Networking / Beginners

Dynamic DNS

The Dynamic Host Configuration Protocol (DHCP) [RFC2131] is commonly used to assign network information to hosts on local networks. DHCP provides new hosts with network addresses, default gateways, and DNS server information. These hosts are only accessible by their network addresses, however, so a user wanting to connect to a DHCP-assigned host cannot access the host by a hostname.

Dynamic DNS (DDNS) [RFC2136] addresses the hostname issue for DHCP. Using DDNS, a DHCP client can place a hostname in the local DNS system. Although the DHCP client may be assigned a new network address each time it connects to the network, DDNS ensures that the hostname always points to the host's new network address.

Clients can readily configure DDNS hostnames. For example, under Debian Linux's DHCP3 package, the file /etc/dhcp3/dhclient.conf offers a send hostname field for specifying the DDNS hostname.

Unfortunately, DDNS permits name hijacking. Any hostname that is not associated with an active DHCP address can be requested. If a host is offline or unavailable, then another host can readily hijack the hostname. As long as the hijacked name is associated with a valid DHCP host, the true host cannot request the name.

DNS plays a critical role for the Internet. The ability to compromise or hijack a hostname directly leads to DoS, MitM, and other system attacks. DNS servers have direct risks and technical attacks, but there are other methods for compromising a host or domain. These risks target the human factor. Social risks for DNS include similar hostnames, automatic name completion, social engineering, and domain renewals.

[Previous] [Contents] [Next]