Domain Name Server
The Domain Name System (DNS) is the standard name resolution strategy used on networks today. DNS is nonproprietary, meaning that it works on all operating system platforms from Linux to UNIX and Windows operating systems. The function of DNS is to resolve host names such as http://google.com, to an IP address. In this case, google.com resolves to 74.125.39.103, one of many different IP addresses for Google, depending on your location. Host names make it easier for people to remember web addresses rather than their IP address.
DNS servers perform a vital role for the web and its users. The function of a DNS server is to provide name resolution from domain names to IP addresses. This means it maps the domain name, such as google.com, to its IP address. The DNS server follows a systematic process. The DNS server consults its own databases for the requested information. If need be, a DNS server will also contact other DNS servers as needed to get the necessary information. This process may involve a large number of queries.
As you may know, each endpoint network device, such as a server or workstation, requires a unique IP address. A device’s IP address is similar to a physical mailing address for snail mail in that it helps data get routed to the proper recipient. Because people cannot be expected to remember hundreds of IP addresses, they rely on a hierarchical system of domain names. In terms of hierarchy, domains read right to left, with the first being a special top-level domain (TLD). Examples are .com, .net, .aero, or .edu. These represent a group or type of domains. For example .aero is for registered airline companies or pilots, while .edu is strictly for educational institutions.
DNS operates in the DNS namespace. The DNS namespace is an organized, hierarchical division of DNS names. At the top level of the DNS hierarchy is an unnamed DNS node known as the root. The entire internet has 13 root servers. All other nodes in the DNS hierarchy are known as labels. Together they form the DNS tree.
Perhaps the best example of a DNS tree can be seen using the internet. At the top level are domains such as .com, .org, or .edu as well as domains for countries such as .ca (Canada) or .de (Germany). These are in fact called top level domains (TLDs). Table 4-2 shows some of the more common top-level domain names and their intended purpose.
Below these top-level domains are the subdomains associated with organizations, for example, Microsoft.com. In many of the TLDs in Table 4-2, any individual may register a subdomain. However, some TLDs restrict who may register a subdomain. For example, the TLD “.aero” is available only to organizations and people in the aviation industry. Figure 4-5 shows a sample of the DNS organization of the internet.
Table 4-2 Common Top-Level Domain Names and Their Intended Purpose
| TLDS | DESCRIPTION |
|---|---|
| .com | Used by commercial organizations |
| .gov | Government organizations |
| .net | Network providers |
| .org | Nonprofit organizations |
| .edu | Educational organizations |
| .mil | Military |
| .ca (for example) | Country-specific domains |
FIGURE 4-5 A sample of the DNS organization of the internet.
DNS Names
The DNS naming structure can be confusing. Consider the following DNS name for a server:
When reviewing a DNS naming system, whether for an internal DNS or internet DNS, the left-most part identifies the machine name, in this case bigbox. Moving to the right, support is a child domain of acme.com.
Continuing to the right you have acme.com that is a child domain of the top-level domain .com. In this case, whoever wanted to create the domain acme.com had to contact an established domain registrar. For the .com domain, several commercial registrars are available for individuals and organizations to create subdomains.
Most internal networks and the internet use DNS naming. This means that you will need to plan and design the DNS namespace that will be used. You should consider your organization’s functions or internal divisions, such as shoes.xyz.com and support.xyz.com. Perhaps it is important to identify by geographical location, such as prague.xyz.com or peoria.xyz.com.
The first step is to choose the top-level domain name that will be used to host the organization’s name on the internet. Although .com is the most popular, a nonprofit organization may opt to use .org, and a university may use .edu. Next, choose the second-level domain name that identifies the actual organization, google.com, for example. This is often referred to as the parent domain name and is the domain name used on the internet.
Common DNS Attacks
DNS is a fundamental service for networks and therefore has to be secured. There are many different strategies to secure DNS servers, many of which involve verifying that the DNS server is correctly installed. Before looking at ways to protect the DNS service, let us take a quick look at the types of attacks that are used against DNS systems:
DoS attacks—DoS attacks attempt to overflow the DNS server with recursive queries or queries it must forward to another DNS server. The intended result is to tax the resources of the original DNS server, leaving it unable to handle legitimate name resolution requests.
Footprinting—In this type of attack, the attacker attempts to obtain DNS zone data, which may provide the domain names, computer names, and even IP addresses of network systems. This is an early form of reconnaissance before a targeted attack.
Address spoofing—Essentially, IP spoofing involves convincing a sending computer that the attacker is the intended recipient when it is not. Network devices use the IP address to determine the sender and receiver for a data transmission. In spoofing, the hacker assumes the identity of a legitimate IP node.
Redirection—In a redirection attack, the attacker attempts to redirect DNS queries to servers operated by the attacker.