DNS spoofing or DNS Cache-poisoning

juvenileslilbrothajuvenileslilbrotha Member Posts: 17 ■□□□□□□□□□
There seems to be some ambiguity in the use of these two terms and I am trying to find a definitive answer.
Are they different or are they the samething? The generic answer seems to be DNS spoofing is when a DNS server accepts and uses incorrect information from a host that has no authority to give that information.But can't this same definition describe DNS Cache-Poisoning?

Thanks

Comments

  • DarrilDarril Member Posts: 1,588
    In general, the two terms are used interchangeably but there is a lot of depth to the topic. You often need to look at the context to determine the meaning.

    When referring to DNS spoofing as an attack, the two terms usually mean the same thing. Here's a good article: Men & Mice | DNS spoofing.

    This article talks about DNS spoofing as a feature on a Cisco router which is not an attack at all and not considered cache poisoning: DNS Spoofing - Cisco Systems

    In the context of studying for Security+, the objectives mention DNS poisoning which refers to modifying the cache. They also mention pharming which is a specific type of DNS poisoning attack that attempts to redirect a web site's traffic. For example, users may enter the URL for their bank, but the pharming attack sends them to a bogus site that looks the same. When users enter their credentials the attacker collects them.

    HTH,
Sign In or Register to comment.