Friday, April 9, 2010

DNS Spoof Virtual Hosts



DNS Spoofing is a type of MITM attack in which victim's computer is sent a fake DNS reply for a particular website,forcing his machine to visit a different site.But when this Spoofed IP is hosting multiple virtual sites with multiple Host Headers and attacker wants to use this IP as a fake DNS reply for DNS Spoofing then the server will not be able to determine the proper destination as Host Header will be missing in the request.Hence DNS Spoofing attack will not success.

In this video , Ettercap is combined with a C program to change the host header on the fly and submits a new get request to the web server, which allows an attacker to successfully launch DNS Spoofing attack with a IP hosting multiple virtual web sites.

No comments:

Post a Comment

Certified Ethical Hacker Network Security Internet Security Computer Security Wireless Network Security