DNS spoofing

[paul00]

Hello

I have 2 windows 2000 DNS servers and one client computer inside LAN which have Personal firewall. Sometimes it generates
DNS spoofing message from one of DNS servers.
At that moments client comuters e-mail which located
on pc locally temporrary are not open. Please tell
me there are any conjunction?
I read many about spoofing but not realy have clear view.
Does DNS spoofing can read e-mails from computer
Does personal firewall can generete idle troubleshoot.

Thank you

 

[m33sta]

hhmmmmnn essentialy the basic purpose of spoofing is to confuse a DNS server into giving out bad information. The way it works is that an attacker sends a recursive query to the victim's server, using the victim's server to resolve the query. The answer to the query is in a zone the attacker controls. The answer given by the attacker's name server includes an authoritative record for a domain name controlled by a third party. That authoritative record is FALSE. The victim's server caches the bogus record. (Most modern servers will not cache a fake record because it does not fall in the same parent zone as the record that was requested.)

Once spoofed the victim's resolver will continue to use the false record it has in its cache, potentially misdirecting E-Mail, or any other internet service. This is a potential major security leak for credit card information, trade secrets, and other highly sensitive information.

Recent surveys indicate that 25-30% of servers on the Internet are spoofable. Further readings on DNS spoofing.