Protect yourself from DNS poisoning

Person in front of computer

The Domain Name you’ve selected for your website immediately becomes an intrinsic part of your online identity. You need to make sure it remains protected and functioning properly, or else your visitors could get redirected to a different website entirely. Sometimes, an incorrect configuration or error can cause your DNS to return the wrong IP address. Other times, however, your DNS could be vulnerable to hacker attacks. Once your DNS has been targeted it could cause many problems if you’re not prepared.

What is DNS poisoning?

When someone wants to access your website, their browser and operating system will query the DNS server and Root Servers until an IP address can be pulled for the browser to read. DNS poisoning (also known as DNS spoofing) is when a hacker introduces incorrect data into the DNS so a wrong IP address will be returned. By inserting a fake IP address directly into the DNS, your attacker now has direct control over where your Domain Name points to. Now anyone who visits your website will be sent wherever the hacker wants them to go, putting their security at risk.

How big of a problem is it, really?

How many people visit your website in a given day? Even if it’s a small number, your website is actively losing business and integrity, and your user’s security is being put at risk. What makes these types of attacks so dangerous is a single incorrect IP address will reroute your entire customer base. You could be offline for hours before you ever even knew something was wrong. Fortunately, there is a proactive solution…

Constantly monitor your DNS

DNS Monitor

Uptrends DNS Monitoring will keep an eye on things around the clock to ensure nothing goes awry. Our DNS monitor will do extensive health checks like verifying your website domain names (A and CNAME records), mail server domain name mappings (MX records), authoritative information about DNS zones (SOA records), DNS zone delegates (NS records), and more. We also support both IPv4 and IPv6 monitoring, so if your web server supports both you can set up a monitor for each one.

With Uptrends you also have some additional options. By default, we’ll run the queries on the DNS servers available at our checkpoint locations. As an alternative (or extra option) we can also run the queries on any other DNS server. This could be the domain’s own authoritative DNS server or a specific third-party DNS server, such as Google DNS or OpenDNS.

You may also find that some domain names are already set up to return multiple IP addresses; our DNS monitoring supports various scenarios for that as well. If your DNS has been compromised, or if an error has caused it to return the wrong IP address, you’ll be sent an alert via email or SMS right away. Haven’t had a chance to try us out yet? We have a 30 day free trial that you can sign up for today!

Leave a Reply

Your email address will not be published. Required fields are marked *