Countermeasures With DNS Poisoning

Hey awl in diiz tut i will be telling you all the  countermeasures  of all types of DNS Poisoning attacks.

Intranet DNS Poisoning

First of them is Intranet DNS poisoning that is a DNS poisoning attack over LAN. Since Intranet DNS poisoning attack happens due to ARP poisoning man-in-the-middle attack, all countermeasures to packet sniffing applies to LAN DNS poisoning attack i.e use of switched LAN, use of static ARP and IP table, use SSH encryption, use sniffing detection tools and better use tunneled connection which supports IPSec.

Remote DNS Poisoning

Next is remote DNS poisoning, remote DNS poisoning attack becomes successful due to negligence of victim to unknown files, better make yourself aware of Trojans and Trojan vectoring methods. Download and install applications from trusted websites only, do not open suspicious files and archives. No matter you use Linux or Windows check setup files using archiving program to detect presence of DNS poisoning Trojan.

Proxy Server DNS Poisoning

Now comes Proxy Server DNS Poisoning. For being safe with these types of attacks you might know many proxy sites become live and die on daily basis, most of these proxy sites are only designed for proxy DNS spoofing attacks. Better be aware of proxy sites, use only those proxy setting which are trusted. If you want anonymity online prefer TOR or VPN over proxy sites.

DNS Cache Poisoning

DNS cache poisoning attacks can be countered by people who maintain primary and local DNS servers. All DNS servers should be audited regularly to counter flaw in security, since a small vulnerability can lead to breach in security of DNS server thus leading to DNS poisoning attack. DNS should be provided good security since this method of DNS poisoning can not be countered by users who use it as primary DNS. To provide extra layer of security to DNS server the DNS should be installed with bind-chroot package.