A DNS (Domain Name System) is a protocol that translates a user-friendly domain name (eg. WhatIs.com) into a computer-friendly IP address (eg. 206.19.49.154).

DNS Attacks take of advantage of communication between clients and servers. There are many types of DNS Attacks including Zero Day Attack, Cache Poisoning, Denial of Service and Distributed Denial of Service, DNS Amplification, and Fast-Flux DNS.

Zero Day Attack: the attacker exploits a previously unknown vulnerability in the DNS protocol stack or DNS server software.

Cache Poisoning: The attacker corrupts a DSN server by replacing a legitimate IP address in the server’s cache with that of another, rogue address in order to redirect traffic to a malicious website, collect information or initiate another attack. Cache poisoning may also be referred to as DNS poisoning.

Denial of Service: An attack in which a malicious bot sends send more traffic to a targeted IP address than the programmers who planned its data buffers anticipated someone might send. The target becomes unable to resolve legitimate requests.

Distributed Denial of Service: The attacker uses a Botnet to generate massive amounts of resolution requests to a targeted IP address.

DNS Amplification: The attacker takes advantage of a DNS server that permits recursive lookups and uses recursion to spread his attack to other DNS servers.

Fast-Flux DNS: The attacker swaps DNS records in and out with extreme frequency in order redirect DNS requests and avoid detection.

Source: www.searchsecurity.techtarget.com

Share →