Subscribe to our
weekly update
Sign up to receive our latest news via a mobile-friendly weekly email
Here we’ll be talking about DNS security, the types of attack you should be on the lookout for, and how to protect users from DNS-related attacks.
Today’s Tip of the Day is the second in a three-part series on Domain Name System (DNS) monitoring. In the first, we looked at how the application delivery chain works and the way in which many companies outsource their DNS to third parties with a global presence in order to reduce latency. The connected tip was focused on ensuring users are served by the correct DNS server. Today, we’ll be talking about DNS security, the types of attack you should be on the lookout for, and how Catchpoint can provide 24/7/365 monitoring to ensure you can protect your customers and employees around the clock from DNS-related attacks.
Unfortunately, when the Domain Name System was created, security considerations were not taken into account. It was built by design to be a scalable, public database with unrestricted access to its data. Inevitably, this has led to many vulnerabilities in the system and multiple types of DNS exploit. The different types of DNS attack include:
DNS hijacking – the attacker “tricks” the end user into believing they are communicating with a legitimate domain name when they have been redirected to a different (potentially malicious) domain name or IP address the attacker has set up.
DNS spoofing – the attacker attempts to change the DNS records returned to the querier, the person asking, to a response the attacker chooses.
DNS cache poisoning – in this type of attack, the attacker targets cached name servers in order to control the answers stored in the DNS cache. It can potentially impact thousands of users and be very difficult to detect.
Distributed Denial of Service (DDoS) attacks – These types of exploit involve the attacker attempting to exhaust the DNS resource, CPU or memory by flooding a service hosting a particular domain with requests. It slows down or forces an outage of a website. DDoS attacks are also referred to as DNS Flood or DNS Amplification attacks.
This is where Catchpoint separates itself from other vendors. To stay one step ahead of these kinds of malicious activity, you need 24/7/365 synthetic monitoring from points around the globe from as many vantage points as possible. Catchpoint’s large number of global testing locations is one of our greatest strengths as our vantage points cover backbone, broadband, cloud, last mile, and wireless providers worldwide.
For DNS, synthetic monitoring is a must-have. It lets you look at the performance of all the nameservers and pinpoint any errors along the entire DNS resolution chain. It also provides a window into the database records used by DNS servers, which allows you to diagnose the specific reason an error has occurred, for instance, DNS cache poisoning or insecure zone transfers. In today’s video, we will see this in action by drilling down into two different DNS tests, just a couple of twenty DNS test templates prebuilt for you to use.
Today’s Tip: Use Catchpoint’s DNS Tests (Fig 1) to help keep your customers and employees secure. In today’s video, you will: