DNS Cache Poisoning – Computerphile
Poisoning the DNS cache is a sure way to serve malware to unsuspecting users. Dr Mike Pound explains some of the ways this has been accomplished.
https://www.facebook.com/computerphile
Tweets by computer_phile
This video was filmed and edited by Sean Riley.
Computer Science at the University of Nottingham: https://bit.ly/nottscomputer
Computerphile is a sister project to Brady Haran’s Numberphile. More at http://www.bradyharan.com
by Computerphile
linux dns server
I believe DNSSEC doesn't rely on PKI and therefore certificates as it is mentioned in the video.
If only I can get bettercap to work.
Major props for making this video despite the earthquake you guys were experiencing.
So a fortigate FW/router that is using https but with no certificate could fall into this attack?
It feels weird to re-watch Computerphile videos that I already watched years ago for entertainment, but this time because I’m writing a computer science bachelor thesis about DNS security (specifically about the identity management for DANE).
1:54 this is how excited I want to be when talking about anything
this is so interesting. thank you!
Why my isp server will listen to ghost server ?
What is an interesting question is: how do they know what name server/Resolver you are using? Without this, none of it can work!
but could you fake the certificates if they introduce them to genuine DNS servers?
that is so mean….:))))
Thanks for sharing knowledge ! 👍 Greetings from La Paz Bolivia 🇧🇴
Wow. The internet is held together with duct tape and twine. It is crazy that the early internet even worked at all without security measures like public key cryptography.
Just based on your other videos, why don't these requests between DNS servers use token like when browsers are talking to websites? Just send a request for the IP address, plus a random string, and only accept it if the response matches? They could easily have turned that 16 bits into 16 or more bytes. Did they just not see a need for any form of security when saying what address a site is at?
0:10
Domain Name System
0:32
Poisoning.
1:01
DNS
3:17
How it works.
4:29
Cache poisoning.
6:06
Botnet.
10:08
Security
Your do this attack because all the browser say you (your connection is not private)
This man could read to me the telephone book and it would be interesting
10:07 beautifully choreographed pen-spin flex by Dr. Mike
Any ideas on how Tor V3 hidden services can start getting nicer names? Some kind of ring of trust situation?
2:26 That's a real Parker Square of a Jolly Roger.