When a client is looking to access a resource either via a web browser or from a command-line tool, they most often rely upon some sort of name resolution service to map the name of the host, domain, or resource to an IP address rather than specifying it directly. It is impractical to type in http://216.58.216.196
every time you want to access https://google.com, since it is much easier to remember the name rather than the IP address. Furthermore, it is unlikely that an individual will know what IP addresses each hostname maps to since DNS and NBNS have been set up to eliminate this requirement. An attacker can use this to their advantage by manipulating the results that these name resolution services provide to users and then redirecting their requests to resources that he controls and trick them into divulging sensitive information or to sites that can exploit various host or browser vulnerabilities.
- Tech Categories
- Best Sellers
- New Releases
- Books
- Videos
- Audiobooks
Tech Categories Popular Audiobooks
- Articles
- Newsletters
- Free Learning
You're reading from Mastering Kali Linux Wireless Pentesting
Brian Sak, CCIE #14441 (Security), is a 20-year information security veteran who currently works as a technical solutions architect for Cisco Systems. At Cisco Systems, he is engaged in solution development, and he consults with Cisco partners to help them build and improve their processes and services in the areas of big data analytics and digitization. Prior to joining Cisco Systems, Brian performed security consulting, penetration testing, and security assessment services for large financial institutions, US government agencies, and enterprises in the Fortune 500. In addition to numerous security and industry certifications, he has a bachelor's of science degree in information technology, with an emphasis on information security, and a master's of science degree in information security and assurance. He is also a contributor to The Center for Internet Security and other publications by Packt and Cisco Press.
Read more about Brian Sak
Jilumudi Raghu Ram is a security analyst with over 5 years of experience in the information security domain, with a strong knowledge of incident response, digital forensics, network security, infrastructure penetration testing, and Secure configuration audits. He has conducted security audits for more than 70 networks, both internal and external, re-audits, secure configuration reviews, and server audits (Linux and Windows) for various organizations. One of his major clients has been the Government of India, where his team was responsible for conducting penetration testing assignments for various government bodies, as well as preparing vulnerability assessment and penetration testing reports, and supporting the clients to fix those vulnerabilities. Raghu Ram's areas of expertise include incident response, digital forensics, threat research, penetration testing, vulnerability assessment, dynamic malware analysis, intrusion detection systems, and security operations monitoring. Raghu Ram has written various articles related to information security in the Hindu Group magazine Frontline. He also maintains his own website dedicated to Penetration Testing - www.wirelesspentest.com
Read more about Jilumudi Raghu Ram
Unlock this book and the full library FREE for 7 days
Authors (2)
Brian Sak, CCIE #14441 (Security), is a 20-year information security veteran who currently works as a technical solutions architect for Cisco Systems. At Cisco Systems, he is engaged in solution development, and he consults with Cisco partners to help them build and improve their processes and services in the areas of big data analytics and digitization. Prior to joining Cisco Systems, Brian performed security consulting, penetration testing, and security assessment services for large financial institutions, US government agencies, and enterprises in the Fortune 500. In addition to numerous security and industry certifications, he has a bachelor's of science degree in information technology, with an emphasis on information security, and a master's of science degree in information security and assurance. He is also a contributor to The Center for Internet Security and other publications by Packt and Cisco Press.
Read more about Brian Sak
Jilumudi Raghu Ram is a security analyst with over 5 years of experience in the information security domain, with a strong knowledge of incident response, digital forensics, network security, infrastructure penetration testing, and Secure configuration audits. He has conducted security audits for more than 70 networks, both internal and external, re-audits, secure configuration reviews, and server audits (Linux and Windows) for various organizations. One of his major clients has been the Government of India, where his team was responsible for conducting penetration testing assignments for various government bodies, as well as preparing vulnerability assessment and penetration testing reports, and supporting the clients to fix those vulnerabilities. Raghu Ram's areas of expertise include incident response, digital forensics, threat research, penetration testing, vulnerability assessment, dynamic malware analysis, intrusion detection systems, and security operations monitoring. Raghu Ram has written various articles related to information security in the Hindu Group magazine Frontline. He also maintains his own website dedicated to Penetration Testing - www.wirelesspentest.com
Read more about Jilumudi Raghu Ram