Traffic hijacking is the use of various malicious software, Trojans to modify the browser, lock the home page or keep popping up new windows, etc., to force users to visit certain websites, thereby causing the loss of user traffic.
There are several methods of traffic hijacking, one of which is DNS hijacking. DNS is the server responsible for domain name resolution. Once a hacker destroys the DNS resolution process, after entering the domain name, it may be converted into the IP address designated by the hacker. It is often difficult for users to see the flaws, but all traffic will go to the fake server designated by the hacker. Hackers can not only easily obtain various passwords, personal information, etc., but also implant Trojan viruses and steal personal property.
Now recall the attempted hijackings.
Ancient times:
Hub Sniffing
MAC spoofing
MAC flush
ARP attack
DHCP Phishing
DNS hijacking
CDN hack
middle Ages:
weak router password
Router CSRF
PPPoE Fishing
honeypot proxy
Industrial Age:
WiFi weak password
WiFi fake hotspot
WiFi forced disconnection
WLAN base station phishing
Prevent DNS Hijacking
In fact, DNS hijacking is nothing new, and it is not impossible to prevent. The Baidu hacking incident once again revealed the vulnerability of the global DNS system, and shows that if Internet manufacturers only have security plans for their own information systems, they are not fast enough. Address comprehensive and complex threats. Therefore, Internet companies should take the following measures:
1. Internet companies prepare more than two domain names. Once a hacker conducts a DNS attack, users can also access another domain name.
2. The Internet should further revise the emergency plan and strengthen the coordination process for domain name service providers.
3. Domain name registrars and agencies may become the target of centralized attacks in a certain period and need to be guarded against.
4. Relevant domestic institutions should quickly establish coordination and communication with relevant overseas institutions to assist domestic enterprises to handle the incident quickly and in a timely manner.