Remote dns attack lab

The goal of this lab is perfect for students to achieve the very first-hands experience

around the remote DNS cache poisoning attack, also known as the Kaminsky

DNS attack. DNS (Website Name System) may be the

Internet’s phonebook it

translates hostnames to IP addresses and the other way around.

This translation is thru DNS resolution, which happens behind

the scene.

DNS Pharming attacks manipulate this resolution process

in a variety of ways, by having an intent to misdirect users to

alternative destinations, that are frequently malicious.

This lab concentrates on a specific DNS Pharming attack technique, known as

DNS Cache Poisoning attack.

In another SEED Lab, we’ve designed activities to conduct the

same attack inside a local network atmosphere, i.e., the attacker and also the

victim DNS server are on a single network, where packet sniffering

can be done. Within this remote attack lab, packet sniffering isn’t

possible, therefore the attack becomes a lot more challenging than

the neighborhood attack.

VM version: This lab continues to be tested on the pre-built
SEEDUbuntu16.04 VM.

Zone Files for DNS Setup
- Zone apply for domain example.com:
  /var/cache/bind/example.com.db
- Default zone apply for DNS domain lookup:ns.dnslabattacker.internet:
  /etc/bind/db.attacker
- Note: When you purchase different IP addresses or domains, you
  have to customize the above configuration and zone files accordingly.
The query packet generator sample program: You are able to download
udp.c came from here, but you have to modify the program.

SEED Book (second Edition) by Wenliang Du
(Book website)
- Internet Security Software: A Hands-on Approach (Chapter 4)
- Computer & Internet Security Software: A Hands-on Approach (Chapter 18)
D. Schneider.
Fresh Phish: The way a lately discovered flaw within the Internet’s

Website Name System allows scammers to lure you to definitely fake Internet sites.

IEEE Spectrum, 2008.
The Pharming Guide: Understanding & Stopping DNS-related Attacks by Phishers.