DNS spoofing is a dangerous attack to hack any system by redirecting the traffic to a different site, At the end attack can hack your system by downloading any malware or can steal username and passwords through redirecting traffic to the fake site. Before you know how DNS spoofing work lets see what is DNS and how DNS work.
What is DNS?
DNS or Domain Name System is like a phone book of the internet. When people use to save the number with the name in the telephone book, The main reason for the telephone book was human is not able to remember numbers, its easy to remember names instead of a number. Same Thing with the internet every domain or website has a unique IP address like a phone number but we can’t remember the IP address to we use Domain name because it’s easy to remember it but for a computer, it’s not possible to know a domain name computer work with IP address so we created a DNS server which keeps the record of IP address and Domain name. When you type the website name in your browser, your request is forwarded to the DNS server and DNS server change the Domain name with the IP address after that your request is sent to the website server.
What is DNS Spoofing?
DNS server keeps the record with Domain name and their IP address, but when attacker performs DNS spoofing attacker redirect the traffic to the different IP address.
In the above example attack spoof the fb.com IP address to the fake FB site now when the victim type the fb.com DNS server will redirect the traffic to the fake fb.com or anywhere where attack wants.
In the next tutorial, I will show you how to perform a DNS spoofing attack.