DNS is a system that converts domain names to IP addresses. DNS spoofing is when a DNS address is made to resolve to a different IP address. It can be used for legitimate or illegitimate purposes, including deception. DNS hijacking is different, as it doesn’t necessarily try to trick the user as to the URL they were directed to.
DNS stands for Domain Name System, which is the methodology for converting between domain names, such as wiseGEEK.com, and Internet Protocol (IP) addresses, which are a series of four up to three-digit numbers, separated by decimals points. All computers and devices connected to the Internet have an IP address, and DNS prevents people from having to memorize strings of numbers by allowing human-sized word substitutions instead. Spoofing is a deceptive practice that is used to make the target mistake one thing for another. On the Internet, spoofing is done with emails purporting to be from a sender other than the real sender and websites using any means possible to suggest that they represent a real individual or organization other than the one who, in fact, l ‘created. DNS spoofing is the practice of causing a DNS address to resolve to a different IP address than the one it is actually connected to.
DNS spoofing could be done for legitimate or illegitimate purposes. Cisco Systems provides a DNS spoofing feature on routers to allow the router to act as a proxy DNS server while an interface setup for the ISP is down. The explicit understanding is that the router will go back to its usual job of forwarding queries to DNS servers as soon as it can. However, DNS spoofing is also done for the purpose of deception and is sometimes used in connection with spoofed websites with the intention of making the user believe that they have landed on the intended website. This type of setup often uses a site where users enter usernames and passwords, account numbers, and other information that can be leveraged to make money.
DNS spoofing is different from DNS hijacking, although DNS hijacking also takes the user to a different website than the one they attempted to reach. The difference is that DNS hijacking doesn’t necessarily try to trick you as to the URL you were directed to. For example, it has been used by some ISPs (Internet Service Providers) in the event of an NXDOMAIN error, i.e. when a URL is not found, probably because it is invalid, so that instead of the error message the user sees a replacement page, usually with advertisements, but nothing like the site the user was trying to reach.
Protect your devices with Threat Protection by NordVPN
