cache poisoning

Cache poisoning can be transmitted in a variety of ways, increasing the rate at which rogue programs are spread. One tactic is the placement of compromised URLs within spam e-mail messages having subject lines that tempt users to open the message (for example, "Serious error in your tax return"). Images and banner ads within e-mail messages can also be vehicles by which users are directed to servers that have been compromised by cache poisoning. Once an end user's computer has been infected with the nefarious code, all future requests by that user's computer for the compromised URL will be redirected to the bad IP address -- even if the "victim" server resolves the problem at its site. Cache poisoning is particularly dangerous when the targets are well-known and trusted sites, such as those to which browsers are pointed when automatic virus-definition updates are performed.

Cache poisoning differs from another form of DNS poisoning, in which the attacker spoofs valid e-mail accounts and floods the inboxes of administrative and technical contacts. Cache poisoning is related to URL poisoning. In URL poisoning, also known as location poisoning, Internet user behavior is tracked by adding an identification (ID) number to the location line of the browser that can be recorded as the user visits successive pages on the site.

Read more about cache poisoning: - The Internet Storm Center discusses a cache poisoning episode that occurred in March, 2005.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

BROWSE BY TAG Malware, Viruses, Trojans and Spyware,   Information Security Threats,   Application and Platform Security,   Application Attacks (Buffer Overflows, Cross-Site Scripting),   Web Security Tools and Best Practices,   Web Browser Security,   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT How to defend against rogue DHCP server malware Rogue DHCP server malware is a new twist on an old concept. The good news is that defenses exist; the bad news is that many organizations haven't... New Trojan stealing FTP credentials, attacking FTP websites A new Trojan has collected up to 80,000 unique FTP server logins and is injecting malicious code into thousands of FTP websites. Cybercriminals exploit Michael Jackson, Farrah Fawcett deaths Security researchers report malicious spam, poisoned search engine results just hours after the deaths of pop star Michael Jackson and actress Farrah...

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary bot worm  (SearchSecurity.com) A bot worm is a self-replicating malware program that resides in current memory, turns infected computers into zombies (or bots) and transmits itself... directory traversal  (SearchSecurity.com) Directory traversal is a form of HTTP exploit in which a hacker uses the software on a Web server to access data in a directory other than the...