- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
DNS Spoofing by The Man In The Middle
- Abstract
- This paper is based on a vulnerability in the Windows XP DNS resolver. While other parties have recently published this vulnerability, the vulnerability was independently discovered during research for this paper. Using this vulnerability as an example, this paper demonstrates tools and techniques for discovering and investigating security vulnerabilities. The security vulnerability is then escalated to achieve Man In The Middle (MITM) status. A number of tools and techniques for performing MITM attacks are discussed. Finally, the role of key security controls are discussed as well as techniques an attacker may employ to avoid such controls. Through the discussion of these issues, this paper aims to raise awareness of the importance of security in underlying network protocols such as DNS, TCP and UDP.