Tämän sivun sisältöä ei valitettavasti voida näyttää valitsemallasi kielellä.
Koti DNS redirection

DNS redirection

DNS redirection definition

DNS redirection means directing traffic from a domain to a different IP address or server. It can be used to sideload You send out a query – What is the IP of youtube.com? – but a third party steers the query the wrong way. As a result, you get a false IP address, and the wrong page loads on your screen.

See also: DNS query, DNS resolution, DNS clientDNS proxy, DNS failover, DNS cache, DNS hijacking

How DNS redirection works 

  1. 1.User enters domain name. A user types a domain name into their browser, triggering a DNS lookup request.
  2. 2.DNS query sent to server. The DNS client sends a query to the configured DNS server to resolve the domain name.
  3. 3.DNS server checks redirection rules. The DNS server examines its configuration and identifies that the requested domain has a redirection rule in place.
  4. 4.Redirected IP address returned. Instead of returning the original IP address, the DNS server responds with a different IP address specified in the redirection rule.
  5. 5.Client connects to a new destination. The user's device connects to the redirected IP address, which may point to a different website, server, or service.
  6. 6.Content from the new location displayed. The browser loads content from the redirected destination, completing the redirection process transparently to the user.

DNS redirection uses 

Legitimate uses of DNS redirection:

  • Website migration. Redirecting traffic from an old domain to a new one when a business changes its web address or rebrands.
  • Load balancing. Distributing incoming traffic across multiple servers to improve performance and prevent overload on a single server.
  • Content filtering. Blocking access to harmful or inappropriate websites by redirecting requests to a warning page, commonly used by parental controls and corporate networks.
  • Geolocation services. Directing users to region-specific servers or content based on their geographic location for better performance and localized experiences.
  • Maintenance pages. Temporarily redirecting visitors to a maintenance page while updates or repairs are being performed on the main website.

Malicious uses of DNS redirection:

  • Phishing attacks. Redirecting users to fake websites that mimic legitimate ones to steal login credentials, financial information, or personal data.
  • DNS hijacking. Unauthorized modification of DNS settings to redirect users to malicious websites without their knowledge or consent.
  • Malware distribution. Redirecting traffic to websites that automatically download viruses, ransomware, or other malicious software onto users' devices.
  • Ad fraud and click hijacking. Redirecting users to advertising sites to generate fraudulent revenue through forced clicks and impressions.
  • Censorship and surveillance. Governments or ISPs redirecting DNS queries to monitor user activity or block access to specific content for political control.

Real DNS redirection examples

In 2017, the hacker group OurMine hijacked one of the DNS servers that directed visitors to wikileaks.org and sent users fake values. Anyone trying to visit WikiLeaks was directed to a page with a message claiming the website had been hacked instead.

In 2016, hackers redirected users trying to visit an undisclosed Brazilian bank website to fake sites. Once there, thinking that they were visiting a legitimate site, users handed over their usernames and passwords.

Stopping DNS redirection

  • Use a reliable antivirus and a VPN.
  • Check the URL of the website once it loads.
  • Change your router password.