Networking / Beginners

DNS Management

The distributive nature of DNS makes it difficult for a single entity to control. Instead, different organizations are responsible for different levels of servers. Each of the root servers operates under the guidance of the Internet Corporation for Assigned Names and Numbers (ICANN) (http://www.icann.org/). ICANN accredits the root servers to ensure that they maintain compatibility. ICANN also defines the gTLD and ccTLD suffixes and authorizes domain registration providers. Each of the domain registrants can allocate new domain names and insert primary name server information into the TLDs. The InterNIC Web site (http://www.internic.net/) includes a list of more than 500 accredited registrars.

Domain names are closely associated with network addresses. The Internet Assigned Numbers Authority (IANA) is responsible for allocating blocks of network addresses to organizations. One person, Jonathan (Jon) Postel, effectively operated IANA until his untimely death in 1998. Pastel was one of the most important pioneers for the Internet (and the author of many RFCs that define the Internet). Since his passing, the duties of IANA have been distributed among a set of Regional Internet Registry (RIR) providers.

Each RIR provides network address allocations, domain registration (DNS and WHOIS), and reverse DNS for a global region. For example, the American Registry for Internet Numbers (ARIN) provides support for the United States and Canada. Other RIRs include AfriNIC (Africa), APNIC (Asia and Pacific), LACNIC (Mexico and Latin America), and RIPE (Europe, the Middle East, and parts of Asia).

Individuals, companies, and other online entities submit domain names to local DNS registrars. The local registrars update the RIR, and the RIR informs the TLD providers. However, the individuals, companies, and online entities are responsible for their own primary DNS servers. In many cases, the primary and secondary DNS hosting is outsourced to third-party providers. Determining the group responsible for managing DNS depends on the level within the DNS hierarchy.

[Previous] [Contents] [Next]

In this tutorial:

  1. Domain Name System (DNS)
  2. DNS Common Uses
  3. Hostname-to-Address Mapping
  4. Common Lookup Tools
  5. Naming Confusion Attack Vectors
  6. Dotted Names
  7. Name Formatting
  8. Exploited Anonymity
  9. Mail Servers
  10. Sender Policy Framework Overloading
  11. Domain Keys Overloading
  12. DNS Protocol
  13. Packet Information
  14. Simple DNS Server
  15. Distributed Architecture
  16. Top Level Domain Servers
  17. Generic Top Level Domain (gTLD)
  18. Secondary Level Domain (SLD)
  19. Primary and Secondary Servers
  20. Caching Servers
  21. DNS Management
  22. DNS Direct Risks
  23. DNS Performance versus Security
  24. DNS Cache Poisoning
  25. Corrupt DNS Packets
  26. DNS Domain Hijacking
  27. DNS Server Hijacking
  28. Dynamic DNS
  29. Similar Hostnames
  30. Domain Renewals
  31. Hostnames
  32. Zone Transfers
  33. Host Listing
  34. DNS Fields
  35. Mitgation Option
  36. Technical Threat Mitigation
  37. Social Threat Mitigation
  38. Defining Trusted Replies