#SecureSenses --verbose

DNS injection is a type of a DNS poisoning attack in which, a network traffic monitoring device injects fake DNS responses. When a monitoring device detects a DNS query for a censored domain, it forges a fake response and sends it to the client.  This attack can be implemented by an on-path or an off-path device. This technique is commonly used by state actors to implement country based censorship.  We'll use The Great Firewall of China (GFW) to demonstrate this attack in practice.  Let's query wikipedia.org against Google DNS to get a baseline.  dig wikipedia.org @8.8.8.8 ; <<>> DiG 9.10.6 <<>> wikipedia.org @8.8.8.8 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61120 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;wikipedia.org.            IN    A ;; ANSWER SECTION: wikipedia.org.        234    I