From c8b32d0d2fe2c85785bbb845058d170eccb0f480 Mon Sep 17 00:00:00 2001 From: Bernd Eckenfels Date: Wed, 12 Nov 2025 22:24:01 +0100 Subject: [PATCH] Fixed typo DNS over TLS --- .github/README.md | 2 +- src/web-check-live/utils/docs.ts | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/README.md b/.github/README.md index 08f63f99..46ffd6fc 100644 --- a/.github/README.md +++ b/.github/README.md @@ -415,7 +415,7 @@ In an OSINT context, Whois records can provide valuable clues about the entity b ###### Description -Without DNSSEC, it's possible for MITM attackers to spoof records and lead users to phishing sites. This is because the DNS system includes no built-in methods to verify that the response to the request was not forged, or that any other part of the process wasn’t interrupted by an attacker. The DNS Security Extensions (DNSSEC) secures DNS lookups by signing your DNS records using public keys, so browsers can detect if the response has been tampered with. Another solution to this issue is DoH (DNS over HTTPS) and DoT (DNS over TLD). +Without DNSSEC, it's possible for MITM attackers to spoof records and lead users to phishing sites. This is because the DNS system includes no built-in methods to verify that the response to the request was not forged, or that any other part of the process wasn’t interrupted by an attacker. The DNS Security Extensions (DNSSEC) secures DNS lookups by signing your DNS records using public keys, so browsers can detect if the response has been tampered with. Another solution to this issue is DoH (DNS over HTTPS) and DoT (DNS over TLS). ###### Use Cases DNSSEC information provides insight into an organization's level of cybersecurity maturity and potential vulnerabilities, particularly around DNS spoofing and cache poisoning. If no DNS secururity (DNSSEC, DoH, DoT, etc) is implemented, this may provide an entry point for an attacker. diff --git a/src/web-check-live/utils/docs.ts b/src/web-check-live/utils/docs.ts index 20355a9f..5888b683 100644 --- a/src/web-check-live/utils/docs.ts +++ b/src/web-check-live/utils/docs.ts @@ -254,7 +254,7 @@ const docs: Doc[] = [ id: "dnssec", title: "DNS Security Extensions", description: - "Without DNSSEC, it's possible for MITM attackers to spoof records and lead users to phishing sites. This is because the DNS system includes no built-in methods to verify that the response to the request was not forged, or that any other part of the process wasn’t interrupted by an attacker. The DNS Security Extensions (DNSSEC) secures DNS lookups by signing your DNS records using public keys, so browsers can detect if the response has been tampered with. Another solution to this issue is DoH (DNS over HTTPS) and DoT (DNS over TLD).", + "Without DNSSEC, it's possible for MITM attackers to spoof records and lead users to phishing sites. This is because the DNS system includes no built-in methods to verify that the response to the request was not forged, or that any other part of the process wasn’t interrupted by an attacker. The DNS Security Extensions (DNSSEC) secures DNS lookups by signing your DNS records using public keys, so browsers can detect if the response has been tampered with. Another solution to this issue is DoH (DNS over HTTPS) and DoT (DNS over TLS).", use: "DNSSEC information provides insight into an organization's level of cybersecurity maturity and potential vulnerabilities, particularly around DNS spoofing and cache poisoning. If no DNS secururity (DNSSEC, DoH, DoT, etc) is implemented, this may provide an entry point for an attacker.", resources: [ "https://dnssec-analyzer.verisignlabs.com/",