The domain name system
First proposed in 1983, six years before the World Wide Web, DNS translates domain names like amazon.com and paubox.com into numerical Internet Protocol (IP) addresses that identify every server, computer, and device connected to the Internet. It's much easier to remember google.com than 220.127.116.11. DNS entries include electronic mail routing information. The problem of email spam was solved in part by tracking which IP addresses were used to send spam and blocking them, and requiring IP warming before new addresses could send email.
SEE ALSO: HIPAA Compliant Email: the Definitive Guide
But more sophisticated attacks target the DNS system itself. And if the global address book of the Internet can't be trusted, it's impossible to know which systems you can trust.
Because computers rely on DNS to know where to find each other, hackers often target the DNS system to redirect connections to other servers. This is called DNS hijacking. For example, you may be trying to log onto your bank's website at paubank.com, which the DNS system will normally tell you can be found at 123.456.789. Hackers could "hijack" the DNS directory entry for paubank.com and send you to 123.456.666 instead. If the website at the other end is designed to look like your bank website, you could log in with your username and password and unknowingly compromise your security. There are four basic types of DNS redirection attacks:
- Local: Malicious software (malware) is installed on your computer to change your DNS records and settings.
- Router: Centralized hardware in homes and businesses, which people often install without changing the factory usernames and passwords, is modified to redirect DNS lookups.
- Man-in-the-middle: Connections are intercepted between a user and a DNS server to replace correct IP addresses with IP addresses of malicious websites.
- Rogue DNS server: Setting up or taking over a DNS server to have control over the entire address book, again to direct users to malicious websites.
SEE ALSO: How do I identify my domain host?