Читать книгу Cybersecurity For Dummies - Joseph Steinberg - Страница 73

As with web servers, many different types of attacks leverage vulnerabilities in network infrastructure, and new weaknesses are constantly discovered. The vast majority of this topic is beyond the scope of this book. That said, as is the case with poisoned web servers, you need to understand the basic concepts of server-based attacks because some such attacks can directly impact you. For example, criminals may exploit various weaknesses in order to add corrupt domain name system (DNS) data into a DNS server.

DNS is the directory of the Internet that translates human readable addresses into their numeric, computer-usable equivalents (IP addresses). For example, if you enter https://JosephSteinberg.com into your web browser, DNS directs your connection to an address taking the form of four numbers less than 256 and separated by periods, such as 104.18.45.53.

By inserting incorrect information into DNS tables, a criminal can cause a DNS server to return an incorrect IP address to a user’s computer. Such an attack can easily result in a user’s traffic being diverted to a computer of the attacker’s choice instead of the user’s intended destination. If the criminal sets up a phony bank site on the server to which traffic is being diverted, for example, and impersonates on that server a bank that the user was trying to reach, even a user who enters the bank URL into a browser (as opposed to just clicking on a link) may fall prey after being diverted to the bogus site. (This type of attack is known as DNS poisoning or pharming.)

Network infrastructure attacks take many forms. Some seek to route people to the wrong destinations. Others seek to capture data, while others seek to effectuate denial-of-service conditions. The main point to understand is that the piping of the Internet is quite complex was not initially designed with security in mind, and is vulnerable to many forms of misuse.