DNS stands for “Domain Name Systems”. As already mentioned in a previous post, Domain Name System is a technology (software) based on a database that resolves host names into IP addresses. That is, it translates the IP of a certain machine into the name of the domain that we want to access in just a few milliseconds.

Why are IP addresses necessary?

Each computer connected to a network (either a home network or the Internet) has an IP address assigned. Remembering the name of each IP was a simple task back in the 60s when there were only 4 of them. As the number of connected devices increased, this task became more difficult. Just like our phone book on our mobile phone associates 9-digit numbers with contact names, Domain Name System translates the IPs into easy-to-remember word such as www.google.es.

How does it work?

Continuing with the same example, let´s suppose that a user types  www.google.es into the address bar of the browser. The brower looks up the IP address for the domain name via NS and delivers the information to the user. Although the entire process is done in a few milliseconds, the browser temporarily keeps the information in its Domain Name System cache to further speed up the process when possible. This transformation process is known as domain name resolution.

Structure

DNS is decentralized. there is no machine responsible for translating all the existing domain names into IP addresses, but there are different DNS zones. These zones are groups of servers responsible for resolving the IP addresses of a certain zone. When a DNS can´t respond to a request with the information existing in its database, it can request the information to the server in charge of the corrresponding zone (some examples of zones are: .com, .es, .org, etc. ). Once the request has been forwarded, if it matches the DNS database, and the information is available, the pertinent IP address is sent back.

DNS components

  • Client: is the client machine used to send queries to the DNS Server: our smartphone, tablet or desktop PC.
  • Server: Is the server responsible for responding to user requests and resolving domain names.
  • Zone: is the server or group of servers responsible for resolving a set of domains such as .es, .com or .org).

What can happen if a DNS gets hacked?

If a hacker detects and exploits a DNS vulnerability, they can manipulate/alter the domain name resolution process to redirect users to malicious sites instead to the legitimate ones.

Do you want to know how you can protect your business against zero-day attacks, cache poisoning and any other attack originating from a DNS vulnerability? Find out how RITech can secure your users´ browsing sessions and protect your business.

Follow us on Twitter and LinkedIn to stay up on the latest updates!.