month!
Marie Moore
 
How DNS Works.pptx
How DNS Works.pptxHow DNS Works.pptx
How DNS Works.pptx
Infosectrain3
 

Más contenido relacionado

La actualidad más candente

Content Navigation
Content NavigationContent Navigation
Content Navigation
sanjoysanyal
 
PLNOG 17 - Patryk Wojtachnio - DDoS mitygacja oraz ochrona sieci w środowisku...
PLNOG 17 - Patryk Wojtachnio - DDoS mitygacja oraz ochrona sieci w środowisku...PLNOG 17 - Patryk Wojtachnio - DDoS mitygacja oraz ochrona sieci w środowisku...
PLNOG 17 - Patryk Wojtachnio - DDoS mitygacja oraz ochrona sieci w środowisku...
PROIDEA
 
CensorMeOrNot - P2P System of DNS Caches - DefCamp 2012
CensorMeOrNot - P2P System of DNS Caches - DefCamp 2012CensorMeOrNot - P2P System of DNS Caches - DefCamp 2012
CensorMeOrNot - P2P System of DNS Caches - DefCamp 2012
DefCamp
 
Prism-Proof Cloud Email Services
Prism-Proof Cloud Email ServicesPrism-Proof Cloud Email Services
Prism-Proof Cloud Email Services
hughpearse
 

La actualidad más candente (9)

DEF CON 27 - GERALD DOUSSOT AND ROGER MEYER - state of dns rebinding attack ...
DEF CON 27 - GERALD DOUSSOT AND ROGER MEYER - state of dns rebinding attack ...DEF CON 27 - GERALD DOUSSOT AND ROGER MEYER - state of dns rebinding attack ...
DEF CON 27 - GERALD DOUSSOT AND ROGER MEYER - state of dns rebinding attack ...
 
Content Navigation
Content NavigationContent Navigation
Content Navigation
 
Dns and irc
Dns and ircDns and irc
Dns and irc
 
VolgaCTF | Bo0oM - DNS and attacks
VolgaCTF | Bo0oM - DNS and attacksVolgaCTF | Bo0oM - DNS and attacks
VolgaCTF | Bo0oM - DNS and attacks
 
PLNOG 17 - Patryk Wojtachnio - DDoS mitygacja oraz ochrona sieci w środowisku...
PLNOG 17 - Patryk Wojtachnio - DDoS mitygacja oraz ochrona sieci w środowisku...PLNOG 17 - Patryk Wojtachnio - DDoS mitygacja oraz ochrona sieci w środowisku...
PLNOG 17 - Patryk Wojtachnio - DDoS mitygacja oraz ochrona sieci w środowisku...
 
DNS
DNSDNS
DNS
 
CensorMeOrNot - P2P System of DNS Caches - DefCamp 2012
CensorMeOrNot - P2P System of DNS Caches - DefCamp 2012CensorMeOrNot - P2P System of DNS Caches - DefCamp 2012
CensorMeOrNot - P2P System of DNS Caches - DefCamp 2012
 
You've Got Fail
You've Got FailYou've Got Fail
You've Got Fail
 
Prism-Proof Cloud Email Services
Prism-Proof Cloud Email ServicesPrism-Proof Cloud Email Services
Prism-Proof Cloud Email Services
 

Similar a How DNS Poisoning works?

Installation of Active Directory on Windows Server 2003 Server
Installation of Active Directory on Windows Server 2003 ServerInstallation of Active Directory on Windows Server 2003 Server
Installation of Active Directory on Windows Server 2003 Server
► Supreme Mandal ◄
 
Installation of Active Directory on Windows 2000 Server
Installation of Active Directory on Windows 2000 ServerInstallation of Active Directory on Windows 2000 Server
Installation of Active Directory on Windows 2000 Server
► Supreme Mandal ◄
 

Similar a How DNS Poisoning works? (20)

Dns
DnsDns
Dns
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
DNS spoofing/poisoning Attack Report (Word Document)
DNS spoofing/poisoning Attack Report (Word Document)DNS spoofing/poisoning Attack Report (Word Document)
DNS spoofing/poisoning Attack Report (Word Document)
 
DNSPresentation.pptx
DNSPresentation.pptxDNSPresentation.pptx
DNSPresentation.pptx
 
What is private dns & how to use it on i phone, android & laptop
What is private dns & how to use it on i phone, android & laptopWhat is private dns & how to use it on i phone, android & laptop
What is private dns & how to use it on i phone, android & laptop
 
3.3_-_Lecture_3_Installing_the_DNS_Server_Role.pdf
3.3_-_Lecture_3_Installing_the_DNS_Server_Role.pdf3.3_-_Lecture_3_Installing_the_DNS_Server_Role.pdf
3.3_-_Lecture_3_Installing_the_DNS_Server_Role.pdf
 
Installation of Active Directory on Windows Server 2003 Server
Installation of Active Directory on Windows Server 2003 ServerInstallation of Active Directory on Windows Server 2003 Server
Installation of Active Directory on Windows Server 2003 Server
 
How to stop a VPN DNS leak.
How to stop a VPN DNS leak.How to stop a VPN DNS leak.
How to stop a VPN DNS leak.
 
DHCP DNS P1 DHCP & Wireless Communication Methods Unicasting.pptx
DHCP DNS P1 DHCP & Wireless Communication Methods Unicasting.pptxDHCP DNS P1 DHCP & Wireless Communication Methods Unicasting.pptx
DHCP DNS P1 DHCP & Wireless Communication Methods Unicasting.pptx
 
Installation of Active Directory on Windows 2000 Server
Installation of Active Directory on Windows 2000 ServerInstallation of Active Directory on Windows 2000 Server
Installation of Active Directory on Windows 2000 Server
 
How domain name servers work
How domain name servers workHow domain name servers work
How domain name servers work
 
Celebrating 31 Years Of The Domain Name System (DNS) This Month!
Celebrating 31 Years Of The Domain Name System (DNS) This Month!Celebrating 31 Years Of The Domain Name System (DNS) This Month!
Celebrating 31 Years Of The Domain Name System (DNS) This Month!
 
How DNS Works.pptx
How DNS Works.pptxHow DNS Works.pptx
How DNS Works.pptx
 
DNS.docx
DNS.docxDNS.docx
DNS.docx
 
Dns server
Dns serverDns server
Dns server
 
1.1 DNS.ppt.ppt
1.1 DNS.ppt.ppt1.1 DNS.ppt.ppt
1.1 DNS.ppt.ppt
 
Domain name system presentation
Domain name system presentationDomain name system presentation
Domain name system presentation
 
Dns Changer Malware
Dns Changer MalwareDns Changer Malware
Dns Changer Malware
 
Lecture 13 DNS_DHCP.pptx
Lecture 13 DNS_DHCP.pptxLecture 13 DNS_DHCP.pptx
Lecture 13 DNS_DHCP.pptx
 
DirectAccess, do’s and don’ts
DirectAccess, do’s and don’tsDirectAccess, do’s and don’ts
DirectAccess, do’s and don’ts
 

Último

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 

Último (20)

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 

How DNS Poisoning works?

  • 1. Monark Modi || +918866601590 || monark111@yahoo.com facebook.com/monark111 || twitter.com/monark111 Page 1 How does DNS Poisoning Work? Full Tutorial Presented By: Monark Modi
  • 2. Monark Modi || +918866601590 || monark111@yahoo.com facebook.com/monark111 || twitter.com/monark111 Page 2 DNS POISONING  What do you mean by DNS? The DNS (Domain Name System) translates Internet domain and host names to IP addresses. DNS automatically converts the names we type in our Web browser address bar to the IP addresses of Web servers hosting those sites. In today’s world with botnets, viruses and other nefarious applications that use the Domain Name System (DNS) to further their harmful activities.  How DNS works? Whenever your computer contacts a domain name like “google.com,” it must first contact its DNS server. The DNS server responds with one or more IP addresses where your computer can reach google.com. Your computer then connects directly to that numerical IP address. DNS converts human- readable addresses like “google.com” to computer-readable IP addresses like “173.194.67.102″.
  • 3. Monark Modi || +918866601590 || monark111@yahoo.com facebook.com/monark111 || twitter.com/monark111 Page 3 Thus now,  What is DNS Cache? A DNS cache contains entries that translate Internet domain names (such as "google.com") to IP addresses. The Internet's Domain Name System (DNS) involves caching on both Internet DNS servers and on the client computers that contact DNS servers. These caches provide an efficient way for DNS to efficiently keep the Internet synchronized as the IP addresses of some servers change and as new servers come online.
  • 4. Monark Modi || +918866601590 || monark111@yahoo.com facebook.com/monark111 || twitter.com/monark111 Page 4 So, what if this DNS Cache becomes polluted???? This is known as DNS Poisoning!  DNS Poisoning A DNS cache can become poisoned if it contains an incorrect entry. For example, if an attacker gets control of a DNS server and changes some of the information on it — for example, they could say that google.com actually points to an IP address the attacker owns — that DNS server would tell its users to look for Google.com at the wrong address. The attacker’s address could contain some sort of malicious phishing website DNS poisoning like this can also spread. For example, if various Internet service providers are getting their DNS information from the compromised server, the poisoned DNS entry will spread to the Internet service providers and be cached there. It will then spread to home routers and the DNS caches on computers as they look up the DNS entry, receive the incorrect response, and store it.
  • 5. Monark Modi || +918866601590 || monark111@yahoo.com facebook.com/monark111 || twitter.com/monark111 Page 5  DNS Poisoning using Cain and Abel Requirements: 1. Tool- Cain and Abel 2. A Wifi network 3. A windows operating system 4. Some Victims :P Procedure: 1-After you install cain , open it and go to the sniffer tab 2-Click on configure and choose your adapter 3-Enable the sniffer (click on the second icon in the toolbar next to the open icon)
  • 6. Monark Modi || +918866601590 || monark111@yahoo.com facebook.com/monark111 || twitter.com/monark111 Page 6 4-Right click in the empty area and choose scan MAC addresses. We get the results above. 5-Click on the APR Tab 6-Click on the + sign in the toolbar to add a new ARP poison routing
  • 7. Monark Modi || +918866601590 || monark111@yahoo.com facebook.com/monark111 || twitter.com/monark111 Page 7 7-choose the gateway which is 172.128.254.1 , in the next list you’ll get the IP of the computer 2 which is 172.128.254.10 and click ok 8-now click on the APR-DNS tab 9-click on the + sign
  • 8. Monark Modi || +918866601590 || monark111@yahoo.com facebook.com/monark111 || twitter.com/monark111 Page 8 10-enter the web address that you want to spoof , (in this case when the user goes to facebook he’ll be redirected to myspace) click on resolve type the web address that you want to redirect the user to it, and click ok, and you’ll get the IP of the web address, then click ok you'll get something like this: 11-now to make this work we have to enable APR poisoning , click on the icon next to the sniffer icon, and everything should work as we expect.
  • 9. Monark Modi || +918866601590 || monark111@yahoo.com facebook.com/monark111 || twitter.com/monark111 Page 9  What is ARP? Short for Address Resolution Protocol, a network layer protocol used to convert an IP address into a physical address (called a DLC address, such as an Ethernet address. A host wishing to obtain a physical address broadcasts an ARP request onto the TCP/IP network. The host on the network that has the IP address in the request then replies with its physical hardware address.  Disadvantages of DNS Poisoning DNS Poisoning has the limitation that it can only block a whole URL, not a page on a URL as more sophisticated filtering methods can. It is also very easy to bypass, as all a user needs to do is change his settings to use a DNS server outside of his ISP connection, and this can be done very easily by many children today.  How to remove DNS Poison  In the Start Menu, locate the Command Prompt menu item usually found in the Accessories. Right click on the Command Prompt menu item and select Run as Administrator.
  • 10. Monark Modi || +918866601590 || monark111@yahoo.com facebook.com/monark111 || twitter.com/monark111 Page 10  In the command prompt window type the following command: ipconfig /flushdns  If the problem persists. Type the following 2 commands: net stop dnscache net start dnscache Thus, this is how the DNS Poisoning Attack can be used while the method to prevent it and avoid being a victim of it is shown here. * Just for Educational Purposes. We are not responsible for any wrong doings by you. Credits: Mr. Rahul Tyagi