Domain Name System (DNS)

• Fundamental component of the internet that is responsible for translating human-friendly domain names into IP addresses that computers can understand

Some of The Various Types of DNS Attacks

DNS Cache Poisoning (DNS Spoofing)

• Corrupt a DNS resolver’s cache with false information
• Redirects users to malicious websites

Mitigation:

• Use DNSSEC (Domain Name System Security Extensions) to add digital signatures to DNS data
• Implement secure network configurations and firewalls to protect DNS servers

DNS Amplification Attacks

• Overwhelms a target system with DNS response traffic by exploiting the DNS resolution process
• Spoofed DNS queries sent to open DNS servers

Mitigation:

• Limit the size of DNS responses
• Rate limit DNS response traffic to reduce the impact

DNS Tunneling

• Encapsulates non-DNS traffic (e.g., HTTP, SSH) over port 53
• Attempts to bypass firewall rules for command and control or data exfiltration

Mitigation:

• Monitor and analyze DNS logs for unusual patterns indicating tunneling