Detected DNS cache poisoning attack

Dear Experts

What is a DNS cache poisoning attack?
 I have intalled ESS V. 5.2.9.1

It is a known issue of ESS latest version or ESS V. 4.2?

iMPORTANT:
I have not read @ Avira about this issue
Only affects ESET products?
Is this a vulnerability of ESET products?

This is the ESET Knowledgebase about DNS cache poisoning attack
 http://kb.eset.com/esetkb/index?page=content&id=SOLN2933

@ the web site above explain the solution, but not explain why users are receiving this notification.

My Eset Smart Security 5 alert me with this message DNS cache poisoning attack, so I used an acronis image to get the system back again, but know ESET products made me lose confidence, with the Acronis Image I do not want to be in the middle of something and suddenly get the alert.
Esteban CalderonCEOAsked:
Who is Participating?
 
btanConnect With a Mentor Exec ConsultantCommented:
I was looking at the client machine being infected with "cache" being tampered hence DNSChanger would be possible. Not that of public release of such vulnerability for ESET to my best knowledge @ http://www.cvedetails.com/product-list/vendor_id-8861/Eset.html

did read some past false positive of ESET though but if you will to flush the cache and still getting the pop up then potentially a false positive
@ http://www.sevenforums.com/system-security/197311-detected-dns-cache-poisoning-attack.html


@Echo on
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0
0
 
btanExec ConsultantCommented:
the whole idea of this attack is to redirect the user unknowingly to another legit looking site but hosted by attacker. The IP address from the DNS resolution is already been tampered with as the DNS cache is storing the wrong IP. Thereafter, the user will begin his "journey of infection"....I know of one recent malware called DNSChanger that modified the user host or cache such that any user browsing will be redirected to its malicious site etc...it will intend to even "disable" the updates and AV etc

But note that even router and network devices can be impacted as well as in poisoned

http://en.wikipedia.org/wiki/DNSChanger
http://www.pcworld.com/article/255137/protect_yourself_from_dnschanger.html
https://forms.fbi.gov/check-to-see-if-your-computer-is-using-rogue-DNS
0
 
Esteban CalderonCEOAuthor Commented:
I did not ask about  DNSChanger I was more specific "DNS cache poisoning attack"

http://en.wikipedia.org/wiki/DNS_cache_poisoning

http://www.youtube.com/watch?v=1d1tUefYn4U 

As always I have to find out the answer,

Now my question is this a vulnerability only of ESET products?
0
 
Esteban CalderonCEOAuthor Commented:
Thank you
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.