- Domain Naming System (DNS)
DNS is a type of protocol used to set standards for exchanging information on the Internet and private networks. DNS is a kind of navigation, like GPS on Mobile. Domain names in DNS are separated by dots. The last word in a domain name is called the top level domain. The word in the left-most end is known as the host name. It specifies the importance of a host for specific purpose. The words or characters in between the dots are known as labels. The domain entered should be unique, so it is controlled by an authority called registry which is under the service of ICANN. The domain name hierarchy is divided in terms of tree nodes.
When a new domain name is registered or updated in a DNS server, it takes about 12-36 hours for all the DNS servers to get updated and gain access to the information. The time period is also referred as propagation. DNS servers are present within every geographic proximity through each ISP (internet service provider) that maps the domain names for your computer’s requests. It also forwards them to other servers.
- How DNS Works?
-
Name Entry: Domain name of the site should be entered in the search engine. Then a query is created to access the DNS.
-
Requesting Information: The place the computer looks first is the DNS cache. DNS cache is the location where recently retrieved information is stored. If it is not found there, a DNS query should be performed.
-
Recursive DNS servers: If the information is not stored in local history, then the ISP’s recursive DNS servers are queried by the computer. Since the recursive servers contain their own caches, the information is returned to the computer user if found.
-
Root Name Servers: After the unsuccessful recursive DNS server query, the computer queries the root name servers. It acts as like a phone switchboard for the DNS. It answers the questions of each domain name by the IP addresses. It also directs the query to some other server, if the query is not answered.
-
TLD Name servers: Root name servers take the last part of the request and direct the query to TLDs (top level domain name servers). TLDs have their own name servers so, even if the TLDs don’t have the information we need, they refer us directly to the name servers containing the information.
-
Authoritative DNS servers: TLD name servers check the next part of the request and search or direct the query responsible for this particular domain. Authoritative name servers are the servers that contains the information about every specific domain. This information is stored in DNS records. Each record has a different type of information.
-
Retrieval of Record: The recursive server retrieves the data or information obtained from authoritative name servers. It then stores the retrieved record in its cache locally. The advantage is that if again someone need the same information, it doesn’t need to perform the same process again. Once in a while, the recursive server asks for new copy to update information without being out of date.
Receiving Answer: The computer receives the record of data from recursive server. It then stores the data record in its cache for future references. The IP address is read and information is passed to the web browser, which will open a connection to the web server, obtaining the website.
http://resources.infosecinstitute.com/attacks-over-dns/
No comments:
Post a Comment