Abstract:
According to the characteristics of Webmail, this paper proposes a new attack method based on DNS Cache Poisoning, and presents an attacking framework. Experimental results show that it can attack Live Mail successfully, so it can testify the potential risk of DNS Cache Poisoning. Three methods are given to defense the attack.
Key words:
DNS,
Cache Poisoning,
Webmail,
attack
摘要: 针对Webmail的特性,提出一种基于域名系统(DNS)缓存中毒(Cache Poisoning)的Web邮箱(Webmail)攻击技术,并对整个攻击流程进行描述,实现了对当前安全性较高的Live Mail的成功攻击,验证DNS Cache Poisoning潜在的危害性,提出相应的安全防护手段。
关键词:
域名系统,
缓存中毒,
Web邮箱,
攻击
CLC Number:
ZHANG Hong-qing; WANG Dao-shun. Attack and Defense of Webmail Based on DNS Cache Poisoning[J]. Computer Engineering, 2009, 35(4): 125-127.
张红轻;王道顺. 基于DNS缓存中毒的Webmail攻击及防护[J]. 计算机工程, 2009, 35(4): 125-127.