DNS poisoning – in plain English :-)

What is DNS poisoning, why it affects everyone accessing the internet and how to fix it.

Computers do not have names, only numbers. For example, Yahoo! is 68.180.206.184. When you ask your browser to be taken to Yahoo.com, it looks up this number in something similar to a telephone directory.

A person by the name Dan Kaminsky has found that it’s possible for someone (called X henceforth) to modify the directory. So, when you ask for Yahoo, the computer would lookup the wrong number, a number to a computer owned by X. Thereafter, it can record the information you give it, thinking that its Yahoo!. The owner may then misuse this information.

So what do you do to make sure this doesn’t happen? First, check your DNS server (the machine that tells your computer what number a website has) by going to http://www.doxpara.com/.
If that says your computer is vulnerable, change your DNS servers. Detailed instructions for different operating systems are here. For Windows, in short you have to change your DNS settings to 208.67.222.222 and 208.67.220.220 by going to Network Connections.

Note: This is not a security update blog, and I do not talk about every vulnerability. However, this one is important and everyone needs to understand it. On the other hand, most forums on the web talk highly techno. Read this one for more information, only if you think you need it!

Share

Licensing and information about the blog available here.