Keywords |
  • Computer Science

Cache poisoning

Cache poisoning is when one DNS server has to ask another DNS server for the IP address of a domain name that is being requested, which is the most common case, it temporarily stores the result (on average for 2 days) in its cache memory.

This means it can give the number immediately if a new request is made. Since the cache is designed to receive data from outside, if there is a flaw it is possible for a hacker to insert a well known domain name (e.g. www.google.com) and have it correspond to the IP of another site (e.g. a pornography site or a site sending malware).

A visitor using this DNS server will then be redirected to the malicious site instead of the one requested (Google in our example).

This is a cache poisoning attack, also called DNS spoofing.


connexes

Latest

Fill out my online form.