With great powers comes great responsibilities.!”. In this revolutionary internet and data-driven era, everything is much handier and easily accessible. But this can turn into a curse if proper management is not present. If you want to achieve personal and business goals, the management of your data and resources is one of the key aspects. Web office solutions are one of the most effective the answer to sorting all the mess in your environment. Here at our company we are betting on this feature for helping our customers.
What does Web Office mean?
A web office is a bundle of various tools hosted by the service providers that allow users to share and collaborate on a broad set of information and documentation. Besides, such SaaS(Software-as-a-service) products help improving team collaboration.
Web office components normally include spreadsheets, word docs, portal and content management systems, emails, calendars, accounting applications, and many more…
Key differences between Desktop and Cloud-based collaboration services:
For cloud-based service, one doesn’t need to invest upfront in the hardware and maintenance whereas, in desktop-based solutions, the whole workflow is dependent on the management team. So, cloud-based solutions are cost-effective.
For web-based collaboration services, the sky is the limit of storage. In other words, the tenant gets nearly infinite storage.
No licensing and software upgrading required in managed service. However, it’s the opposite in desktop-based usage.
Web office is portable and accessible anytime anywhere. Teams can collaborate across the globe. By the way I also mean you can access using any device with a web browser; phone, laptop, table, PC, etc.
Higher data durability and availability are provided in a web-based solution. It indeed becomes a tedious job to maintain such in desktop-based solution.
Undoubtedly, the web office holds an upper hand in current industry needs and aligns exactly with the requirements. Depending on the needs and size of the organization, choose the right plan and external integration strategies to enhance the productivity of your teams. Sesame Disk as a file sharing service, provides such solutions and ticks all the boxes of what a team collaboration needs.
Domain Name System (DNS) poisoning is a type of cyber-attack that chokes the DNS server to divert the web traffic to non-legitimate destinations. In addition, the user may receive a chain of unwanted unregulated events that can potentially harm the system. Let’s understand DNS poisoning step by step.
Updated On: june 30, 2021
What are DNS and a DNS server?
The DNS is like a telephone directory on the web. We, humans, are much more familiar with domain names rather than confusing IP addresses. But web browsers interact through IP address. So, DNS simply translates those domain names to IP addresses so the browser can retrieve internet resources and the end-user only has to remember the domain name. The process of converting a domain name into an IP address is referred to as DNS resolving.
How does DNS Caching Work?
DNS servers are a collection of servers that involves in the process of DNS resolution. It undergoes multiple steps like root name server, top-level domain name server, authority name server lookups. Giant service providers do the complete networking setup and provide DNS as a service to the end-user. Cloudflare, Google DNS, Quad9, ClouDNS, Akamai DNS are some of the most popular DNS providers.
DNS resolver basically helps in converting IP addresses to domain names. A DNS resolver will store the request queries for a certain amount of time (TTL –Time to Live). This is how the resolver will be able to serve the request more quickly without communicating further with other DNS networks.
Now let’s talk about DNS Poisoning:
Imagine a huge bunch of keys tagged with their associated correct locks🔐. Now the culprit rushes and shuffles the key tags intentionally and leaves the room. The manager will put a hell of a lot of effort but won’t get lucky in finding the key for a particular lock just because the tags are mismatched. Let’s relate this with DNS poisoning.
Domain Name Server (DNS) cache poisoning is an attack in which altered DNS records are used to redirect online traffic to a malicious website that resembles its intended destination. Here, locks are the IP addresses and tags are the DNS records. We won’t be able to open the lock until we attach the correct key. Same as this, traffic will be redirected to the wrong place until DNS records are inaccurate.
How is DNS poisoning done?
A DNS can become poisoned if it contains incorrect entries. Attackers poison the DNS records by impersonating the nameservers and alters the reply for that query. Hence, the user will get totally unexpected results. And if the DNS resolver fetches the wrong entry, there is no legitimate source to verify that value.
For example, if an unauthorized party gets control of a DNS server and changes some entries in it like pointing the domain X to some other IP address. So any user request for the domain X will be redirected to the incorrect IP (usually this IP belongs to attackers) and that website may breach the user privacy or data.
And as the theory says “poison”, it spreads.! Yes, with various poisoned DNS records, it may spread across the internet and incorrect entries will be cached.
DNS Poisoning Process:
Mostly, DNS services work on UDP protocol which is extremely fast but volatile at the same time. UDP protocol does not require any acknowledgment of the communication and there lies the whole trap. Whereas, TCP requires both ways of communication to initiate and verify the connection. With UDP, there is no such guarantee that a connection is open and the receiver is active and verify who the sender is. The attackers actually use this and perform the exploitation on DNS and pretend that the response is coming from a legit source.
This looks vulnerable but not as easy as it looks. The attacker has very little time to peak in and pass their entries as the DNS resolver also queries the authority name server.
The Great Firewall of China:
The Great Firewall of China is an example of DNS poisoning on a very large scale. One of the primary methods of query filtering that the GFW relies on is DNS response poisoning. When a query is poisoned by the GFW, the infected or altered result is returned. This leads to the inaccessibility of the websites which come under GFW compliance. Twitter, Facebook are some of the examples.
DNS level security is the solution. We can implement some setup where we can verify the entries and their integrity. Adding a layer of cryptography is a plus. This will ensure that the records are original and not exploited in between. DNSSEC (Domain Name System Security Extensions) is a collection of extensions for securing data communication in DNS.
Using VPN is also a considerable workaround as it allows communication via encrypted tunnels and adds an extra level of security. Checkout VPN basics in this article.