[dns-operations] difference between dns spoofing and dns hijacking?
Lauren C.
lauren at miscnote.net
Tue Jul 24 12:27:46 UTC 2018
But some devices such as China's great wall can capture DNS transit
packages and modify them even cache server doesn't know this.
On 2018/7/24 星期二 PM 8:25, wbrown at e1b.org wrote:
> Cache poisoning is a little more clear cut (at least to me). Somone
> manages to convince my local caching server that example.com has an
> address other than what the authoritative server say. When I ask the
> local DNS for example.com, it will answer from the cache and give me the
> bogus data. This will work until the TTL expires, or the bad data is
> flushed for other reasons. If the cache is re-poisoned, the scenario
> repeats itself.
More information about the dns-operations
mailing list