In this article, we will understand the basics of DNS Spoofing. Its conceptual part and a practical example.
Let us first understand how DNS works!
We write google.com
But computers don’t understand all these languages.
You guys must be knowing that everything on the internet has an address ( IP address )! That’s how the internet works!
A person cannot just remember the IP addresses of too many websites and links.
Here comes the work of DNS (Domain name system)
So when we write www.google.com
Our computer connects to the DNS server and then the DNS server provides the IP address of the requested website. Like this, we are able to make connections
NOW THE MAIN TOPIC
Things will get a little complicated!
Now.. as I said everything on the internet has an address
That means it includes you as well!!
You also have your IP address
That’s how the DNS server is able to contact you back! and provide the IP address of google.com !!
Now if the attacker spoofs your IP! Means the attacker can replicate your IP and set your IP as his IP!
Now things are getting complicated!!!!
Let’s assume that you are A and the attacker is B
IP of A is 127.0.0.1 (assume)
Now B IP is also set to 127.0.0.1
Now if you send a request to the DNS server to open www.google.com
The attacker! B can receive the response or he can ask for the response.
So the IP address of Google will be given to B
And vice versa can also be done…
Like B requested for www.facebook.com and the response by the DNS server is sent to A
In this case…. www.facebook.com will open in A ‘s computer, not the other sites that he has requested for!!
Now, let’s take an example of how some unauthorized people use this technique!
A sends a request of www.facebook.com to the DNS server but the attacker sitting in a corner, having your IP address sends a request to the DNS server to open www.fakebook.com! ( This is a website that looks exactly like Facebook and is developed by B)
Now on A‘s computer www.fakebook.com will open!
But as it looks exactly like facebook…
A will enter his id and password in that website which will be noted down by B.
Hence A is COMPROMISED!
BY- INNOVATIVE NOOB