Name (mDNS) Poisoning Attacks inside the LAN

How easy is for attackers to compromise the LAN? Answer: Very easy! With a few simple tricks, attackers can easily poison the local name resolution system for the machines inside a given LAN. Network Devices and Apple products are most vulnerable among others of course.

It is all due to mDNS. From Wikipedia’s article:

The problem with mDNS is that it is spoof-able. Here is how it works. A mDNS enabled client will perform a mDNS query on a multicast address. [...]

more | comments | comments rss | posted by