Presentation is loading. Please wait.

Presentation is loading. Please wait.

THE DNS (DOMAIN NAME SYSTEM). Before the DNS, all computers connected to the internet through ARPANET (the worlds first operational packet switching network).

Published byBryan Payne Modified over 8 years ago

Similar presentations

Presentation on theme: "THE DNS (DOMAIN NAME SYSTEM). Before the DNS, all computers connected to the internet through ARPANET (the worlds first operational packet switching network)."— Presentation transcript:

1 THE DNS (DOMAIN NAME SYSTEM)

2 Before the DNS, all computers connected to the internet through ARPANET (the worlds first operational packet switching network). They were connected through a single file (HOSTS.TXT), this provided mapping between host names and network addresses. However, relying on one file for the whole internet is risky business, and a new system was needed. That’s where the DNS comes in… HOW IT STARTED

3 Think of the DNS as a phonebook, because that’s essentially what it does. Instead of having to memorise a set of numbers for a website, you just type in the domain name and you’re put through to that site. Imagine having to remember a number like 69.63.184.142 just to log on to your facebook, but thanks to the DNS, you don’t need to. HOW IT WORKS

4 The DNS has 3 main components: Name Space Name Server Resolver WHAT MAKES THE DNS

5 The Name Space gives each website a structure. Inside the name space are nodes, these are separated by a period in each address. Every address has to be unique in its own way otherwise collisions and errors may occur. For example, www.facebook.com is broken down into two name spaces – facebook and.com, with.com being the TLD (Top Level Domain)www.facebook.com THE NAME SPACE

6 Name servers hold information about name spaces (this includes sub-sections and zones) and the hierarchical tree structure of the DNS, it responds to queries by outlining how domain addresses are translated. There are two types of name servers: Authoritative Name Server Recursive and Caching Name Server THE NAME SERVERS

7 This provides the results whenever a DNS query is made. There are two types of Authoritative name servers – a master server and a slave server. The master server stores the original copies of all zone records and does the query lookups for each query. The slave server is an exact copy of the master server and is used to share the load with the master. It can also serve as a back up to the master. (What is Authoritative Name Server? 2011) AUTHORITATIVE NAME SERVER

8 The recursive and caching name server takes a significant amount of load off the authoritative server by acting like an archive. It stores DNS lookup queries so the authoritative name server doesn’t have to answer the query itself, this means it can answer some queries much faster than the authoritative server and also allows the it to answer other queries. (What is Authoritative Name Server? 2011) RECURSIVE AND CACHING NAME SERVER

9 The resolver's task is to translate any user’s query from a domain name to an IP address and back again. This is done so the user sends and receives the correct domain name and IP address. When a host is configured, it is assigned one default Name Server and IP address. The first place the resolver looks is the name server it is assigned, if it cant find the answer there it asks the root server, which directs it to a name server with the right data. THE RESOLVER

10 Its almost impossible to specify a size for the DNS. You can look at it in a number of ways. You can look at the ’13’ root servers (not really, there are many hundreds of root servers at over 130 physical locations (Davies, 2007)) Or you can look at the data size, which is ever increasing or the number of domains that are registered. However, no matter which way you look at it, you cant really give it a size…so just accept the fact that it is really, really big. HOW BIG IS THE DNS?

11 There isn’t really any legislation on the actual DNS itself, but there are laws regarding website domains. Most legal issues concerning the DNS are between two parties (usually a registered company versus an individual) fighting it out for a certain domain name. Here are a few types of cases that have come up: Cyber squatters: Some people bought certain domain names expecting to sell it to companies for a large profit. These people lost as they were violating trademark laws. Competitors: Some companies registered domain names as their own so they can embarrass their competitors. Free riders: Others registered domain names of companies more famous than them so that they can gain from it. DNS LEGISLATION

12 Like almost every network service, the DNS is susceptible to security risks. Here’s a list for the most dangerous risks facing the DNS: Typosquatting DDoS DNS Amplification Attacks Registrar Hacking Cache poisoning. DNS PROBLEMS

13 This is when a user registers a domain name that is similar to a registered trademark. Typosquatting can be used to steal information. Researchers from Godai Group say that the obtained 120,000 email just by simply typosquatting. They basically registered a domain name similar to one that already existed, and if users made a mistake (by missing a dot) their email was sent to the group. They discovered that passwords, sales info and other secrets could be stolen. (Mohan, 2011) TYPOSQUATTING

14 Distributed Denial of Service attacks. No matter how well protected a website may be, if it can not handle a large number of incoming requests, the sites performance will be degraded or even disabled. (Mohan, 2011) DDOS

15 By hoodwinking the source address on DNS queries to match that of the intended victim, attackers found that every counterfeit packet sent from one of their bots could be amplified if sent to a recursive name server. The response sent to the victim would be many dozens of times larger than the original query DNS AMPLIFICATION ATTACKS

16 Most domain names are registered via a registrar company; this epitomizes a single point of failure. If a hacker can hack your account with your registrar they can then control your domain name thus pointing it to any name/web/email server they desire. They can even transfer ownership of the domain to another registrar. (Mohan, 2011) REGISTRAR HACKING

17 Attackers can insert wrong addressing information into caches. This allows them to send the user to a server that they control, and if the replica site is good enough, the user cannot tell if it is the real thing or not. As it was demonstrated by the “Kaminsky Bug” back in 2008, if an attacker can imitate a site or email, they can gain many things like money, secrets, passwords etc. (Mohan, 2011) CACHE POISONING

18 Alvin. (2006). DNS COMPONENTS. Available: http://www.accuwebhosting.com/Articles/DNS_COMPONENTS.html. Last accessed 8/01/2012. http://www.accuwebhosting.com/Articles/DNS_COMPONENTS.html What is Authoritative Name Server? (2011). http://dnsknowledge.com/whatis/authoritative-name-server/http://dnsknowledge.com/whatis/authoritative-name-server/ Davies, K. There are not 13 root servers. 2007. Retrieved from: http://blog.icann.org/2007/11/there-are-not-13-root-servers/http://blog.icann.org/2007/11/there-are-not-13-root-servers/ Ram Mohan. (2011). Five DNS Threats You Should Protect Against.Available: http://www.securityweek.com/five-dns-threats-you-should-protect-against. Last accessed 08/01/2012. http://www.securityweek.com/five-dns-threats-you-should-protect-against Bug picture - http://raesofcolor8.wordpress.com/2010/10/05/that-aint-no-bug/http://raesofcolor8.wordpress.com/2010/10/05/that-aint-no-bug/ Phonebook picture - http://inhabitat.com/green-rant-stop-sending-me-phone-books/http://inhabitat.com/green-rant-stop-sending-me-phone-books/ Name space picure - http://www.zytrax.com/books/dns/ch2/http://www.zytrax.com/books/dns/ch2/ Typosquatting picture - http://techpatio.com/2010/blogging/marketing/google-earn- 500000000-typosquatting-yearlyhttp://techpatio.com/2010/blogging/marketing/google-earn- 500000000-typosquatting-yearly REFRENCES

Download ppt "THE DNS (DOMAIN NAME SYSTEM). Before the DNS, all computers connected to the internet through ARPANET (the worlds first operational packet switching network)."

Similar presentations

Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.

Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.
Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.

Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.
Domain Name System: DNS

Domain Name System: DNS
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)
25.1 Chapter 25 Domain Name System Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

25.1 Chapter 25 Domain Name System Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
DOMAIN NAME SYSTEM. Introduction  There are several applications that follow client server paradigm.  The client/server programs can be divided into.

DOMAIN NAME SYSTEM. Introduction  There are several applications that follow client server paradigm.  The client/server programs can be divided into.
Domain Name System ( DNS )  DNS is the system that provides name to address mapping for the internet.

Domain Name System ( DNS )  DNS is the system that provides name to address mapping for the internet.
TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.

TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.
Domain Name Services Oakton Community College CIS 238.

Domain Name Services Oakton Community College CIS 238.
TELE 301 Lecture 11: DNS 1 Overview Last Lecture –Scheduled tasks and log management This Lecture –DNS Next Lecture –Address assignment (DHCP)

TELE 301 Lecture 11: DNS 1 Overview Last Lecture –Scheduled tasks and log management This Lecture –DNS Next Lecture –Address assignment (DHCP)
Chapter 16 – DNS. DNS Domain Name Service This service allows client machines to resolve computer names (domain names) to IP addresses DNS works at the.

Chapter 16 – DNS. DNS Domain Name Service This service allows client machines to resolve computer names (domain names) to IP addresses DNS works at the.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Network Protocols Chapter 25 (Data Communication & Networking Book): Domain Name System (DNS) 1.

McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Network Protocols Chapter 25 (Data Communication & Networking Book): Domain Name System (DNS) 1.
Chapter 17 Domain Name System

Chapter 17 Domain Name System
Paper Presentation – CAP 6135. Page 2 Outline Review - DNS Proposed Solution Simulation Results / Evaluation Discussion.

Paper Presentation – CAP Page 2 Outline Review - DNS Proposed Solution Simulation Results / Evaluation Discussion.
Domain Name System CH 25 Aseel Alturki

Domain Name System CH 25 Aseel Alturki
October 8, 2015 University of Tulsa - Center for Information Security Microsoft Windows 2000 DNS October 8, 2015.

October 8, 2015 University of Tulsa - Center for Information Security Microsoft Windows 2000 DNS October 8, 2015.
1 Kyung Hee University Chapter 18 Domain Name System.

1 Kyung Hee University Chapter 18 Domain Name System.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)
Domain Name System (DNS)

Domain Name System (DNS)

Similar presentations

Ads by Google