DNS Poisoning

Network Attacks 🎯 • Network Security 🌐 • Sec+ Glossary 📖 • Security+ 02 • Difficulty: premium

What is DNS Poisoning?

DNS poisoning is an attack in which false DNS information is inserted into a resolver, cache, or DNS response path so that a legitimate domain name resolves to the wrong IP address.

Examples

An attacker poisons a DNS cache so users trying to visit a trusted banking site are sent to a fraudulent server instead.
A compromised resolver begins returning false DNS records for a software update domain, redirecting devices to a malicious host.

Discover 🔎

Most people use domain names, not IP addresses. They type a familiar name into the browser and trust the system to find the right destination. DNS makes that possible by translating names into addresses.

That convenience also creates a point of trust. If the DNS answer is wrong, the user can still type the correct website name and still end up in the wrong place. That is what makes DNS poisoning so dangerous. The attack does not always need to trick the user into entering the wrong address. It can succeed by corrupting the system that tells the user where the address should lead.

Remember: DNS poisoning attacks the translation layer of trust. The name looks right, but the answer behind it has been falsified.

Summary 📝

DNS poisoning is the corruption of DNS information so that trusted domain names resolve to the wrong destination. It matters because users and systems may be redirected even when they request the correct name, making phishing, interception, malware delivery, and service disruption much easier. The best defenses strengthen DNS trust, protect resolvers and caches, and ensure that later layers of connection validation are not ignored.

Open the interactive lesson Browse more topics

Tip: The interactive version includes progress tracking, decks, and premium deep dives.