{"id":46317,"date":"2021-09-01T08:53:12","date_gmt":"2021-09-01T05:53:12","guid":{"rendered":"https:\/\/www.turhost.com/blog\/?p=46317"},"modified":"2021-11-26T09:29:40","modified_gmt":"2021-11-26T06:29:40","slug":"dns-spoofing-nedir","status":"publish","type":"post","link":"https:\/\/www.turhost.com/blog\/dns-spoofing-nedir\/","title":{"rendered":"DNS Spoofing Nedir?"},"content":{"rendered":"\n<p>Son zamanlarda artan DNS tabanl\u0131 sald\u0131r\u0131lar\u0131n y\u00fckseli\u015fiyle m\u00fccadele etmek i\u00e7in DNS Spoofing Nedir? gibi sorularla siber tehditlerin nas\u0131l tespit edilece\u011fini ve nas\u0131l \u00f6nlenece\u011fini anlamak son derece \u00f6nemlidir.<\/p>\n\n\n\n<p>DNS sahtekarl\u0131\u011f\u0131, DNS hijacking, DNS \u00f6nbellek zehirlenmesi (DNS cache poisoning) gibi isimlerle kar\u015f\u0131m\u0131za \u00e7\u0131kan DNS spoofing, genel olarak siber korsanlar\u0131n web trafi\u011fini sahte web sunucular\u0131na ve kimlik av\u0131 i\u00e7in haz\u0131rlanm\u0131\u015f web sitelerine y\u00f6nlendirdi\u011fi siber sald\u0131r\u0131lar\u0131 kapsar.<\/p>\n\n\n\n<p>Bilindi\u011fi gibi Alan\u0131 Ad\u0131 Sistemi (DNS), bir alan ad\u0131n\u0131, belirli IP adresine \u00e7evirmek i\u00e7in kullan\u0131l\u0131r. DNS \u00f6nbelle\u011fi di\u011fer alan adlar\u0131na yap\u0131lan ziyaretlerin t\u00fcm kay\u0131tlar\u0131n\u0131 i\u00e7eren ge\u00e7ici bir veritaban\u0131d\u0131r ve her bilgisayar\u0131n en son DNS isteklerini depolayan bir DNS \u00f6nbelle\u011fi bulunur. En son ziyaret etti\u011fimiz sunucunun IP adresi TTL s\u00fcresi (Time To Live) sona erene kadar burada saklan\u0131r, ama\u00e7 sorgulara \u00e7ok daha h\u0131zl\u0131 yan\u0131t verilmesidir.<\/p>\n\n\n\n<p>DNS sunucular\u0131ndaki zay\u0131fl\u0131klardan yararlanan DNS \u00f6nbellek zehirlenmesi sald\u0131r\u0131lar\u0131, bir alan ad\u0131n\u0131n orijinalinden farkl\u0131 bir IP adresine y\u00f6nlendirilmesine olanak tan\u0131yan bir siber tehdit t\u00fcr\u00fcd\u00fcr. \u00c7evrimi\u00e7i trafi\u011fi sahte bir web sitesine y\u00f6nlendiren bu sald\u0131r\u0131 bi\u00e7iminde sald\u0131rgan DNS kay\u0131tlar\u0131n\u0131 de\u011fi\u015ftirerek bunu ba\u015far\u0131r. <\/p>\n\n\n\n<p>DNS \u00f6nbelle\u011fine eri\u015fim elde eden sald\u0131rganlar ger\u00e7ek IP adresini sahte bir web sitesinin IP adresiyle de\u011fi\u015ftirerek kullan\u0131c\u0131lar\u0131n ger\u00e7ek web sitesi yerine doland\u0131r\u0131c\u0131l\u0131k i\u00e7in \u00f6zel haz\u0131rlanm\u0131\u015f sahte web sitesine ula\u015fmas\u0131n\u0131 sa\u011flar. Sahte web sitesi, kullan\u0131c\u0131n\u0131n eri\u015fmeye \u00e7al\u0131\u015ft\u0131\u011f\u0131 orijinal web sitesiyle tamamen ayn\u0131 g\u00f6r\u00fcnd\u00fc\u011f\u00fcnden DNS sahtekarl\u0131\u011f\u0131n\u0131 tespit etmek \u00e7ok zordur.<\/p>\n\n\n\n<p>DNS \u00f6nbellek zehirlenmesi sald\u0131r\u0131lar\u0131n\u0131n ama\u00e7lar\u0131 aras\u0131nda vir\u00fcsl\u00fc dosya indirmeleri i\u00e7in kullan\u0131c\u0131lar\u0131 kand\u0131rmak, ortadaki adam sald\u0131r\u0131lar\u0131 (MITM) ile trafi\u011fi izlemek, kimlik av\u0131 sald\u0131r\u0131lar\u0131 ile banka hesap bilgileri gibi hassas verileri toplamak say\u0131labilir. B\u00fcy\u00fck veri ihlallerine neden olabilen ciddi siber sald\u0131r\u0131lara kar\u015f\u0131 haz\u0131rl\u0131kl\u0131 olmak isteyenlerin <a href=\"https:\/\/www.turhost.com/blog\/ortadaki-adam-mitm-saldirisi-nedir\/\">Ortadaki Adam (MitM) Sald\u0131r\u0131s\u0131 Nedir?<\/a> adl\u0131 yaz\u0131m\u0131za g\u00f6z atmas\u0131 \u00f6nerilir.<\/p>\n\n\n\n<h2 id=\"dns-zehirlenmesi-nasil-calisir\" class=\"wp-block-heading\">DNS Zehirlenmesi Nas\u0131l \u00c7al\u0131\u015f\u0131r?<\/h2>\n\n\n\n<div class=\"wp-block-image is-style-default\"><figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1200\" height=\"872\" src=\"https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/Untitled-1-01-1-1200x872.jpg\" alt=\"DNS Spoofing Nedir?, DNS Zehirlenmesi Nas\u0131l \u00c7al\u0131\u015f\u0131r?, DNS hijacking\" class=\"wp-image-47543\" srcset=\"https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/Untitled-1-01-1-1200x872.jpg 1200w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/Untitled-1-01-1-650x472.jpg 650w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/Untitled-1-01-1-768x558.jpg 768w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/Untitled-1-01-1-1536x1116.jpg 1536w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/Untitled-1-01-1-2048x1488.jpg 2048w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/Untitled-1-01-1-380x276.jpg 380w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/Untitled-1-01-1-800x581.jpg 800w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/Untitled-1-01-1-1160x843.jpg 1160w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/Untitled-1-01-1-scaled.jpg 2560w\" sizes=\"auto, (max-width: 1200px) 100vw, 1200px\" \/><figcaption>DNS \u00f6nbelle\u011fine eri\u015fim elde eden sald\u0131rganlar ger\u00e7ek IP adresini sahte bir sitenin IP adresiyle de\u011fi\u015ftirerek kullan\u0131c\u0131lar\u0131n doland\u0131r\u0131c\u0131l\u0131k i\u00e7in \u00f6zel haz\u0131rlanm\u0131\u015f sahte web sitesine ula\u015fmas\u0131n\u0131 sa\u011flar. <\/figcaption><\/figure><\/div>\n\n\n\n<p>\u00dcstte de belirtti\u011fimiz gibi Alan ad\u0131 sistemi yani DNS, trafi\u011fi do\u011fru bir \u015fekilde y\u00f6nlendirmek i\u00e7in kullan\u0131c\u0131lar\u0131n taray\u0131c\u0131n\u0131n adres \u00e7ubu\u011funa girdi\u011fi alan ad\u0131n\u0131 uygun IP adresine e\u015fler. S\u00fcre\u00e7, g\u00f6ndericilerin veya al\u0131c\u0131lar\u0131n kim olduklar\u0131n\u0131 do\u011frulamalar\u0131n\u0131 gerektirmeyen Kullan\u0131c\u0131 Veri Birimi Protokol\u00fc (UDP) \u00fczerine in\u015fa edilmi\u015ftir. DNS zehirlenmesi, trafi\u011fi me\u015fru olmayan bir IP adresine y\u00f6nlendirmek i\u00e7in s\u00fcre\u00e7teki bu zay\u0131fl\u0131klardan yararlan\u0131r. <\/p>\n\n\n\n<p>Sald\u0131rganlar, yerel olarak bir kullan\u0131c\u0131n\u0131n bilgisayar\u0131na veya do\u011frudan bir ad sunucusuna yanl\u0131\u015f giri\u015fler eklemeyi ba\u015far\u0131rsa, trafi\u011fi istedikleri zaman kontrol edebilir ve yeniden y\u00f6nlendirebilirler. DNS sorgular\u0131 genellikle \u015fifrelenmeden aktar\u0131ld\u0131\u011f\u0131ndan, sald\u0131rganlar\u0131n k\u00f6t\u00fc niyetli m\u00fcdahale i\u00e7in bir\u00e7ok se\u00e7ene\u011fi vard\u0131r.<\/p>\n\n\n\n<p>DNS sunucular\u0131, daha g\u00fcvenli olan \u0130letim Kontrol Protokol\u00fc (TCP) yerine Kullan\u0131c\u0131 Datagram Protokol\u00fc (UDP) kulland\u0131\u011f\u0131ndan, DNS \u00f6nbelle\u011fini zehirlemek m\u00fcmk\u00fcn olmaktad\u0131r. UDP ile bir ba\u011flant\u0131n\u0131n a\u00e7\u0131k oldu\u011funun, al\u0131c\u0131n\u0131n almaya haz\u0131r oldu\u011funun veya g\u00f6nderenin s\u00f6yledi\u011fi ki\u015fi oldu\u011funun garantisi yoktur.<\/p>\n\n\n\n<p>DNS hijacking olarak da bilinen DNS spoofing tekni\u011finde siber su\u00e7lular\u0131n y\u00f6nlendiriciler, PC&#8217;ler ve tabletler gibi cihazlara gizlice y\u00fckledikleri k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar kullan\u0131c\u0131lar\u0131 fark etmeden zararl\u0131 web sitelerine y\u00f6nlendirmek i\u00e7in cihazlarda depolanan a\u011f ba\u011flant\u0131s\u0131 ayarlar\u0131n\u0131 de\u011fi\u015ftirir. Bu t\u00fcr k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131n pop\u00fcler bir \u00f6rne\u011fi Windows Trojan Win32\/DNSChanger&#8217;d\u0131r. Y\u00fcr\u00fct\u00fclebilir EXE dosyas\u0131n\u0131n boyutu yaln\u0131zca birka\u00e7 kilobaytt\u0131r ve trafi\u011fi gizlice yeniden y\u00f6nlendirmek i\u00e7in sistemin DNS ayarlar\u0131n\u0131 de\u011fi\u015ftirecek \u015fekilde tasarlanm\u0131\u015ft\u0131r.<\/p>\n\n\n\n<p>Doland\u0131r\u0131c\u0131l\u0131k ama\u00e7l\u0131 sahte web sitelerine y\u00f6nlendirme, siber su\u00e7lular\u0131n kullan\u0131c\u0131lar\u0131n cihazlar\u0131na vir\u00fcs ve k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m y\u00fcklenmek i\u00e7in eri\u015fim elde etmesine olanak tan\u0131r.<\/p>\n\n\n\n<p>\u00d6nbellek zehirleme kodlar\u0131 genellikle spam e-postalar arac\u0131l\u0131\u011f\u0131yla g\u00f6nderilen URL&#8217;lerde bulunur. Ger\u00e7ek gibi g\u00f6r\u00fcnen sahte bir IP adresine y\u00f6nlendirildi\u011finizde tehdit, sistemlerinize enjekte edilir.<\/p>\n\n\n\n<h2 id=\"dns-onbellek-zehirlenmesi-neden-tehlikeli\" class=\"wp-block-heading\">DNS \u00d6nbellek Zehirlenmesi Neden Tehlikeli?<\/h2>\n\n\n\n<div class=\"wp-block-image is-style-default\"><figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1198\" height=\"1200\" src=\"https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/1-5-1198x1200.jpg\" alt=\"DNS \u00d6nbellek Zehirlenmesi Neden Tehlikeli?, DNS Spoofing \u00d6rnekleri,  DNS sahtekarl\u0131\u011f\u0131\" class=\"wp-image-47546\" srcset=\"https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/1-5-1198x1200.jpg 1198w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/1-5-650x650.jpg 650w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/1-5-150x150.jpg 150w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/1-5-768x770.jpg 768w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/1-5-80x80.jpg 80w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/1-5-380x381.jpg 380w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/1-5-800x802.jpg 800w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/1-5-1160x1162.jpg 1160w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/1-5.jpg 1500w\" sizes=\"auto, (max-width: 1198px) 100vw, 1198px\" \/><figcaption>DNS \u00f6nbellek zehirlenmesinin son derece tehlikeli olmas\u0131n\u0131n ba\u015fl\u0131ca nedenlerinden biri, bir DNS sunucusundan di\u011ferine yay\u0131labilmesidir.<\/figcaption><\/figure><\/div>\n\n\n\n<p>\u00c7o\u011fu durumda, siber su\u00e7lular, sahte web sitelerinde oturum a\u00e7ma kimlik bilgilerini \u00e7almak veya ba\u015fka sald\u0131r\u0131lar i\u00e7in k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m eklemek i\u00e7in DNS sahtekarl\u0131\u011f\u0131n\u0131 kullan\u0131r.<\/p>\n\n\n\n<p>DNS sunucusu zehirlendi\u011finde, di\u011fer DNS sunucular\u0131na ve ev y\u00f6nlendiricilerine yay\u0131lmaya ba\u015flayacakt\u0131r. DNS giri\u015flerini arayan bilgisayarlar, daha fazla kullan\u0131c\u0131n\u0131n DNS zehirlenmesinin kurban\u0131 olmas\u0131na neden olarak yanl\u0131\u015f yan\u0131t al\u0131r.<\/p>\n\n\n\n<p>Bu sorun yaln\u0131zca, etkilenen her DNS sunucusunda zehirlenen DNS \u00f6nbelle\u011fi temizlendi\u011finde \u00e7\u00f6z\u00fclecektir; o zamana kadar hassas bilgilerinizi kaybetme riskiyle kar\u015f\u0131 kar\u015f\u0131ya kal\u0131rs\u0131n\u0131z.<\/p>\n\n\n\n<p>DNS zehirlenmesi, hem bireyler hem de kurulu\u015flar i\u00e7in \u00e7e\u015fitli riskler olu\u015fturur. En b\u00fcy\u00fck risklerden biri, DNS \u00f6nbellek zehirlenmesine kurban giden cihaz varsay\u0131lan olarak gayri me\u015fru siteye geri d\u00f6nece\u011fi i\u00e7in, sorunu \u00e7\u00f6zmenin zorla\u015fmas\u0131d\u0131r.<\/p>\n\n\n\n<p>Ayr\u0131ca, sahte web sitesi ger\u00e7ek siteyle neredeyse ayn\u0131 oldu\u011fundan, DNS zehirlenmesini tespit etmek kullan\u0131c\u0131lar i\u00e7in son derece zor olabilir. Bu durumlarda, kullan\u0131c\u0131lar kendilerini ve\/veya kurulu\u015flar\u0131n\u0131 ciddi risklere maruz b\u0131rakt\u0131klar\u0131n\u0131n fark\u0131na varmadan, hassas bilgileri normal \u015fekilde gireceklerdir.<\/p>\n\n\n\n<p>Doland\u0131r\u0131c\u0131lara sosyal g\u00fcvenlik numaralar\u0131 ve \u00f6deme bilgileri gibi hassas bilgilere eri\u015fmeleri i\u00e7in kolay bir yol sunan DNS zehirlenmesi ile siber su\u00e7lular, cihazlar\u0131n g\u00fcvenli\u011fini sa\u011flayan \u00f6nemli yamalar\u0131n ve g\u00fcncellemelerin al\u0131nmas\u0131n\u0131 engellemek amac\u0131yla g\u00fcvenlik sa\u011flay\u0131c\u0131lar\u0131ndan gelen trafi\u011fi yeniden y\u00f6nlendirebilir. Cihazlar\u0131 zamanla daha savunmas\u0131z hale getiren bu y\u00f6ntem, truva atlar\u0131 ve vir\u00fcsler gibi \u00e7ok say\u0131da sald\u0131r\u0131ya kap\u0131 a\u00e7abilir.<\/p>\n\n\n\n<p>Ayr\u0131ca DNS sald\u0131r\u0131lar\u0131n\u0131n otoriter y\u00f6netimler taraf\u0131ndan tart\u0131\u015fmal\u0131 kullan\u0131mlar\u0131 da s\u00f6z konusudur, baz\u0131 \u015firketler ve h\u00fck\u00fcmetler taraf\u0131ndan interneti sans\u00fcrlemek i\u00e7in DNS spoofing gibi tekniklerin tercih edildi\u011fi bilinmektedir. Ancak baz\u0131 durumlarda, DNS sahtekarl\u0131\u011f\u0131, h\u00fck\u00fcmetler taraf\u0131ndan yasa d\u0131\u015f\u0131 i\u00e7eri\u011fe sahip portallar\u0131 \u00e7evrimd\u0131\u015f\u0131na almak i\u00e7in de kullan\u0131labilmektedir.<\/p>\n\n\n\n<h2 id=\"dns-spoofing-ornekleri\" class=\"wp-block-heading\">DNS Spoofing \u00d6rnekleri<\/h2>\n\n\n\n<p>COVID-19 salg\u0131n\u0131 milyonlarca \u00e7al\u0131\u015fan\u0131 uzaktan \u00e7al\u0131\u015fmak zorunda b\u0131rakt\u0131\u011f\u0131nda \u00e7al\u0131\u015fanlar\u0131n kurumsal sistemlere ev ve genel WiFi a\u011flar\u0131 \u00fczerinden eri\u015fmeye \u00e7al\u0131\u015fmas\u0131; DNS sorgular\u0131n\u0131n hacminde h\u0131zl\u0131 bir art\u0131\u015fa neden olmu\u015ftur. Bu da DNS&#8217;i hedefleyen siber sald\u0131r\u0131lar\u0131n say\u0131s\u0131nda belirgin art\u0131\u015fa yol a\u00e7m\u0131\u015ft\u0131r. Bir k\u0131sm\u0131n\u0131n &#8220;t\u00fcnel a\u00e7ma&#8221; gibi geleneksel y\u00f6ntemleri kulland\u0131\u011f\u0131 bu sald\u0131r\u0131lar\u0131n bir k\u0131sm\u0131 da Temmuz 2020&#8217;de ke\u015ffedilmeden \u00f6nce on yedi y\u0131l y\u00fcr\u00fcrl\u00fckte olan Windows DNS&#8217;deki SIGRed g\u00fcvenlik a\u00e7\u0131\u011f\u0131 gibi yeni ke\u015ffedilen g\u00fcvenlik a\u00e7\u0131klar\u0131ndan yararlanm\u0131\u015ft\u0131r. <\/p>\n\n\n\n<p>Ge\u00e7ti\u011fimiz y\u0131l yeni ke\u015ffedilen <strong>SAD DNS<\/strong> sald\u0131r\u0131s\u0131 ile canlanmaya ba\u015flayan DNS \u00f6nbellek zehirlenmesi sald\u0131r\u0131lar\u0131, DANE ve DNSSEC gibi modern savunma \u00f6nlemleri taraf\u0131ndan b\u00fcy\u00fck \u00f6l\u00e7\u00fcde durdurulmu\u015ftur. Ancak bu DNS g\u00fcvenlik y\u00f6ntemleri herkes taraf\u0131ndan uygulanmad\u0131\u011f\u0131 i\u00e7in bu t\u00fcr sald\u0131r\u0131lar halen devam etmektedir.<\/p>\n\n\n\n<p>Son y\u0131llarda meydana gelen di\u011fer \u00f6nemli DNS zehirlenmesi sald\u0131r\u0131lar\u0131 aras\u0131nda AWS ve Malaysia Airlines&#8217;a yap\u0131lan sald\u0131r\u0131lar\u0131 sayabiliriz:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>2018&#8217;de Amazon Web Services&#8217;e (AWS) yap\u0131lan bir DNS spoofing sald\u0131r\u0131s\u0131, 17 milyon dolar de\u011ferinde Ethereum \u00e7al\u0131nmas\u0131na yol a\u00e7m\u0131\u015ft\u0131r. H\u0131rs\u0131zlar, MyEtherWallet hesaplar\u0131na giri\u015f yapmaya \u00e7al\u0131\u015fanlardan gelen trafi\u011fi, giri\u015f bilgilerini ele ge\u00e7irmek i\u00e7in sahte bir web sitesine y\u00f6nlendirmi\u015f ve bu bilgileri, kullan\u0131c\u0131lar\u0131n hesaplar\u0131na eri\u015fmek ve paralar\u0131n\u0131 \u00e7almak i\u00e7in kullanm\u0131\u015ft\u0131r. <\/li><\/ul>\n\n\n\n<ul class=\"wp-block-list\"><li>2015 y\u0131l\u0131nda, Lizard Squad olarak bilinen bir korsan grubu, Malaysia Airlines&#8217;a DNS zehirlenmesi sald\u0131r\u0131s\u0131 d\u00fczenlemi\u015ftir. Sitenin ziyaret\u00e7ilerini oturum a\u00e7maya te\u015fvik eden sahte bir web sitesine y\u00f6nlendiren sald\u0131r\u0131, iki u\u00e7u\u015fun kaybedildi\u011fi zorlu bir y\u0131l\u0131 geride b\u0131rakan havayolu \u015firketinde ciddi kayba yol a\u00e7m\u0131\u015ft\u0131r. <\/li><\/ul>\n\n\n\n<h2 id=\"dns-onbellek-zehirlenmesinden-korunma-yollari\" class=\"wp-block-heading\">DNS \u00d6nbellek Zehirlenmesinden Korunma Yollar\u0131<\/h2>\n\n\n\n<div class=\"wp-block-image is-style-default\"><figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1200\" height=\"581\" src=\"https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/2-5-1200x581.jpg\" alt=\"DNS \u00d6nbellek Zehirlenmesinden Korunma Yollar\u0131,  DNS \u00f6nbellek zehirlenmesi \" class=\"wp-image-47548\" srcset=\"https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/2-5-1200x581.jpg 1200w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/2-5-650x315.jpg 650w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/2-5-768x372.jpg 768w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/2-5-380x184.jpg 380w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/2-5-800x387.jpg 800w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/2-5-1160x561.jpg 1160w, https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/2-5.jpg 1500w\" sizes=\"auto, (max-width: 1200px) 100vw, 1200px\" \/><figcaption>DNSSEC&#8217;i tan\u0131tmak, DNS zehirlenmesi sald\u0131r\u0131lar\u0131na kar\u015f\u0131 korunmak i\u00e7in alabilece\u011finiz en de\u011ferli \u00f6nlemlerden biridir. <\/figcaption><\/figure><\/div>\n\n\n\n<p>DNS zehirlenmesi sald\u0131r\u0131lar\u0131 tespit edilmesi ve \u00e7\u00f6z\u00fcm\u00fc zor olabilece\u011fi i\u00e7in \u00e7ok tehlikelidir. DNS servis sa\u011flay\u0131c\u0131s\u0131 veya web sitesi sahipleri, tehditleri y\u00f6netmek i\u00e7in \u00e7e\u015fitli ara\u00e7lar ve protokoller kullanarak kullan\u0131c\u0131lar\u0131 korumak ad\u0131na ad\u0131mlar atmal\u0131d\u0131r. Bu tip sald\u0131r\u0131lardan koruman\u0131n bilinen en iyi yollar\u0131n\u0131 \u015fu \u015fekilde s\u0131ralayabiliriz:<\/p>\n\n\n\n<p>1) DNSSEC&#8217;i tan\u0131tmak, DNS zehirlenmesi sald\u0131r\u0131lar\u0131na kar\u015f\u0131 korunmak i\u00e7in alabilece\u011finiz en de\u011ferli \u00f6nlemlerden biridir. DNSSEC, mevcut internet protokollerinde standart olmayan DNS verilerini do\u011frulamay\u0131 m\u00fcmk\u00fcn k\u0131lmak i\u00e7in ortak anahtar \u015fifrelemesine g\u00fcvenir. Spesifik olarak, bir iste\u011fe yan\u0131t veren herhangi bir DNS&#8217;in k\u00f6k alan ad\u0131n\u0131 do\u011frulamak ve bunu yapmaya yetkili oldu\u011fundan emin olmak i\u00e7in sertifika tabanl\u0131 kimlik do\u011frulamas\u0131n\u0131 kullan\u0131r. Ayr\u0131ca, yan\u0131t\u0131n i\u00e7eri\u011fine g\u00fcvenilip g\u00fcvenilmeyece\u011fini ve bu i\u00e7eriklerin aktar\u0131m s\u0131ras\u0131nda de\u011fi\u015ftirilip de\u011fi\u015ftirilmedi\u011fini de\u011ferlendirir.<\/p>\n\n\n\n<p>2) Bir di\u011fer \u00f6nemli ad\u0131m, DNS istek ve yan\u0131tlar\u0131nda yer alan verileri her zaman \u015fifrelemektir. Bu, verilere m\u00fcdahale edebilecek siber su\u00e7lulara kar\u015f\u0131 ek bir koruma katman\u0131 sunar. \u00d6rne\u011fin, bir sald\u0131rgan \u015fifrelenmi\u015f verileri ele ge\u00e7irmeyi ba\u015farsa bile, gelecekteki yan\u0131tlarda kullanmak \u00fczere \u00e7o\u011faltmak i\u00e7in ihtiya\u00e7 duydu\u011fu bilgileri almak i\u00e7in okuyamaz.<\/p>\n\n\n\n<p>3) Kurulu\u015flar, DNS&#8217;e ek bir koruma katman\u0131 sa\u011flayan yap\u0131land\u0131rmalar i\u00e7in ad\u0131mlar da atabilir. DNS sunucular\u0131n\u0131, di\u011fer DNS sunucular\u0131yla olan ili\u015fkilere b\u00fcy\u00fck \u00f6l\u00e7\u00fcde g\u00fcvenmeyecek \u015fekilde yap\u0131land\u0131rabilirler. Bu, bilgisayar korsanlar\u0131n\u0131n kendi DNS sunucular\u0131 arac\u0131l\u0131\u011f\u0131yla ba\u011flant\u0131 kurmas\u0131n\u0131 zorla\u015ft\u0131r\u0131r. Ek olarak kurulu\u015flar, DNS sunucular\u0131n\u0131 yaln\u0131zca belirli hizmetlerin \u00e7al\u0131\u015fmas\u0131na izin verecek \u015fekilde daha s\u0131n\u0131rl\u0131 veri k\u00fcmelerini depolayacak \u015fekilde yap\u0131land\u0131rabilirler. <\/p>\n\n\n\n<p>4) Sistem g\u00fcncellemeleri genellikle yeni g\u00fcvenlik protokolleri ve tan\u0131mlanm\u0131\u015f g\u00fcvenlik a\u00e7\u0131klar\u0131na y\u00f6nelik d\u00fczeltmeler i\u00e7erdi\u011finden DNS&#8217;in en son s\u00fcr\u00fcm\u00fcn\u00fc kullanmak da son derece \u00f6nemlidir.<\/p>\n\n\n\n<p>5) DNS zehirlenmesi sald\u0131r\u0131s\u0131n\u0131n ger\u00e7ekle\u015fmesi durumunda g\u00fc\u00e7l\u00fc alg\u0131lama protokollerinin olmas\u0131 sonucu de\u011fi\u015ftirebilir. En iyi alg\u0131lama protokolleri, d\u00fczenli izleme kullan\u0131r. En b\u00fcy\u00fck uyar\u0131 i\u015faretlerinden biri tek bir alan ad\u0131 hakk\u0131nda tek bir kaynaktan DNS etkinli\u011finde art\u0131\u015f olmas\u0131 ve tek bir kaynaktan birden fazla alan ad\u0131 hakk\u0131nda DNS etkinli\u011finde art\u0131\u015f olmas\u0131d\u0131r. Bunlar, DNS zehirlenmesi i\u00e7in bir giri\u015f noktas\u0131 bulma giri\u015fimlerinin g\u00f6stergesidir.<\/p>\n\n\n\n<p>6) Potansiyel risklerin fark\u0131na varmak i\u00e7in siber g\u00fcvenlik e\u011fitimleri \u00f6nerilir. Fark etmesi \u00e7ok zor olsa \u00e7al\u0131\u015fanlar\u0131n siber tehditler konusunda e\u011fitilmesi kurulu\u015flar\u0131n itibar ve finans kayb\u0131 ya\u015fama ihtimallerini zay\u0131flat\u0131r.<\/p>\n\n\n\n<h2 id=\"ozet\" class=\"wp-block-heading\">\u00d6zet<\/h2>\n\n\n\n<p>DNS spoofing, internet kullan\u0131c\u0131lar\u0131n\u0131n hedefledikleri web sitesi yerine, orijinal site gibi g\u00f6r\u00fcnen farkl\u0131 bir siteye ula\u015fmas\u0131n\u0131 sa\u011flayarak  hassas bilgilerini payla\u015fmalar\u0131 i\u00e7in kand\u0131r\u0131lmas\u0131n\u0131 ama\u00e7layan bir siber sald\u0131r\u0131 t\u00fcr\u00fcd\u00fcr.<\/p>\n\n\n\n<p>DNS zehirlenmesi sald\u0131r\u0131lar\u0131nda trafi\u011fi gayri me\u015fru sunucuya y\u00f6nlendirme d\u0131\u015f\u0131nda, ortadaki adam sald\u0131r\u0131s\u0131 veya ziyaret\u00e7ilerin bilgisayarlar\u0131na an\u0131nda hasara neden olacak bir vir\u00fcs y\u00fcklemek gibi farkl\u0131 teknikler uygulanabilmektedir.<\/p>\n\n\n\n<p>DNS konusunda yeni tehditlerin y\u00fckseli\u015fi nedeniyle DNS Spoofing Nedir? gibi sorular\u0131n siber g\u00fcvenlik \u00f6nlemlerini ara\u015ft\u0131rma a\u015famas\u0131ndaki \u015firketler ve bireysel kullan\u0131c\u0131lar taraf\u0131ndan \u00f6nemsenmesi \u00e7ok \u015feyi de\u011fi\u015ftirebilir.<\/p>\n","protected":false},"excerpt":{"rendered":"Ge\u00e7ti\u011fimiz y\u0131l yeni ke\u015ffedilen SAD DNS sald\u0131r\u0131s\u0131 ile canlanmaya ba\u015flayan DNS spoofing sald\u0131r\u0131lar\u0131, neden tehlikeli?\n","protected":false},"author":1,"featured_media":47541,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_relevanssi_hide_post":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"46480,21148,44807,24042,43938,7453","_relevanssi_noindex_reason":"","footnotes":""},"categories":[656,654,657,655,138],"tags":[],"class_list":{"0":"post-46317","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-alpha-ssl","8":"category-comodo-ssl","9":"category-ev-ssl","10":"category-globalsign-ssl","11":"category-ipuclari"},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>DNS Spoofing Nedir? &#8226; Turhost Blog<\/title>\n<meta name=\"description\" content=\"DNS Spoofing Nedir? gibi sorular\u0131n siber g\u00fcvenlik \u00f6nlemlerini ara\u015ft\u0131rma a\u015famas\u0131ndakiler taraf\u0131ndan \u00f6nemsenmesi \u00e7ok \u015feyi de\u011fi\u015ftirebilir.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.turhost.com/blog\/dns-spoofing-nedir\/\" \/>\n<meta property=\"og:locale\" content=\"tr_TR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"DNS Spoofing Nedir? &#8226; Turhost Blog\" \/>\n<meta property=\"og:description\" content=\"DNS Spoofing Nedir? gibi sorular\u0131n siber g\u00fcvenlik \u00f6nlemlerini ara\u015ft\u0131rma a\u015famas\u0131ndakiler taraf\u0131ndan \u00f6nemsenmesi \u00e7ok \u015feyi de\u011fi\u015ftirebilir.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.turhost.com/blog\/dns-spoofing-nedir\/\" \/>\n<meta property=\"og:site_name\" content=\"Turhost Blog\" \/>\n<meta property=\"article:published_time\" content=\"2021-09-01T05:53:12+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-11-26T06:29:40+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/kapak-6.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"740\" \/>\n\t<meta property=\"og:image:height\" content=\"740\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Turhost\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Yazan:\" \/>\n\t<meta name=\"twitter:data1\" content=\"Turhost\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tahmini okuma s\u00fcresi\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 dakika\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.turhost.com/blog\/dns-spoofing-nedir\/\",\"url\":\"https:\/\/www.turhost.com/blog\/dns-spoofing-nedir\/\",\"name\":\"DNS Spoofing Nedir? &#8226; Turhost Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.turhost.com/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.turhost.com/blog\/dns-spoofing-nedir\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.turhost.com/blog\/dns-spoofing-nedir\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/kapak-6.jpg\",\"datePublished\":\"2021-09-01T05:53:12+00:00\",\"dateModified\":\"2021-11-26T06:29:40+00:00\",\"author\":{\"@id\":\"https:\/\/www.turhost.com/blog\/#\/schema\/person\/dd8970d865df6ed4f742fe30c308ad1c\"},\"description\":\"DNS Spoofing Nedir? gibi sorular\u0131n siber g\u00fcvenlik \u00f6nlemlerini ara\u015ft\u0131rma a\u015famas\u0131ndakiler taraf\u0131ndan \u00f6nemsenmesi \u00e7ok \u015feyi de\u011fi\u015ftirebilir.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.turhost.com/blog\/dns-spoofing-nedir\/#breadcrumb\"},\"inLanguage\":\"tr\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.turhost.com/blog\/dns-spoofing-nedir\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"tr\",\"@id\":\"https:\/\/www.turhost.com/blog\/dns-spoofing-nedir\/#primaryimage\",\"url\":\"https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/kapak-6.jpg\",\"contentUrl\":\"https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/kapak-6.jpg\",\"width\":740,\"height\":740},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.turhost.com/blog\/dns-spoofing-nedir\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Blog\",\"item\":\"https:\/\/www.turhost.com/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u0130pu\u00e7lar\u0131\",\"item\":\"https:\/\/www.turhost.com/blog\/ipuclari\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"DNS Spoofing Nedir?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.turhost.com/blog\/#website\",\"url\":\"https:\/\/www.turhost.com/blog\/\",\"name\":\"Turhost Blog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.turhost.com/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"tr\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.turhost.com/blog\/#\/schema\/person\/dd8970d865df6ed4f742fe30c308ad1c\",\"name\":\"Turhost\",\"sameAs\":[\"http:\/\/www.turhost.com\/\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"DNS Spoofing Nedir? &#8226; Turhost Blog","description":"DNS Spoofing Nedir? gibi sorular\u0131n siber g\u00fcvenlik \u00f6nlemlerini ara\u015ft\u0131rma a\u015famas\u0131ndakiler taraf\u0131ndan \u00f6nemsenmesi \u00e7ok \u015feyi de\u011fi\u015ftirebilir.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.turhost.com/blog\/dns-spoofing-nedir\/","og_locale":"tr_TR","og_type":"article","og_title":"DNS Spoofing Nedir? &#8226; Turhost Blog","og_description":"DNS Spoofing Nedir? gibi sorular\u0131n siber g\u00fcvenlik \u00f6nlemlerini ara\u015ft\u0131rma a\u015famas\u0131ndakiler taraf\u0131ndan \u00f6nemsenmesi \u00e7ok \u015feyi de\u011fi\u015ftirebilir.","og_url":"https:\/\/www.turhost.com/blog\/dns-spoofing-nedir\/","og_site_name":"Turhost Blog","article_published_time":"2021-09-01T05:53:12+00:00","article_modified_time":"2021-11-26T06:29:40+00:00","og_image":[{"width":740,"height":740,"url":"https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/kapak-6.jpg","type":"image\/jpeg"}],"author":"Turhost","twitter_card":"summary_large_image","twitter_misc":{"Yazan:":"Turhost","Tahmini okuma s\u00fcresi":"7 dakika"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.turhost.com/blog\/dns-spoofing-nedir\/","url":"https:\/\/www.turhost.com/blog\/dns-spoofing-nedir\/","name":"DNS Spoofing Nedir? &#8226; Turhost Blog","isPartOf":{"@id":"https:\/\/www.turhost.com/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.turhost.com/blog\/dns-spoofing-nedir\/#primaryimage"},"image":{"@id":"https:\/\/www.turhost.com/blog\/dns-spoofing-nedir\/#primaryimage"},"thumbnailUrl":"https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/kapak-6.jpg","datePublished":"2021-09-01T05:53:12+00:00","dateModified":"2021-11-26T06:29:40+00:00","author":{"@id":"https:\/\/www.turhost.com/blog\/#\/schema\/person\/dd8970d865df6ed4f742fe30c308ad1c"},"description":"DNS Spoofing Nedir? gibi sorular\u0131n siber g\u00fcvenlik \u00f6nlemlerini ara\u015ft\u0131rma a\u015famas\u0131ndakiler taraf\u0131ndan \u00f6nemsenmesi \u00e7ok \u015feyi de\u011fi\u015ftirebilir.","breadcrumb":{"@id":"https:\/\/www.turhost.com/blog\/dns-spoofing-nedir\/#breadcrumb"},"inLanguage":"tr","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.turhost.com/blog\/dns-spoofing-nedir\/"]}]},{"@type":"ImageObject","inLanguage":"tr","@id":"https:\/\/www.turhost.com/blog\/dns-spoofing-nedir\/#primaryimage","url":"https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/kapak-6.jpg","contentUrl":"https:\/\/www.turhost.com/blog\/wp-content\/uploads\/2021\/08\/kapak-6.jpg","width":740,"height":740},{"@type":"BreadcrumbList","@id":"https:\/\/www.turhost.com/blog\/dns-spoofing-nedir\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https:\/\/www.turhost.com/blog\/"},{"@type":"ListItem","position":2,"name":"\u0130pu\u00e7lar\u0131","item":"https:\/\/www.turhost.com/blog\/ipuclari\/"},{"@type":"ListItem","position":3,"name":"DNS Spoofing Nedir?"}]},{"@type":"WebSite","@id":"https:\/\/www.turhost.com/blog\/#website","url":"https:\/\/www.turhost.com/blog\/","name":"Turhost Blog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.turhost.com/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"tr"},{"@type":"Person","@id":"https:\/\/www.turhost.com/blog\/#\/schema\/person\/dd8970d865df6ed4f742fe30c308ad1c","name":"Turhost","sameAs":["http:\/\/www.turhost.com\/"]}]}},"_links":{"self":[{"href":"https:\/\/www.turhost.com/blog\/wp-json\/wp\/v2\/posts\/46317","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.turhost.com/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.turhost.com/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.turhost.com/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.turhost.com/blog\/wp-json\/wp\/v2\/comments?post=46317"}],"version-history":[{"count":120,"href":"https:\/\/www.turhost.com/blog\/wp-json\/wp\/v2\/posts\/46317\/revisions"}],"predecessor-version":[{"id":47566,"href":"https:\/\/www.turhost.com/blog\/wp-json\/wp\/v2\/posts\/46317\/revisions\/47566"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.turhost.com/blog\/wp-json\/wp\/v2\/media\/47541"}],"wp:attachment":[{"href":"https:\/\/www.turhost.com/blog\/wp-json\/wp\/v2\/media?parent=46317"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.turhost.com/blog\/wp-json\/wp\/v2\/categories?post=46317"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.turhost.com/blog\/wp-json\/wp\/v2\/tags?post=46317"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}