Hostname lookup attack
来源:互联网 发布:淘宝流量高峰期查询 编辑:程序博客网 时间:2024/06/15 00:24
Overview
When establishing a connection with a remote computer such as a web server belonging to a bank or other target, a hostname lookup is normally performed to translate a domain name such as "bank.com" to a numeric IP address such as 198.81.129.100. Hostname lookup attacks interfere with the integrity of the lookup process for a domain name. Hostname lookup attacks are commonly called "pharming."
One form of hostname lookup attack is to interfere with the Domain Name System (DNS), for example by hacking a DNS server. However, hostname lookup attacks are more commonly performed locally by crimeware that modifies the hosts file on the victim's computer. If the domain or host name appears in the hosts file, the corresponding address will be used, without regard to what a DNS query for that domain name might return. If this file is modified, then "www.bank.com" can be made to refer to a malicious address. When the user goes there, he or she will see a legitimate-looking site and enter confidential information, which actually goes to the attacker.
Another way to interfere with hostname lookups is to alter the system configuration of a victim’s computer to change the DNS server to a malicious server controlled by the attacker. When a user navigates to a correctly named site, such a server can send the user to a fraudulent site where confidential information is collected.
Another form of hostname lookup attack involves polluting the user's DNS cache with incorrect information that will be used to direct the user to an incorrect location. If the user has a misconfigured DNS cache, this can be done by simply providing incorrect information. It can also be accomplished by hacking a legitimate DNS server, or by polluting the cache of a misconfigured legitimate DNS server. Such attacks do not fall within the definition of crimeware, as they do not involve software that runs on the victim’s computer.
0 0
- Hostname lookup attack
- Attack
- Attack
- lookup
- Hostname
- hostname
- hostname
- hostname
- hostname
- hostname
- hostname
- rose AttAck
- Sybil attack
- Sybil Attack
- Replay attack
- Test attack
- Network Attack
- Attack Tools
- 利用MATLAB计算三维坐标序列距离误差程序
- 快速排序
- 反射
- ios--appDelegate切换根视图rootViewController(最常用的场合是首次启动跳至导航ViewController)
- 程序间回调
- Hostname lookup attack
- 循序渐进实现仿QQ界面(二):贴图按钮的三态模拟
- 打印,无选择打印框
- 浏览器的User Agent Stylesheet
- 未来十年营销主流趋势:微信营销
- 循序渐进实现仿QQ界面(三):界面调色与控件自绘
- Android notification
- opencv结构介绍
- Struts2的配置所需jar包