DNS Cache Poisoning - Computerphile

Seeing Dr. Pound's eyes light up every time he mentions filling up some random computer with malware gives me so much energy

beautiful pen flip at 10:07

Out of all Computerphile presenters, Dr. Pound, in my opinion, is simply the best! He explanations are bang on and are super easy to grasp. Whenever I see a notification for a video featuring him, I leave everything and start watching it right away.

Rest in peace, Dan Kaminsky

Dr. Mike Pound's enthusiasm for knowledge is infectious

It's also important to note that DNS happens over UDP (stateless) so there's no 'connection' to check the response against. For example, in TCP, participating computers establish a connection, and the only response for the request that was sent out is accepted by the requesting server.

Name server poisoning also happened occasionally on accident, due to responding accidently with an incremented query id, possibly poisoning some later random request. Also, if a DNS has DNS level blocking taking place, and it is treated like an authoritative DNS server, it may 'black hole' your request. As in, send you an IP that is invalid and leads no where. This happened to google servers a while back when they accidentally had china servers listed as authoritative, which was causing global traffic to get black holed due to china censorship.

No matter what the subject, I always find myself learning something new from Dr. Pound.

I was looking forward to this video and as always its amazingly explained by Dr.Mike. I couldn't keep it as he left us with a cliffhanger in the last DNS video and searched about it but still his explanation gave me a better and clear understanding of it.. Love his way of teaching <3 !!

Of course Dr. Mike Pound would say that a hacking attack has a "cool" name and is a very "cool" kind of attack.

The best presenter, I owe so much of my knowledge to this guy and this channel, glad these videos keep coming out !

I really like how he says something and it souds like it's insanely fun. And simple enough for almost anyone to understand.

Well explained as usual. But I kept wondering why name servers don’t simply only accept each query ID from the IP address of the authoritative server they sent the query ID to. I found out the reason is that with UDP you can spoof the source IP

Me: I have to get up early tomorrow. Dr. Mike Pound: Wanna know something about DNS Cache Poisoning? Me: Tell me everything! #sleepis4theweak oh and nice pen flip at 10:07

As a reptile owner: WHAT'S IN THE BOX!!!!!!

Major props for making this video despite the earthquake you guys were experiencing.

It's kind of surprising to hear that most of the global DNS system is not secured with certificates/TLS. Thanks for the great video!

I studied computer science about 30 years ago, and would have loved to have had a professor like him. I remember buying my first computer magazine about 1980 aged about 7 and being amazed. I used every penny of my pocket money to buy as many magazines and books as I could up until the age of about 17. Computers were a different beast then, and the challenges were very different, but I LOVE watching these videos (I no longer program computers) - and I'm in awe of you guys.

Now i won't have to go to tons of lessons in school to learn this thanks to computerphile🤙

Thanks for explaining the subject in an easy to understand manner. The next time a client of mine tells me that my recommendation of implementing DNSSEC is "overkill" and "too expensive", I shall point them to this video.