Home ยป Google Initiates Randomization of Large and Small Entities in DNS Query to Prevent DNS Cache Poisoning at BlogNone.com

Google Initiates Randomization of Large and Small Entities in DNS Query to Prevent DNS Cache Poisoning at BlogNone.com

Google Public DNS service announces the implementation of measures to prevent DNS Cache Poisoning, where malicious individuals spoof authoritative servers by responding to IP queries with false information. If these replies reach Google before the legitimate server responses, users may inadvertently be directed to fake servers for a period of time.

The Internet Engineering Task Force (IETF) has attempted to address this issue through DNS Cookies standards (RFC 7883), which add a unique cookie value for servers to respond with, making it difficult for perpetrators to guess the correct value. However, many servers do not support this feature, resulting in only around 10% of queries being protected by this process.

In 2022, Google experimented with a measure proposed since 2008 – randomizing the query name sizes within domain names. Typically, authoritative servers respond with the original names queried, expanding the protection range. Google has now made this feature default, providing additional protection for over 90% of queries and minimizing the risk of cache poisoning attacks.

With this measure, authoritative servers do not need to make any additional changes, but Google advises users to explore and enable new security features for added protection.

Source – Google Security Blog

Image showing the DNS query process from Cloudflare.

TLDR: Google Public DNS enhances security measures to prevent DNS Cache Poisoning by implementing query name randomization within domain names, providing significant protection against malicious attacks.

More Reading

Post navigation

Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Windows 11 Faces Screen Capture Feature Recall by Microsoft, Emphasizing Proper Shutdown to Prevent Data Encryption Complications

Initiating Deployment Block of External Apps as Default in Samsung Devices Commences with One UI 6.1.1 Release.

Government of Japan Prepares to Order LINE to Separate its System from NAVER After Data Breach in Late 2023.