Free DNS spoofability test

6
Posted 29th Sep
Not really a deal, but I've seen a few threads pop up about DNS over SSL from Cloudflare.

I think a more reasonably likely threat to the average person is ensuring that your DNS request is returning the correct response rather than encrypting the traffic.

Steve Gibson set up a test you can do on the DNS servers you're pointing to to see if spoofing is likely (i.e. to change the DNS lookup so you are sent to a fraudulent IP address and not the real one).

The test is here - grc.com/dns…htm

One question that should asked is: how can you trust the page of the bank you're receiving when you type hsbc.co.uk, from a DNS lookup point of view

Granted, if HTTPS is used properly or at all, then the errors at that level will help detect the attack. But, then again, on a fraudulent site, HTTPS doesn't have to be used at all.

The results are explained on the page and go into great depth.

Hope this helps someone but happy to hear other's input into this.
Community Updates
Misc
6 Comments
For years I've told people that dns is one of the biggest potential targets, like dhcp it can chop your security off at the knees.
I use a DNS on my LG TV so I can get U.S Netflix, doubt they can do much damage to my TV
Sc4mp029/09/2019 17:04

I use a DNS on my LG TV so I can get U.S Netflix, doubt they can do much …I use a DNS on my LG TV so I can get U.S Netflix, doubt they can do much damage to my TV


They can hijack your entire network through your tv. That’s why I run low security devices like that through a segregated “guest network”.
cmdr_elito29/09/2019 18:04

They can hijack your entire network through your tv. That’s why I run low s …They can hijack your entire network through your tv. That’s why I run low security devices like that through a segregated “guest network”.


Yes, possibly.
cmdr_elito29/09/2019 18:04

They can hijack your entire network through your tv. That’s why I run low s …They can hijack your entire network through your tv. That’s why I run low security devices like that through a segregated “guest network”.


my TV is wired to the router, didn't even think they could hijack it through the TV so might unplug it and connect it to a guest network.

I feel pretty confident with my security on each device and the chances me being targeted is minimal but extra security doesn't hurt.
Sc4mp029/09/2019 18:24

my TV is wired to the router, didn't even think they could hijack … my TV is wired to the router, didn't even think they could hijack it through the TV so might unplug it and connect it to a guest network.I feel pretty confident with my security on each device and the chances me being targeted is minimal but extra security doesn't hurt.


I would recommend having a look at pi hole to bolster your network.
Post a comment
Avatar
@
    Text

    Discussions

    Top Merchants