mirror of
https://github.com/aquasecurity/kube-hunter.git
synced 2026-05-24 01:55:20 +00:00
839 B
839 B
vid, title, categories
| vid | title | categories | |
|---|---|---|---|
| KHV030 | Possible DNS Spoof |
|
{{ page.vid }} - {{ page.title }}
Issue description
Your Kubernetes DNS setup is vulnerable to spoofing attacks which impersonate your DNS for malicious purposes.
In this case the exploited vulnerability was ARP spoofing, but other methods could be used as well.
Remediation
Consider using DNS over TLS. CoreDNS (the common DNS server for Kubernetes) supports this out of the box, but your client applications might not.
References
- DNS Spoofing on Kubernetes Clusters
- [KHV020 - Possible Arp Spoof]({{ site.baseurl }}{% link _kb/KHV020.md %})
- CoreDNS DNS over TLS
- DNS over TLS spec