Internet
Fact-checked

At EasyTechJunkie, we're committed to delivering accurate, trustworthy information. Our expert-authored content is rigorously fact-checked and sourced from credible authorities. Discover how we uphold the highest standards in providing you with reliable knowledge.

Learn more...

What is DNS Redirection?

Robert Grimmick
Robert Grimmick

Domain Name System (DNS) redirection, sometimes known as DNS hijacking, is the practice of diverting results from a DNS server. DNS redirection is used by some Internet Service Providers (ISPs) to bring up a search or help page instead of an error message when a website cannot be found. It can also be used to block websites that contain dangerous or illegal content or as part of a “phishing” attack designed to steal personal information.

The DNS is a critical component of the Internet. DNS translates a domain name, such as wiseGEEK.com, into a series of numbers called an Internet Protocol (IP) Address. A web browser or other software will then contact a server at that IP Address. If a domain name has no corresponding IP Address in DNS, the system returns a “Non-Existent Domain” or “NXDOMAIN” result. This response, often the result of a misspelled domain name, normally causes user’s web browser to display an error message.

Although DNS redirection can help users, it can also be used to redirect traffic to a fraudulent site.
Although DNS redirection can help users, it can also be used to redirect traffic to a fraudulent site.

DNS redirection eliminates the NXDOMAIN error result in favor of a search or help page operated by an ISP. These pages often contain suggestions that are close to what a user typed. This practice can be helpful for some users who are confused by cryptic error messages, but it can also be a source of extra income for ISPs as advertising is frequently found on these help pages. It can also cause problems for some applications that rely on the NXDOMAIN result, so it’s common for ISPs using DNS redirection to give users a “opt-out” preference.

An IP address can't be found if domain names are misspelled.
An IP address can't be found if domain names are misspelled.

In addition to being used on non-existent pages, DNS redirection can be used to block access to websites known to contain malware, viruses, or illegal content. Rather than return the IP address of the illicit site, a DNS server will return a page informing the user that the content has been blocked. This technique is used by some ISPs, but can more frequently be seen on public networks like schools, libraries, and Internet cafes.

Hackers or identity thieves can make use of DNS redirection for more insidious purposes. A type of attack known as “pharming” injects illegitimate DNS settings onto vulnerable servers and allows a hacker to redirect traffic to a fraudulent site. A “pharmed” DNS server might, for example, contain a false listing for an online banking site that leads to a carefully crafted fake designed to trick the user into revealing their personal information, a practice known as “phishing.”

Discussion Comments

anon233576

Thank you very much. I have been trying to know about domain parking but this article has cleared every cloud, thank you so much. Monday, from Nigeria

Post your comments
Login:
Forgot password?
Register:
    • Although DNS redirection can help users, it can also be used to redirect traffic to a fraudulent site.
      By: alexskopje
      Although DNS redirection can help users, it can also be used to redirect traffic to a fraudulent site.
    • An IP address can't be found if domain names are misspelled.
      By: iinspiration
      An IP address can't be found if domain names are misspelled.