Cache Poisoning

Cache Poisoning

Cache Poisoning

The term "cache poisoning" refers to attacks against the Internet's Domain Name System, or DNS, in order to introduce incorrect information. While it's possible that cache poisoning can occur from improper configuration or simply bad design on the part of DNS software designers, the term mostly references deliberate attempts to compromise the information held by the DNS.

Each computer has a "cache" in its memory to hold temporarily stored information which can then be accessed quickly. Computers use cache memory to improve speed and performance. In the case of DNS, the cache holds hundreds of millions of records about websites and their IP addresses.

When a computer in the DNS receives a query, it references its cache first. If the address exists, the DNS returns it to the querying computer, which is then able to visit the site. If the information is not held in the cache, the DNS computer has to go looking for it. In the milliseconds this is occurring, an attacker can place a fake address record into the DNS. If it's accepted, the cache is thereafter considered poisoned. As long as the fake entry remains cached by the server, all queries for that address, be it website, FTP, or email, will be sent to the fake address.

Since the cause of the attack is not a virus, spyware, or other kind of malware, it cannot be removed by anti-virus or malware removal software. The poisoned cache can only be detected through being reported by suspicious users, or through the routine maintenance that's done regularly on DNS servers.

The aim of malicious DNS cache poisoning can vary. One instance redirects browsers to a fake version of a popular web site in order to glean sensitive information from users who land there. Hundreds of thousands of names, passwords, addresses, even phone numbers and credit card information can be harvested before the deception is realized. Other aims might be to plant spyware or other forms of malware on the unsuspecting computers who visit the fake site.

Experts agree that cache poisoning can be prevented by making DNS servers less trustful of address authorizations passed to them through other DNS servers. Security could also be tightened by causing the DNS servers to ignore completely any DNS information that isn't directly relevant to the query. Until the problem of security is resolved, cache poisoning remains a threat to the security of the Internet.

POST COMMENT

Seven Head ache Remedies to maintain on Hand Can You Get Headaches By Exercising? Three Beaches at One Villa Rental Can Headaches Be A result of Physical exercise? Reaching World of Warcraft gold cap! How to Get Rid of Tension Headaches for Good Edmund Loh Coaching - Who is Edmund Loh and Why Should I Enroll in His Coaching? Must You Be Worried About Physical Exercise Related Severe Headaches Super Affiliate Coaching Club Review - Jeff Johnson's Super Affiliate Coaching Club What Is Life Coaching And How Will It Facilitate Me? The Myths About Coaching Warning - How To Recognise When You Don't Trust The Coaching Process - And What To Do Concerning It Coaching Makes the World Go Spherical