Home Lab Setup SEED Labs Books Lectures Workshops

Remote DNS Attack Lab


The objective of this lab is for students to gain the first-hand experience on the remote DNS cache poisoning attack, also called the Kaminsky DNS attack. DNS (Domain Name System) is the Internet's phone book; it translates hostnames to IP addresses and vice versa. This translation is through DNS resolution, which happens behind the scene. DNS Pharming attacks manipulate this resolution process in various ways, with an intent to misdirect users to alternative destinations, which are often malicious. This lab focuses on a particular DNS Pharming attack technique, called DNS Cache Poisoning attack.

In another SEED Lab, we have designed activities to conduct the same attack in a local network environment, i.e., the attacker and the victim DNS server are on the same network, where packet sniffering is possible. In this remote attack lab, packet sniffering is not possible, so the attack becomes much more challenging than the local attack.

Tasks (PDF)

Time (Suggested)

  • Supervised (closely-guided lab session): 2 hours
  • Unsupervised (take-home project): 1 week

SEED Videos

SEED Books (English) (Chinese)

  • Computer & Internet Security: A Hands-on Approach, 2nd edition (§ 18)
  • Internet Security: A Hands-on Approach, 2nd edition (§ 4)
  • Chinese version, 1st edition (§ 15)

Additional Reading

Feedback and Help

Please give us your feedback on this lab using this feedback form.
The SEED Labs project is open source. If you are interested in contributing to this project, please check out our Github page: https://github.com/seed-labs/seed-labs.