摘要： 针对Webmail的特性，提出一种基于域名系统(DNS)缓存中毒(Cache Poisoning)的Web邮箱(Webmail)攻击技术，并对整个攻击流程进行描述，实现了对当前安全性较高的Live Mail的成功攻击，验证DNS Cache Poisoning潜在的危害性，提出相应的安全防护手段。

关键词: 域名系统, 缓存中毒, Web邮箱, 攻击

Abstract: According to the characteristics of Webmail, this paper proposes a new attack method based on DNS Cache Poisoning, and presents an attacking framework. Experimental results show that it can attack Live Mail successfully, so it can testify the potential risk of DNS Cache Poisoning. Three methods are given to defense the attack.

Key words: DNS, Cache Poisoning, Webmail, attack

中图分类号: 

• TP393.08