Home / Networking / Beginners

Domain Name System (DNS)

In the early days of the Internet, hosts were referenced by IP addresses. Although this was functional, it was inconvenient-few people could memorize many different IP addresses. The simple resolution was to use meaningful strings (hostnames) instead of IP addresses [RFC226]. By 1983, lists of hosts and their IP addresses were available for download [RFC881, RFC921, RFC952]. These lists mapped hostnames to IP addresses and vice versa.

During this time, another need developed. Email [RFC524] was becoming a core requirement of the network, but not every host operated an email server. The host lists were extended to include mail servers. Email sent to a particular host could be delivered to a different mail server.

Host lists provided necessary information but were not dynamic. New hosts added to the network needed to wait for the updated list to be propagated across the network. In addition, as more hosts became network enabled, the distribution of host lists became a network bottleneck. Out of this evolving environment, DNS was formed. The Domain Name System (DNS) is an extendible, distributed data management system [RFC1034]. It provides support for dynamic updates, hostname and network address mapping, and additional information about hosts and domains.

DNS was designed for massively large networks. The current DNS system easily distributes the workload and supports the millions of computers on the Internet. DNS provides individuals and companies the ability to change their DNS content as needed. In addition, DNS is an extendible information system that allows any type of host-related information to be accessed by remote systems. DNS was never designed for security, however. This oversight in architecture has opened DNS to a variety of implementation-independent attacks. The attack vectors include direct DNS vulnerabilities, technical attacks that exploit configuration weaknesses, information reconnaissance, and social attacks that target the human interfaces to DNS.

In this tutorial:

  1. DNS Common Uses
  2. Hostname-to-Address Mapping
  3. Common Lookup Tools
  4. Naming Confusion Attack Vectors
  5. Dotted Names
  6. Name Formatting
  7. Exploited Anonymity
  8. Mail Servers
  9. Sender Policy Framework Overloading
  10. Domain Keys Overloading
  11. DNS Protocol
  12. Packet Information
  13. Simple DNS Server
  14. Distributed Architecture
  15. Top Level Domain Servers
  16. Generic Top Level Domain (gTLD)
  17. Secondary Level Domain (SLD)
  18. Primary and Secondary Servers
  19. Caching Servers
  20. DNS Management
  21. DNS Direct Risks
  22. DNS Performance versus Security
  23. DNS Cache Poisoning
  24. Corrupt DNS Packets
  25. DNS Domain Hijacking
  26. DNS Server Hijacking
  27. Dynamic DNS
  28. Similar Hostnames
  29. Domain Renewals
  30. Hostnames
  31. Zone Transfers
  32. Host Listing
  33. DNS Fields
  34. Mitgation Option
  35. Technical Threat Mitigation
  36. Social Threat Mitigation
  37. Defining Trusted Replies