Cache Poisoning

DNS cache poisoning (also known as DNS spoofing) is an attack where forged DNS responses are inserted into a resolver's cache, causing it to return malicious IP addresses for legitimate domains. Attackers use this to redirect users to phishing sites or intercept traffic. DNSSEC cryptographically validates DNS responses to prevent cache poisoning. Web cache poisoning is a related web application attack where HTTP caches serve malicious content to users.

Why it matters for your website

• 1Can result in traffic interception, phishing attacks using your domain, or service disruption
• 2Often discovered and exploited before organizations notice
• 3Preventable with proper monitoring and defensive DNS configuration