DNS Poisoning. (Pharming)

Discussion in 'other security issues & news' started by Konata Izumi, Jun 9, 2010.

Thread Status:
Not open for further replies.
  1. Konata Izumi

    Konata Izumi Registered Member

    Joined:
    Nov 23, 2008
    Posts:
    1,544
    Here's the scenario:
    If for example my DNS (ie. OpenDNS / DynDNS) got poisoned... without my knowledge I might be at risk of getting hacked.

    How can I prevent this from happening? o_O
    :shifty:
     
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    You can't. It could happen to your ISP's DNS, it could happen to your own DNS server, it could happen anywhere.

    Fortunately when you run a business based solely off DNS, you generally want to keep your customers safe and secure.
     
  3. Konata Izumi

    Konata Izumi Registered Member

    Joined:
    Nov 23, 2008
    Posts:
    1,544
    aww.. so nothing can be done on my side? :<
    the securing of the DNS are the job of the DNS provider itself?

    if they're compromised.... I'm doomed. :'(

    Q: Are there any other DNS that is really really really secured aside from the ff?
    OpenDNS/ DNSAdvantage / DynDNS / Scrubit / Norton DNS / Google DNS / Level3 / Warner DNS
     
    Last edited: Jun 9, 2010
  4. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    All DNS providers will be doing their best to keep their services secure. Nothing is better than another service when it comes to security, choose what you prefer.
     
  5. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    Local DNS Poisoning can happen on your end from a MITM attack.
    This requires a computer in your network to already be compromised.
    By exhausting the DNS they can provide their own DNS response.
    Of course the attacker would be running a web server for you to see his spoofed site. Make sure you check the address bar for the correct name.

    A good How to for understanding MITM, ARP Poisoning, DNS Poisoning: http://openmaniak.com/ettercap.php
     
    Last edited: Jun 9, 2010
Loading...
Thread Status:
Not open for further replies.