What is DNS Spoofing?
DNS is the acronym for the Domain Name System, which is the methodology for converting between domain names, such as wiseGEEK.com, and IP (Internet Protocol) addresses, which are a series of four numbers of up to three digits, separated by decimal points. All computers and devices connected to the Internet have an IP address, and DNS prevents people from having to memorize the number strings by allowing the substitution of human-friendly words, instead. Spoofing is a deceptive practice that is used to make the target mistake one thing for another. On the Internet, spoofing is done with emails that purport to be from a sender other than the real sender and websites that use every possible means to suggest that they represent a real individual or organization other than the one that, in fact, created it. DNS spoofing is the practice of making a DNS address resolve to a different IP address than the one that it is actually connected to.
DNS spoofing could be done for legitimate or illegitimate purposes. Cisco Systems provides a DNS spoofing feature on routers to allow the router to act as a proxy DNS server while setup of an interface to the ISP is not operational. The explicit understanding is that the router will return to the usual task of forwarding the queries to the DNS servers as soon as this is possible. However, DNS spoofing is also done for the purposes of deception, and sometimes used in connection with spoofed websites with the intention of making the user believe that he or she has landed on the intended website. This type of setup often uses a site on which users input usernames and passwords, account numbers, and other information that can be exploited for gain.
DNS spoofing is different than DNS hijacking, although DNS hijacking also takes the user to a different website than the one he or she attempted to reach. The difference is that DNS hijacking does not necessarily attempt to fool the user about the URL he or she has been directed to. For example, it has been used by some ISPs (Internet Service Providers) in the case of an NXDOMAIN error — that is, when a URL is not found — possibly because it is invalid, so that instead of the error message, the user sees a substitute page, usually with advertising, but looking nothing like the site the user was trying to reach.
Do people ever use DNS spoofing as a tool to increase traffic to their websites? It seems that everyone these days is concerned with getting more page views, and when they are getting paid by advertisers at a rate dependent upon how many people visit their sites, I can understand why.
It is still wrong, even if you don't steal anyone's credit card numbers. It's deceptive, and it takes traffic away from legitimate websites whose owners work hard to get more views.
I would imagine that DNS spoofing is being used for this, though. It is a form of stealing, even if the person being directed to the site isn't losing any money.
My grandmother was the victim of a DNS spoofing attack not long after she learned to use a computer. She was really enjoying being able to shop online, but she was unaware of all the pitfalls of the web.
She received an email with a link in it to what she thought was a site she had shopped through before. It even looked like it once she clicked on it.
She didn't realize it was a scam until weeks later when her order still had not arrived. She called the company, and they had no record of her order. They did tell her that someone had been targeting their customers with a scam, though, so she had to cancel her credit card.
Post your comments