Mitigasi Serangan DNS Cache Poisoning Pada Local Area Network Berbasis Routerboard Mikrotik

Abstract

Domain Name System (DNS) enables users to access websites via domain names, offering convenient navigation. However, criminals can exploit this convenience to redirect connections from user devices to fake servers for a variety of purposes. A form of attack known as DNS cache poisoning exploits vulnerabilities in the Domain Name System (DNS) to redirect connections from a legitimate website address to an illegitimate one. As a consequence of the fact that users of networked systems are typically unaware that they are accessing an illegitimate site, this attack can have a particularly damaging impact. Such incidents can give rise to several issues, including the theft of data, the distribution of malware, and other security threats. To address this issue, this study employs a firewall in conjunction with DoH (DNS over HTTPS) and the utilization of registered certificates. The Domain Name System over HTTPS (DoH) protocol encrypts DNS requests and responses, preventing third parties (such as attackers who manipulate DNS) from reading or modifying DNS requests. The data employed in this study is derived from a review of existing literature. Furthermore, this study employs the PPDIOO model (Preparation, Planning, Design, Implementation, Operation, and Optimization) for the development of the network. Furthermore, the Mikrotik RB951ui-2Hnd routerboard is employed in this study. The outcome is the implementation of a multifaceted security strategy that effectively mitigates DNS cache poisoning attacks by 100%, while simultaneously reducing CPU usage to 11.5%. This approach enhances the security and reliability of user search activities on the internet.