What is DNS spoofing?
DNS spoofing is a term used when a DNS server accepts and
uses incorrect information from a host that has no authority
giving that information. DNS spoofing is in fact
malicious cache poisoning where forged data is placed in the
cache of the name servers. Spoofing attacks can cause serious
security problems for DNS servers vulnerable to such attacks,
for example causing users to be directed to wrong Internet sites
or e-mail being routed to non-authorized mail servers (see
DNS spoofing: How is it done?
Let's imagine three companies (A, B and C), all competing in a
challenging global environment.
Company A and B are working together in developing a product
that will generate a major competitive advantage for them.
Company A has a secure DNS server while company B has a DNS
server vulnerable to spoofing. With a spoofing attack on the DNS
server of company B, company C gains access to outgoing e-mails
from company B.
What are the consequences?
A spoofing attack can continue for a long period without being
noticed. In fact, companies may never know of the security
breach until the competitor enters the market with a product of
similar characteristics. The consequences of a spoofing attack
would be that companies can destroy any opportunity other
companies have to create a competitive edge. The frightening
thing, in times when IP address management and security are the
top concerns for the high technology community, is that most top
level business managers have not yet realized the financial and
security risks associated with DNS spoofing.
What can be done?
In order to prevent many sources of Internet attacks, it is
necessary to have the security built into DNS systems. To
minimize the risk of a spoofing attack, every organization or
individual responsible for a domain should first check which
type of name server they are using and consult with its
developer whether it is secure against DNS spoofing or
not. It is also possible to use the latest version of DNS Expert
(v.1.3) to check the vulnerability of all types of DNS servers
to DNS spoofing and other DNS problems. Furthermore,
Cricket Liu has written guidelines on how to solve the spoofing
problem for BIND and the Microsoft DNS Server in his article