Career Gist


Understanding DNS Cache Poisoning

DNS is an acronym for domain name system, it controls your domain name’s website and email settings. It helps convert domain names to IP addresses. A domain name is the information that you enter into a web browser in order to reach a specific website. An Internet Protocol (IP) address is the address that computers, servers and other devices use to identify one another online. The IP address is the language the computer understands.

The DNS server is like a phonebook for websites, when the computer sends the URL to the DNS server, the server checks its database and finds the corresponding IP address and let’s the computer know what the address is. Your computer now knows what the IP address and can visit the website. 

The DNS cache is a temporary database of sites previously visited. When a request for a web address is made, the browser looks up the DNS cache to quickly retrieve it and thus a website’s URL can be resolved to its corresponding IP much more efficiently. 

DNS cache poisoning is a type of attack on a DNS cache, diverting one from a legitimate site to a false one. DNS cache poisoning can divert users to malicious websites. Attackers do this by replacing the IP addresses stored in the DNS server with the ones under control of the attacker, so when a potential victim requests an address resolution for one of the poisoned sites, the DNS responds with the IP address for a different site, one controlled by the attacker.

DNS cache poisoning is dangerous because it can easily spread from one DNS server to another. Also, people’s personal and corporate information can be exposed to the attacker and victims can be manipulated into downloading malware or submitting login or financial details.

Preventive Measures

One of the tricky aspects of DNS cache poisoning is that it will be extremely difficult to determine whether the DNS responses you receive are legitimate or not, but there are few preventive measures you can take

  • Keep your antivirus active and up-to-date.
  • Set up and maintain your own DNS servers. 
  • Create and properly maintain your PTR (Pointer Records) zones. Even for local domains, it’s tedious, and boring, but very important. Especially for SMTP (Simple Mail Transfer Protocol) traffic.
  • Use a respected ISP (Internet Service Provider) or DNS server. A good DNS server will never trust the first thing it receives from another server. 
  • In order to protect your own DNS cache, stay safe when browsing the internet. Don’t click on suspicious files, links, or banner advertisements. These might be attack vectors for malware that will alter your DNS cache.
  • Use a DDoS (Distributed Denial-of-Service) mitigation provider to mitigate DDoS in the best possible way and keep your DNS servers secure and responding well at all times.
  • Set up a two-factor authentication protection on your DNS server provider, if possible avoid phone call or SMS verification, and use Google Authenticator instead, which is way more secure. 
  • If you suspect your DNS cache is poisoned, clear the cache.

Image –,

Most times when I interview prospective employees, I like to ask about their career goals and future plans. For most admin and operations talents, the answer is mostly, “I want to work in Human Resources.” When I proceed to ask why, the most common response is, “I love working with people.” I always chuckle at that answer.

Before I started my HR career, people would ask me why I was hellbent on working in HR, and I’d always say, “I love interacting with people and I love identifying training needs and coming up with training plans for people.” Of course my answer is slightly different now, but let me scream this loud – I AM TIRED OF INTERACTING WITH PEOPLE!! Not tired in that sense, but you get the gist. Now let’s get down to you – the key thing is to start where you are. If there’s no HR dept in your company, here are some things you can do:

  • Offer to write/tweak the handbook.
  • Draft some policies (proper office conduct policy, recruitment policy, attendance policy, drug and alcohol usage policy, etc).
  • During recruitment, ask your boss if you can assist with sorting CVs and recommending talents.
  • If your company does not have an employee relations system, build one. Talk to your bosses about bonding as a team, it can be weekly, fortnightly, monthly or quarterly. Introduce fun activities that everyone can participate in. If you’re not a fun person, it’s okay to ask someone to assist in organizing. If you are vocal and tactical, you can be the spokesperson of the staff, and be the bridge between your employers and employees. This is a very tricky one since you’re not exactly the HR person, that’s why I mentioned tact.
  • Now at this stage, I don’t expect you to have access to employee files and documents, but how do take control of that? Easy. Implement an on-boarding process. Before a new staff resumes, ask your boss if you can handle orientation, then show your boss the on-boarding system you’ve come up with and tell him/her/them how you plan on implementing it. When you’ve proven that you’re capable of handling this, your boss should be more than happy to hand it over to you.

If there’s an existing HR department in your company, start assisting, let the HR Manager know you are available to help with some of their responsibilities. Please do not desert your own responsibilities while doing this as one of the key skills of an HR personnel is multi-tasking.

People will tell you to get certified first but you really do not need that to start a career in HR. Actually, most organisations do not ask entry level HR officers for certifications, this only comes up when you’re applying for a mid-level role. So like I said earlier, start from where you are – build an HR team/department or learn from the existing HR team in your organization. Three to six months after this, you can start working towards getting certified.

Good luck!

I could always swear I knew how to be friends with my colleagues outside work and not let that distract us during work hours. I can even remember dishing out advice on one or two occasions on how to balance work friendships, talk about giving advice one can’t follow. You know, most things are easier said than done. Wait, I still insist I know when and how to draw the line.

Pin It