Release Notes

Product Introduction

Overview

Features

Product Strengths

Scenarios

Customer Cases

Purchase Guide

Getting Started

Using TSA to Perform a Cloud Risk Assessment

Using TSA to Execute a Chaos Experiment on CFG

Operation Guide

Operation Guide to TSA-Cloud Architecture

Operation Guide to TSA-Cloud Risk Assessment

Operation Guide to TSA-Chaotic Fault Generator

Operation Guide to TSA-Digital Assets

Permission Management

API Documentation

History

Introduction

API Category

Making API Requests

Other APIs

Task APIs

Cloud Architecture Console APIs

Data Types

Error Codes

FAQs

FAQs: TSA

FAQs: TSA-Cloud Risk Assessment

FAQs: TSA-Cloud Architecture

FAQs: TSA-Chaotic Fault Generator

Related Protocol

Tencent Cloud Smart Advisor Service Level Agreement

DATA PRIVACY AND SECURITY AGREEMENT MODULE CHAOTIC FAULT GENERATOR

CVM DNS Resolution Tampering Experiment Case

PDF

Focus Mode

Font Size

Last updated: 2026-03-31 23:14:00

Background
Chaotic Fault Generator (CFG) for Cloud Virtual Machine (CVM) domain name resolution tampering is designed to test the response capability of CVM when it is subject to DNS resolution tampering attacks. Domain Name System (DNS) resolution tampering is a common network attack method in which attackers tamper with DNS resolution results to redirect users to malicious websites, thereby stealing users' sensitive information or conducting other malicious activities. For this purpose, TSA-Chaotic Fault Generator (TSA-CFG) provides DNS resolution tampering experiments to test the response and recovery capabilities of business systems under attack, thereby enhancing business security and stability.
Experiment Execution
Step 1: Preparing an Experiment
Prepare a CVM instance to be experimented.
Step 2: Orchestrating the Experiment
1. Log in to the Tencent Cloud Smart Advisor (TSA) console, choose Architecture Governance, select Governance Mode, and click CFG. (For details about how to create an experiment, see Using TSA to Execute a Chaos Experiment on CFG.)
2. Click Create Experiment, enter the basic information about the experiment, and click Next.
3. Choose Compute > CVM from the Experiment Instance drop-down list, click Add via Search, and add an instance resource. Alternatively, click Add via Architecture Diagram, click a CVM resource on the architecture diagram, select the required instance, and add it.
4. After the instance is added, click Add Action. Under the Network Resources category, select DNS Resolution Tampering, and then click Next.
5. Configure fault action parameters. Enter the domain names and IP addresses to be tampered with. Separate multiple domain names with semicolons (;). Then, click OK.
6. After completing the parameter configuration, set Execution Mode and Guardrail Policy, and add metrics for Observability Metrics in the Global Configuration section. After the configuration is complete, click Submit to complete the experiment creation.
Step 3: Executing the Experiment
1. Verify the resolution before a fault. Use the ping qq.com command to test domain name resolution. The resolution is normal.
2. Go to the experiment details panel, and click Execute in the fault action group or Start Experiment in the lower part of the panel to inject a fault.
3. After successful fault injection, use ping qq.com to test the resolution. You can see that the resolution of the qq.com domain name has been tampered with.
4. Click Execute in the corresponding recovery action for recovery. 
5. After successful recovery, use ping qq.com to test the resolution again. You can see that the resolution has returned to normal.
﻿

Help and Support

Was this page helpful?

You can also Contact sales or Submit a Ticket for help.

Help us improve! Rate your documentation experience in 5 mins.

Feedback

tencent cloud

Tencent Cloud Smart Advisor

CVM DNS Resolution Tampering Experiment Case

Background

Experiment Execution

Step 1: Preparing an Experiment

Step 2: Orchestrating the Experiment

Step 3: Executing the Experiment

Help and Support