hacktricks/pentesting-dns.md

23 lines
1.3 KiB
Markdown
Raw Normal View History

2023-06-06 18:56:34 +00:00
# Pentesting DNS
2022-05-01 16:32:23 +00:00
2023-06-06 18:56:34 +00:00
DNS (Domain Name System) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It translates domain names to IP addresses and vice versa. DNS is a critical component of the Internet infrastructure and is used in almost all Internet services.
2022-04-28 16:01:33 +00:00
2023-06-06 18:56:34 +00:00
## Attacks to DNS
2022-04-28 16:01:33 +00:00
2023-06-06 18:56:34 +00:00
DNS is a critical component of the Internet infrastructure and is used in almost all Internet services. Therefore, it is a common target for attackers. Some of the most common attacks to DNS are:
2022-04-28 16:01:33 +00:00
2023-06-06 18:56:34 +00:00
- DNS Spoofing
- DNS Cache Poisoning
- DNS Amplification
- DNS Tunneling
- DNS Rebinding
- DNS Water Torture Attack
2022-04-28 16:01:33 +00:00
2023-06-06 18:56:34 +00:00
## DNSSEC and DNSSEC3
2022-04-28 16:01:33 +00:00
2023-06-06 18:56:34 +00:00
DNSSEC (Domain Name System Security Extensions) is a security protocol that adds a layer of security to the DNS infrastructure. It provides authentication and integrity to DNS data. DNSSEC3 is an extension of DNSSEC that adds additional security features.
2022-05-01 16:32:23 +00:00
2023-06-06 18:56:34 +00:00
## DNS in IPv6
2022-05-01 16:32:23 +00:00
2023-06-06 18:56:34 +00:00
IPv6 (Internet Protocol version 6) is the most recent version of the Internet Protocol (IP). It is designed to replace IPv4, which is running out of address space. DNS in IPv6 is similar to DNS in IPv4, but there are some differences that need to be taken into account when testing or attacking DNS in IPv6.