There has been some “panic” in regards to DNS poisoning threat these few days. If you are reading this very post, you can be affected by the threat too! (Basically, whoever browses web pages on the internet may be affected by this attack!)
So what is this DNS Poisoning attack/threat?
According to doxpara.com:
Recently, a significant threat to DNS, the system that translates names you can remember (such as www.doxpara.com) to numbers the Internet can route (220.127.116.11) was discovered, that would allow malicious people to impersonate almost any website on the Internet. Software companies across the industry have quietly collaborated to simultaneously release fixes for all affected name servers.
In a simpler example:
What is DNS and what does it have anything to do with me?
Imagine you are logging in to your Online banking account at http://www.MyBank.com (for example). After you type in the URL on your browser, through some “magic”, that URL will be translated by your ISP (Internet Service Provider) DNS server to a fixed IP address in the background (you can say that it’s being forwarded).
The URL should be forwarded to your actual Bank’s server located somewhere around the globe. Now, if I can hack your ISP DNS server, I can change that forwarding to any location/server that I want!
Here is my sketch to show you roughly what the attack does:
I can then set-up a replica of your online banking front page (so that you don’t know that it’s actually a fake). Innocently, you type in your account login and password on my page, thinking that you are actually trying to log-in to your bank. I guess you can guess what will happen next :)
So please go to www.doxpara.com and check whether your ISP DNS Server is vulnerable to this attack. The checker is on the right side of the page.
If you see the picture above, email your ISP straight away! I’ve just done mine and they said that they were in the process of updating their DNS servers.
If you want to read more about this thread, head off to ZdNet’s article.