Abstract

This research investigates the implementation and effectiveness of Domain Name System Security Extensions (DNSSEC) in conjunction with Bettercap for mitigating Man-in-the-Middle (MITM) attacks in network environments. Through a comprehensive virtual lab demonstration, we examine the vulnerabilities in traditional Domain Name System (DNS) and evaluate how DNSSEC’s cryptographic signing mechanisms enhance security. The study employs Bettercap as both an attack simulation tool and a monitoring platform to demonstrate real-world MITM attack scenarios and their prevention. Our experimental setup includes multiple virtual machines configured to simulate various network topologies, allowing for controlled testing of DNSSEC implementation against common attack vectors. Results demonstrate that effective DNSSEC deployment notably decreases vulnerability to DNS spoofing and MITM attacks, achieving substantial success in detecting and preventing unauthorized DNS record modifications. The study also highlights implementation challenges and offers practical recommendations for network administrators. This work contributes to the growing body of knowledge on DNS security and offers empirical evidence supporting the adoption of DNSSEC in modern network infrastructures.