DNS Spoofing Explained

In simple terms, the act of diverting an internet user to a false IP address is called DNS spoofing. Some in the trade call it “DNS cache poisoning” also, but the more common expression is the former. This tactic is often carried out as part of a larger cyber attack,  and the domain name server (or DNS) is in the center of the operation,  faced by users affected by the spoofing. How Does DNS Spoofing Exactly Happen? Again, this can be explained in a simple and direct manner with an example: If you’re the user and you wish to access your personal banking account online, you need to type in the URL of your bank’s site. You will be taken to a site which resembles your bank’s website with  all the same attributes, but it’s actually a fake replica of the  legitimate platform. The person perpetrating the cyber attack would have created a fake  webpage resembling your bank’s site, and even as your bank’s IP address  could be “xxx.xx.xx.xx” for instance, the fake IP to which you will be  taken would be, say,“zzz.zz.zz.zz.” This is how DNS spoofing is carried by unscrupulous hackers. DNS Spoofing Can Cause Major Damage [dns in the form of binary code]
There is really no limit to what every individual would expect from their domain name service (DNS) provider. Since you would be unaware that you have entered a fake website and  not your bank’s site, you will go ahead and type in your confidential  information—such as your username and password—for carrying on normal  banking activity. At the same time, the person at the remote system who mounted this  attack will quickly acquire the information—placing you at the grave  risk of losing all of the funds you have parked in your bank account. DNS Spoofing Can’t be Avoided The unfortunate thing is there is really no way the domain name  server can be taken out of the equation, if you were wondering how to  get out of this situation. The very backbone of the World Wide Web is built on the DNS server  system, identifying the IP address of the URL and quickly converting  that to the equivalent IP address represented in these numbers. This process is referred to as “DNS query and response packets,” and  as long as things are normal, there is nothing to worry about. The moment a middleman enters the scene and breaks into your system  or network, the cyber attack occurs and then you are virtually in the  grip of the hacker behind the DNS spoofing attack. They would then manipulate your browsing to land you to any site on  the internet. And when it is an exact replica of the site you are  familiar with, you may not suspect anything is wrong. As described above, it is the act of manipulating the packets that leads you to the catastrophe. This kind of a cyber attack is carried out by experienced hackers  because it involves a lot of software code-writing to intercept the DNS  query packets and divert the query to another IP address.