DNS Spoofing vs DNS Cache Poisoning

awg0681awg0681 Member Posts: 14 ■□□□□□□□□□
I've been studying for my Sec+ and so far I haven't found a good, concise, clear answer as to the difference between these two. Most places I've looked seem to jumble them together. The practice test here for Sec+ even has a wrong answer (at least according to some posters).

Here's what I think they each are. Let me know if you agree.

DNS Spoofing: Setting up your own machine to pretend to be a legitmate DNS server directing traffic where ever you'd like it to go.

DNS Cache Poisoning: When a DNS server accepted caching information from an unauthorized source, such as an attacker, to re-route some or all traffic from that DNS to, or through, the attacker. (e.g. making www.techexams.net go to youvebeenhackedsucka.com)

Correct? Mostly?


  • phoeneousphoeneous Member Posts: 2,333 ■■■■■■■□□□
    Sounds good to me. I'm going to start sec+ next month, I think I'm going to lab up this scenario and post back how it goes.
  • DevilsbaneDevilsbane Member Posts: 4,214 ■■■■■■■■□□
    That sounds right to me. I think general ip spoofing can fall under cache posisoning too. If I can make the dns think that I am part of the domain, it will turn over all of the zone data which I can use to map out an attack.
    Decide what to be and go be it.
Sign In or Register to comment.