What are the types of DNS hijacking attack? How to detect it?

Others 2019-09-12 17:28:37 views: null

  How to detect their own websites is not a case of hijacking?
  IIS7 site monitoring
  to detect whether the site was hijacked, DNS pollution detection, speed detection information site open.
  Let's take a look at, what is DNS hijacking
  DNS hijacking attack, also known as DNS redirection is a network attack, the attacker hijack DNS request from a user, falsely resolve the IP address of the site, a user attempts to load, so as to be heavy directed to the phishing site.
  To perform a DNS hijacking attack, the attacker or install malicious software on the user's system, either known vulnerabilities or cracked DNS traffic through the use of a router to take over.
  Attacks involve destruction of the user's system DNS (TCP / IP) settings to redirect them to the "Rogue DNS" server, so that the default DNS settings are invalid. To perform the attack, the attacker or install malicious software on the user's system, or to take over a router by using a known vulnerability or cracking DNS traffic. Thus, the user will become a victim of phishing or pharming.
  DNS hijacking attack what type it?
  1. Local DNS hijacking - the local DNS hijacking, an attacker malicious software on the user's local DNS system and modify the settings, the user is now using a DNS server system controlled by the attacker. The attacker control of the DNS server website domain request into an IP address of a malicious site, which will redirect users to malicious sites.
  2. The router DNS hijacking attack - in such an attack, the attacker uses existing router firmware vulnerability to override DNS settings, which affect all users connected to the router. An attacker could also take over a router by using the router's default password.
  3. middleman (MiTM) DNS attack - this type of DNS hijacking, an attacker performs intermediary (MiTM) to communicate with and provide different attack destination IP addresses between the DNS servers and intercepting user to redirects the user to malicious sites.
  4. rogue DNS server - In this attack, the attacker can break the DNS server and change the DNS records to redirect DNS requests to a malicious site.
  Thus, DNS hijacking attack is still very scary, and I hope everyone on the hijacking class of problems, be vigilant, always pay attention to site security.

Guess you like

Origin www.cnblogs.com/goodcola/p/11511566.html
Recommended
Apache Doris version 2.0.10 is officially released!
Open Source Daily | Big models go to war; big model unicorns are revealed to be selling themselves; Zhou Hongyi suggests that Google open source all its products; the largest open source AI community provides $10 million to share GPUs
Ranking
JS inheritance and monitoring
[ProblemSolving][Ubuntu][LyX] The selected document class ... requires external files that are not available...
Java threads sharing static variable
balancap/SSD-Tensorflow使用及训练预测自己的数据集
Detailed core ES6
JS --- reverse traversal achieved Array array, the array is connected string
How to Uninstall (or Reinstall) Windows 10’s Ubuntu Bash Shell
Linux modify the hostname method
Charging Specification BC v1.2
node的性能和java对比分析
Daily
More
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)

Code World

© 2018 codetd.com