Diseño de un escenario de red virtual para la exploración y control de ataques basados en dns

Abstract

Most of the attacks based on DNS Domain Name System TCP IP protocol go unnoticed by most users, because the attacker conceals his identity so as to make others believe that it is only a failure in the network, unless there is a serious incident that affects the correct functioning of the systems and this motivates a review of the services of that network. These attacks can develop in different ways and from different origins. These attack sources can come from the same DNS server or from the local network, and present themselves as a link between server and client. The purpose of this work is to implement a controlled scenario where two types of DNS-based attack are simulated and to demonstrate techniques for mitigating the caused faults. With the help of the GNS3 software, it was possible to simulate the network scenario that resides in two subnetworks connected through a router, and with the tools Ettercap and Slowloris it was possible to simulate the attacks DNS cache poisoning and DNS resource utilization. In the same scenario, control techniques were implemented to mitigate the effects of the attacks and a safer network was observed. In conclusion, this simulation allowed us to show the threat posed by these attacks, the need to implement controls that reduce their impact when vulnerabilities in DNS are exploited, and evidence that the controls used prevent the attack.