Poisoning
What is Poisoning?
Poisoning is an attack technique in which false, malicious, or misleading data is inserted into a trusted system, cache, table, or communication process so that other systems make the wrong decisions based on that corrupted information.
Examples
- An attacker performs ARP poisoning on a local network so devices send traffic to the attacker's system instead of the legitimate gateway.
- A DNS cache is poisoned with a false record, causing users to be directed to the wrong server when they try to reach a trusted website.
Discover 🔎
Many attacks try to break into a system directly. Poisoning attacks take a different route. Instead of attacking the final target head-on, the attacker corrupts information that the target relies on. Once that trusted information is wrong, the target begins making bad decisions on its own.
That is what makes poisoning so effective. The attacker is not always forcing the victim to do something obviously suspicious. The attacker is manipulating the data the victim already trusts, such as an address mapping, a cached name resolution result, or another learned relationship. From that point onward, the victim may cooperate with the attack without realizing it.
Summary 📝
Poisoning attacks work by inserting false information into trusted processes such as caches, address tables, and resolution systems. Once that trusted information is wrong, systems may route traffic incorrectly, trust the wrong destination, or expose communication to interception and manipulation. The central security lesson is that systems must validate the information they learn, not simply reuse it because it was accepted once before.
Tip: The interactive version includes progress tracking, decks, and premium deep dives.