Transport Layer Discussion Board

The discussion assignment requires an Original Posting (main post) from you of 2-3 paragraphs answering the module's question. Compare Internet transport protocols. Specifically, discuss TCP and UDP. How are they different? How are they similar? RESPOND TO PEER POST Verret - DNS Vulnerabilities                 The Domain name system, or DNS, is one of the most important factors in the successful operation of your web browser accessing websites on the internet. DNS locates and stores IP addresses so that you can navigate to the website you enter into your browser. Because of its importance in the process, it is a prime target for attackers to use for infiltration. There are several ways that malicious actors but some methods are more common than others. Some of the attack types that one should be familiar with include: DNS Tunneling – attackers can manipulate the DNS queries and responses to deliver payloads that allow a take over. This requires controlling a server and domain which will receive pings from outside sources. DNS Amplification – this attack involves performing a DDoS attack on a publicly available server to overwhelm a target with traffic from the DNS. DNS Flood Attack – a user datagram protocol (UDP) flood. DNS request packets are deployed at a very high packet rate to create a large group of source IP addresses. The packets are recognized as valid requests so the DNS server attempts to respond to them all. Like the DDoS attack, this leaves the target offline. DNS Spoofing – also known as DNS cache poisoning, uses altered DNS records to send traffic to an imposter destination. At the fake address, users are directed to login to their account. This of course provides the information to the threat actor. NXDOMAIN Attack – using a DNS proxy server to launch a DDoS attack, rendering a system unable to handle legitimate requests. It is imperative to take proper precautions against DNS attacks. One must ensure that only specific users have access to the DNS resolver. A DNS server can be configured to protect against Cache Poisoning and make it more difficult for a threat actor to successfully send bogus requests. A large enough operation should consider self managing their DNS server so that its security is not in the hands of a third party. Finally, regular scanning and testing for vulnerabilities will help to prevent attackers from taking advantage of said vulnerabilities.