Friday, January 15, 18:46
Home security What do Chromium DNS hijacking tests show?

What do Chromium DNS hijacking tests show?

In an effort to determine if a network will hijack DNS queries, Google's Chrome browser and similar Chromium-based applications randomly generate three domain names between 7 and 15 characters for testing, and if the two-domain response returns the IP itself, the browser believes that the network is "captured" and redirects non-existent domain requests.

This test is completed at startup and whenever IP settings or DNS of a device.

Because of the way DNS servers transfer locally unknown domain queries to more valid name servers, random domains used by Chrome find their way into DNS root servers and, according to Verisign chief engineer in the CSO Applied Research Division , Matthew Thomas, these queries are half of all queries on root servers.


The data presented by Thomas showed that as Chrome's market share increased after the introduction of possibility in 2010, the queries that match motif used by Chrome also increased.

"In more than 10 years since the addition of the feature, we now find that half of the DNS root server traffic is very detectors of Chromium, ”Thomas said in an APNIC blog post. "This equates to about 60 billion queries in the root server system in a standard day. "

Thomas added that half of the root server DNS traffic is used to support a browser function, and with DNS monitoring being "definitely the exception rather than the rule", traffic would be a distributed denial of service attack on any another scenario.

Earlier this month, Sans Johannes Ullrich, dean of the institute, looked at how many of the 2,7 million authentic name servers in the world would be needed to disable 80% of Internet.

"You only need 2.302 name servers," Ullrich said.

"0,35% of name servers are responsible for 90% of all domain names."

Ullrich found that GoDaddy was responsible for 94,5 million records, Google Domains had 20 million, the trio, hichina and IONOS had 15,6 million each, while Cloudflare had 13,8 million records.

"Using a cloud-based DNS service is simple and often more reliable than running your name server. But this large concentration of name server services with few entities significantly increases it risk for infrastructure ", he said.

To reduce the risk of an ISP being shut down by Internet portions, Ullrich said people should run internal name servers and make sure they use more than one DNS provider.

Telstra provided an example of how a DNS failure can appear as an internet outage to users and in this case, telco successfully carried out a denial of service attack on its own.

"The massive messaging storm presented as a denial of service attack has been investigated by our security teams and we now believe the incident was not malicious but a Domain Name Server issue," telco said earlier this month.

Last month, Cloudflare provided a similar example on a much larger scale.


Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehc
Be the limited edition.


Android: How to see which apps have access to your site

It's no secret that smartphone apps have access to many permissions - if you let them. It is important to make sure ...

Canon lets you take pictures from space

Instead of releasing new cameras for CES 2021, Canon is doing something different: It lets you take pictures from space ....

Wikipedia vs Big tech: Who fights misinformation?

As Election Day turned into US Election Week, Facebook, Twitter and YouTube were trying to prevent ...

Tesla: It is called to recall cars due to problematic screens

The touch screen in some Tesla cars seems to have a problem, which could ...

Ransomware is responsible for half of all data breaches in hospitals

Almost half of the data breaches committed in hospitals and the wider healthcare sector are due to ransomware attacks, ...

Astronomers have just found the oldest oversized black hole

A quasar was discovered in a dark corner of space - over 13,03 billion light-years away - and contains a ...

What are the best and most affordable 5G phones for 2021

The market will soon be flooded with mid-range 5G devices. Everything that happens will be really exciting: you will be able to ...

Verified Twitter accounts in a cryptocurrency scam with the name of Elon Musk violated!

Lately, hackers have been violating verified Twitter accounts in a cryptocurrency giveaway scam, in which the name of the CEO is used ...

Classiscam: Fraudsters "fake" brands and deceive users of European markets!

Dozens of criminal gangs publish fake ads in popular online markets, to attract unsuspecting users to "fraudulent" commercial sites or phishing ...

iOS 14.4: Displays a notification for repairs with non-genuine cameras

Starting with the iPhone 11, Apple has added a notification to iOS that tells the user when the device has a ...