The Domain Name System (DNS) translates Internet domain and host names to IP addresses.
The Domain Name System (DNS) translates Internet domain and host names to IP addresses.
Questions tagged [dns]
787 questions
53
votes
3 answers
Is my Windows 10 machine experiencing DNS poisoning? I keep getting Chinese IP addresses when connecting to a U.S. government domain
I've found that some .gov sites are being redirected to a Chinese IP. I have searched across Internet to see if this a known form of malware but I'm unable to find any info. I would like someone guiding me to isolate the infected files and report to…
Alex
- 761
- 1
- 6
- 7
23
votes
4 answers
Is it safe to have a DNS record pointing to 127.0.0.1?
My development server is on my local machine (127.0.0.1). I have created an A record in my DNS settings that points dev.mydomain.com to 127.0.0.1 so that I can use this domain name for accessing my local web app. I know I could use my /etc/hosts…
Olivier Lalonde
- 5,089
- 8
- 33
- 35
18
votes
3 answers
How can someone sinkhole domains?
The Wikipedia article about CryptoLocker says:
In late-October 2013, security vendor Kaspersky Labs reported that with the help of a researcher, it had created a DNS sinkhole to block some of the domain names used by CryptoLocker.
The Wikipedia…
unor
- 1,779
- 1
- 19
- 40
16
votes
2 answers
Is there any disadvantage in using OpenNIC for DNS resolution?
What are the advantages/disadvantages of OpenNIC vs ISP for DNS resolution with regards to security and privacy?
Strapakowsky
- 3,089
- 8
- 27
- 32
12
votes
2 answers
How does DigitalOcean DNS verify the owner of a domain?
Say you purchase a domain on Namecheap, but want to host DNS on DigitalOcean.
DigitalOcean, says to simply tell your registrar to use DO's nameservers, then set up your DNS for that domain on DO. However, there doesn't seem to be any verification…
devrelm
- 223
- 2
- 5
11
votes
2 answers
How to protect and detect DNS manipulations from browser side?
After reading the question about a manipulated google analytics script I wonder how you would protect against this kind of attack.
What comes to mind is setting DNS IP fixed in network configuration or using a tunnel, but in both cases you would not…
PiTheNumber
- 5,424
- 4
- 22
- 36
9
votes
1 answer
Which security risks are associated with alternative DNS providers?
I'm considering using an alternative DNS provider on my computer. Which risks do I run if I use one?
I already know that the DNS provider may return a malicious IP address when I'm trying to access google.com for example, leaving me under the…
Pieter
- 1,329
- 4
- 13
- 18
9
votes
2 answers
DNS Spoofing vs ARP spoofing, the relationship?
As I understand, ARP spoofing can only be done on the LAN-side of the router?
DNS spoofing, can that be done either side of the router?
In order to do DNS spoofing, do you need to perform ARP spoofing first?
Ian
- 201
- 3
- 4
8
votes
2 answers
Dnscrypt vs Dnscurve?
Which is better for highest privacy and security ? I've read both of them and i still don't understand the differences between them...
Can anyone explain what features is exclusive to one? My most concern is privacy and security.
See…
EncryptTheInternet
- 81
- 1
- 2
8
votes
2 answers
Is OpenDNS safe to use?
Anyone know anything about OpenDNS? Is it safe to use, or should it be avoided? If it should be avoided, what are the alternatives?
I am basically looking for a way to block certain sites from my home network, but at the same time, I don't want to…
oshirowanen
- 755
- 3
- 10
- 22
6
votes
2 answers
Listing of DNS vulnerabilities
I am currently studying how to setup DNS servers and all aspects of the DNS system. I would also like to study the security aspect. I want to use current DNS server attack on my test servers. Is there one place that lists the current attacks that…
Hanan
- 1,119
- 5
- 12
- 22
6
votes
1 answer
Attack on authoritative DNS server with high TTLs
The way DNS works, resolvers cache query results per TTL defined in the response. Consider an authoritative DNS server that is compromised, its main A record set to a different IP and TTL of that record set to something very high (like a month).
Is…
Mansour
- 181
- 3
6
votes
3 answers
Why would you want to run DNS servers externally?
Something that's never made much sense to me is when environments have DNS servers which are publicly accessible (on the internet). This more often than not seems to leave them vulnerable to Cache Poisoning/Snooping/Amplified DoS attacks.
The only…
NULLZ
- 11,518
- 19
- 81
- 111
6
votes
3 answers
How do I find all domains hosted on a single host?
I found several websites offer a function that allows you to list all domains hosted on the same machine, e.g you supply a.com, and it tells you b.com and c.com are both hosted on the same machine as a.com.
How did they know about it?
My first…
daisy
- 2,067
- 7
- 31
- 44
5
votes
3 answers
What can and can't a malicious DNS do?
I have been thinking of using http://tunlr.net/ for accessing "geo-IP banned websites" like netflix.
However, I have my concerns about safety of using some third party DNS server for everything. So, my question is. Let's suppose I use something like…
Karel Bílek
- 766
- 1
- 8
- 18