Cache Poisoning

Cache Poisoning, also referred to as DNS Spoofing, is an attack designed to locate and exploit vulnerabilities that exist in a domain name system (DNS) by replacing legitimate data in a cache with false data. At that point, a worm, spyware, web browser hijacking program, or other malware can be downloaded to the user's computer from the rogue location. Types of DNS attacks include domain hijacking, DNS flood attack (see below for an example), DNS tunneling which allows the requesters computer to be remotely accessed, and DNS hijacking which alters the TCP/IP configurations so they can point to a malicious DNS server, one that will eventually redirect the traffic to a phishing website.


DNS hijacking sends the requester to a fake web page such as a banking login screen. When the unsuspecting user fills in the form the login is stolen and bank account drained.

Hacking groups will send requesters to a page designed to install malware on their computers that will replicate itself by infecting other computers, rinse repeat. This is an example of a flood attack which is the basic recipe for initiating a DDoS attack where hundreds or thousands of hosts can be involved. Also see DDoS

References for the glossary can be viewed by clicking here.