Domain Name System (DNS)
In the early days of the Internet, hosts were referenced by IP addresses. Although this was functional, it was inconvenient-few people could memorize many different IP addresses. The simple resolution was to use meaningful strings (hostnames) instead of IP addresses [RFC226]. By 1983, lists of hosts and their IP addresses were available for download [RFC881, RFC921, RFC952]. These lists mapped hostnames to IP addresses and vice versa.
During this time, another need developed. Email [RFC524] was becoming a core requirement of the network, but not every host operated an email server. The host lists were extended to include mail servers. Email sent to a particular host could be delivered to a different mail server.
Host lists provided necessary information but were not dynamic. New hosts added to the network needed to wait for the updated list to be propagated across the network. In addition, as more hosts became network enabled, the distribution of host lists became a network bottleneck. Out of this evolving environment, DNS was formed. The Domain Name System (DNS) is an extendible, distributed data management system [RFC1034]. It provides support for dynamic updates, hostname and network address mapping, and additional information about hosts and domains.
DNS was designed for massively large networks. The current DNS system easily distributes the workload and supports the millions of computers on the Internet. DNS provides individuals and companies the ability to change their DNS content as needed. In addition, DNS is an extendible information system that allows any type of host-related information to be accessed by remote systems. DNS was never designed for security, however. This oversight in architecture has opened DNS to a variety of implementation-independent attacks. The attack vectors include direct DNS vulnerabilities, technical attacks that exploit configuration weaknesses, information reconnaissance, and social attacks that target the human interfaces to DNS.
In this tutorial:
- DNS Common Uses
- Hostname-to-Address Mapping
- Common Lookup Tools
- Naming Confusion Attack Vectors
- Dotted Names
- Name Formatting
- Exploited Anonymity
- Mail Servers
- Sender Policy Framework Overloading
- Domain Keys Overloading
- DNS Protocol
- Packet Information
- Simple DNS Server
- Distributed Architecture
- Top Level Domain Servers
- Generic Top Level Domain (gTLD)
- Secondary Level Domain (SLD)
- Primary and Secondary Servers
- Caching Servers
- DNS Management
- DNS Direct Risks
- DNS Performance versus Security
- DNS Cache Poisoning
- Corrupt DNS Packets
- DNS Domain Hijacking
- DNS Server Hijacking
- Dynamic DNS
- Similar Hostnames
- Domain Renewals
- Hostnames
- Zone Transfers
- Host Listing
- DNS Fields
- Mitgation Option
- Technical Threat Mitigation
- Social Threat Mitigation
- Defining Trusted Replies