Basically, DNS helps in the translation of Google’s address (www.google.com) to the IP address of 18.104.22.168. It is a database that is distributed by critical performance. In all web applications DNS is very important. The analogy behind the DNS security is that of one does not have an answer to a certain issue, he can ask a friend, who in turn might ask his/her friend and the process continues. However, such a process might be dangerous with regard to security as the friends along the line might be dangerous.
⦁ Malicious DNS Server.
In most cases, it is hard to determine whether a DNS server is dangerous or not. The reason for that is, DNS servers are known to give false information when queried about the dangers that they could be facing. Thus, if a DNS server is malicious, it will be hard to identify the rot and it may continue for a long time without being noticed.
⦁ On-Path Eavesdropper.
In this regard, the attacker uses unscrupulous means to get the information passing through the network. If an attacker can be able to eavesdrop on the information on a network, then the network has been compromised. In this case, the attackers have the ability to see the query and the transaction identifier of 16 bits, and then race in sending a response that is spoofed to the given query.
⦁ Off-Path Attacker.
In this regard, the attacker may not be able to eavesdrop the network traffic, but can use an external software and inject DNS responses that are spoofed. In the past, it was possible attackers could inject some DNS responses that are spoofed. That is done through blind spoofing. Since then, there have been some mitigation deployed, making the process harder.
The DNS Threats.
DNS is a very critical path which connects everything that computer users do. This includes the IP addresses that are used, the host names for Maps. It is advisable to design just scales if users can minimize the lookup traffic. If the attacker manages to eavesdrop on the queries of DNS, then it is possible that the attacker can spoof the responses, just similar to DHCO/TCP. In this case, it is good to take into consideration to attackers who cannot be able to eavesdrop, but still have an aim of manipulating users through the way that the protocol works.