캐시 독점에 대하여

About “Cache Poisoning”

As you learn about DNS, you’ll also learn about web caching, which we covered in a recent post.

What is cache poisoning?

An attack in which an attacker injects false information into the cache of a Domain Name Systm (DNS) server, manipulating it to return an invalid IP address.

What happens if an invalid IP address is returned?

The attacker can try to manipulate the victim’s DNS requests and redirect them to a malicious website or launch a variety of other attacks, including man-in-the-middle attacks.

What is a man-in-the-middle attack?

A form of attack in which a third party intervenes in the middle of the path to eavesdrop, manipulate, or forge communications.

This attack means that the two sides sending and receiving the communication trust each other, and the attacker steps in between to steal or manipulate the information.

Coming back to cache poisoning, it is also called a host head attack, but what is a host head?

What is a host head?

It is one of the headers used in an HTTP request, which conveys the domain name that the client is requesting from the server.

This attack manipulates the host header to trick the server into responding, causing it to cache the incorrect response, which will affect other clients as well.

Conclusion

Cache monopolization is a security risk, and proper defense and protection measures must be taken on DNS servers and web servers.

To do this, you should consider cache invalidation, cache control policies, and proper DNS security settings.