Remote dns attack lab



The goal of this lab is perfect for students to achieve the very first-hands experience

around the remote DNS cache poisoning attack, also known as the Kaminsky

DNS attack. DNS (Website Name System) may be the

Internet’s phonebook it

translates hostnames to IP addresses and the other way around.

This translation is thru DNS resolution, which happens behind

the scene.

DNS Pharming attacks manipulate this resolution process

in a variety of ways, by having an intent to misdirect users to

alternative destinations, that are frequently malicious.

This lab concentrates on a specific DNS Pharming attack technique, known as

DNS Cache Poisoning attack.

In another SEED Lab, we’ve designed activities to conduct the

same attack inside a local network atmosphere, i.e., the attacker and also the

victim DNS server are on a single network, where packet sniffering

can be done. Within this remote attack lab, packet sniffering isn’t

possible, therefore the attack becomes a lot more challenging than

the neighborhood attack.

Lab Tasks (Description)

  • VM version: This lab continues to be tested on the pre-built

    SEEDUbuntu16.04 VM.

Suggested Time

  • Supervised situation (e.g. a carefully-led lab session): 4 hrs
  • Without supervision situation (e.g. take-home project): 2 days

Files that are required

  • Zone Files for DNS Setup
    • Zone apply for domain


    • Default zone apply for DNS domain lookup:ns.dnslabattacker.internet:


    • Note: When you purchase different IP addresses or domains, you

      have to customize the above configuration and zone files accordingly.

  • The query packet generator sample program: You are able to download

    udp.c came from here, but you have to modify the program.

  • SEED Book (second Edition) by Wenliang Du

    (Book website)

    • Internet Security Software: A Hands-on Approach (Chapter 4)
    • Computer & Internet Security Software: A Hands-on Approach (Chapter 18)
  • D. Schneider.

    Fresh Phish: The way a lately discovered flaw within the Internet’s

    Website Name System allows scammers to lure you to definitely fake Internet sites.

    IEEE Spectrum, 2008.

  • The Pharming Guide: Understanding & Stopping DNS-related Attacks by Phishers.


SML Movie: The Remote!