The biggest problem is that there is no method to validate DNS replies, which makes it simpler for hackers to utilize cache poisoning.
DNS cache poisoning is the process by which a threat actor feeds bogus data into the DNS cache, causing the user's web browser to respond incorrectly. Users are typically redirected to a different website than the one they had originally meant to visit by this response.
Using a huge number of requests for erroneous or nonexistent records, a DNS NXDOMAIN flood DDoS attack seeks to overwhelm the DNS server. A DNS proxy server, which consumes the most resources, frequently handles these attacks.
To know more about cache poisoning visit :-
https://brainly.com/question/17113669
#SPJ4
