DNS spoofing is adding false data to the DNS Server’s cache. This
enables hackers to:
* Redirect real domain name queries to alternative IP addresses.
For example, a falsified A record for a bank could point a
computer user’s browser to a different IP address that is controlled
by the hacker. A duplicate website could fool users into giving their
bank account numbers and passwords to the hacker.
Also, a falsified mail record could enable a hacker to
intercept mail sent to or from a domain. If the hacker then forward
that mail to the correct mail server after copying the mail, this can
go undetected.
* Prevent proper domain name resolution and access to the Internet.
This is the most benign of DNS spoof attacks. It merely makes a
DNS server appear to be malfunctioning.
The most effective method to guard against these attacks is vigilance.
This includes maintaining up-to-date software and auditing DNS records
regularly.
If exploits are found in the current version of BIND, the exploits are
patched and a security update is made available for Mac OS X Server.
Apply all such security patches. Regular audits of your DNS records
can help prevent these attacks.
