Ethical Hacking Institute Course in Pune-India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Most of us are quite familiar with the term DNS or Domain Name System. DNS can be thought of as an attendance register for various websites present over the internet. In the case of DNS, it maintains the database of all the websites Domain Names and their IP (Internet Protocol) addresses that are operational all over the world.

Historical Notes

The origins of DNS date back to the time of ARPANET, when there were only a few computers to get an entry in the database. A HOSTS.TXT file was maintained by Stanford Research Institute, which constituted the data of all the machines, and was copied by all the host machines to remain updated.

Jon Postel from the Information Sciences Institute requested Paul Mockapetris to design the very first implementation of DNS, at the University of California, Irvine, in 1983. Then in 1984, BIND (Berkeley Internet Name Domain) was created by four students, Douglas Terry, Mark Painter, David Riggle, and Songnian Zhou, for Unix machines. After some revisions made in 1985 by Kevin Dunlap, it was later ported to Windows machines and is still the most widely used DNS on the planet.

Working Mechanism

To understand the basic working of DNS, let me guide you with an example of a hotel. Let us assume, you need to visit your friend at some hotel. Now, what will you do? You’ll reach the hotel reception and ask the receptionist for the room number of your friend. In order to do so, you’ll need to tell the name of your friend to the receptionist, who’ll check the same in her database and tell you the room number of your friend. She’ll also call your friend to confirm whether he is available or not.

Now, try to relate the example to working of DNS. In this case, you’re the client sending a request to a DNS server, the receptionist, and your friend’s name is the domain name and his room number is his IP address.

The receptionist will type your friend’s name on her computer containing the database of all the guests, called the Domain Name Space, if your friend is staying in the hotel she’ll tell you the room number, otherwise not. Similar thing happens, when you type the website name in your browser, the browser sends a request to the DNS server, if the website domain name is registered in the database with the DNS, then it’ll reply you with the IP address of the website you are trying to access, which is something like 117.234.214.14

Understanding the Domain Name and IP Address

Take the domain name, www.google.com. The naming convention moves from right to left and vice-versa for IP address. In the domain name for Google, first, the DNS will check for com which stands for the commercial domain, and is a top-level domain. Proceeding further, google is a sub-domain to com and subsequently, www is a sub-domain to google domain. The dot (.) is used to separate the domains from their sub-domains. The full domain name can only consist of 253 characters.

Now, if someone wants to know the domain name registered against an IP address, he will request the DNS server with the IP address of the website. Say, the IP address sent is  31.13.79.246, the DNS will first check the 31 then 13 then 79 and finally 246, concluding that the IP address belongs to www.fb.com. The DNS resembles the hierarchy structure of a tree, not the biological one, there is a different tree in computer data structures, in which the address 31 belongs to the top position of the tree and is the primary domain in the hierarchy, addresses 13, 79, 246 are consecutive sub-domains. The number 246 refers to the server machine hosting the website www.fb.com. All this domain and the sub-domain thing is not that much complicated as you think, but it’ll take some time for you to get it correctly if you’re new to this concept.

Evolution of DNS

In earlier days, a master file was maintained by one main server which was updated manually with the entry of every new website and then it was copied by other servers. But, as the count of websites proliferated with time, it was hard to maintain the domain name database manually. So, the need of an automated system was felt and then the ability to automatically update the database all around the world was introduced to the newer generations of DNS.

So, if you register your website name with a Domain Name Registrar, it will take around 24 hours for your website to be present in the DNS databases all around the world.

The Master-Slave server relations were introduced in which a master server maintained the database and Slave server only had to copy the database to remain updated. In order to facilitate the dynamic updates to DNS database, the mechanisms NOTIFY and IXFR were introduced.

In NOTIFY, when the master server updates the database, it sends a notification to the slave servers about the update, which then copies the database. IXFR (Incremental Zone Transfer) eliminates the need to copy the whole database every time a single entry has been made, it allows the slave servers to only add the updated entry in their database, thus reducing the efforts and making the dynamic update process faster.

Resolving IP Address

It refers to the process of translation of a domain name to its respective IP address. The DNS resolver is the client PC, you in that hotel example, which sends the query to the DNS server, the receptionist. There are two methods used for resolution:

Recursive: Now continuing with the hotel example, assume the hotel has more than one branch in the city, and the receptionist was unable to find your friend’s room number. Then she’ll check if your friend has been staying in the other branch by contacting the receptionist present there. So, if the DNS server is unable to find any IP associated with the domain name sent in the query then it’ll ask the other servers connected to resolve the IP address for the requested domain. It’ll gather the information from those servers and reply to you with the appropriate IP address.

Iterative: Suppose you also want to know the floor on which the friend’s room is situated, in order to do so, you’ll again ask the receptionist. Similarly, if the DNS resolver wants more information about a domain, it’ll initiate a new query for the same DNS server.

DNS Cache

The DNS server temporarily stores the request queries in the form of Cache, so as to reduce the response time if any other DNS resolver requests the same query. The time for which the Cache information remains valid, called TTL (Time To Live), is set by the administrator for each query record stored in the cache.

DNS Applications

The first and foremost application of DNS is nslookup, in which a DNS server replies with the IP address of the domain name requested in the query. DNS is used by different Mail Transfer Agents (MTA) like Microsoft Exchange Server and IBM Domino, so that they can deliver the e-mails more efficiently.

DNS proves to be very helpful in identifying black-listed IP addresses over the internet and barring the users from accessing them. This helps in protecting the users from spam e-mails and potential hacking attacks.

The data for each domain name and its IP address is kept on more than one DNS server, so as to retrieve the data in case any problem occurs on one server.

DNS Vulnerabilities

Cache Poisoning: Also called DNS Spoofing, is the technique used by malevolent people, in which they alter the data in resolver cache of the DNS server, rendering incorrect IP address to DNS resolver, may be to divert the user to a hacker’s machine.

DNS responses are not encrypted thus allowing the possibilities of potential attacks. However, Domain Name System Security Extensions (DNSSEC) are used to render cryptographically signed DNS responses.

Phishing attacks can be planned due to a visual resemblance of some characters on the user’s screen, like the letter l and 1 appear the same on some screens, thus redirecting users to different IP addresses by displaying the same look and feel as of the original website.

Use custom DNS

What if that hotel receptionist is very slow and many people are asking for room numbers at the same time, then she’ll not be able to provide you with correct room number quickly. So, you may ask some other person at the reception counter to attend your concern. Similarly, when we connect to the internet, we generally use the DNS Server provided by our ISPs. But what if the default DNS server is irresponsive or if it can’t handle a large number of queries at a given moment, such instances will only degrade your browsing experience. But don’t worry, there is another way out. You can configure your system to use a different DNS server for resolving IP addresses.

Popular DNS servers:

Google’s Public DNS: The search giant has set-up some serious high-grade DNS servers capable of handling millions of requests at any given moment. And they’re absolutely free to use just like Google’s other services. You can configure your machine to use the following DNS addresses:

8.8.8.8 and 8.8.4.4

OpenDNS: This is a private company which provides safe and reliable DNS server for free. Just configure the following addresses on your machine:

208.67.222.222 and 208.67.220.220

For those readers who don’t know how to configure DNS on your machine, please refer the link below:

Winding Up

DNS has been a topic of utmost importance since its advent as a systematic way to maintain such a huge database of millions of websites and servers around the world. Without DNS, it would’ve instigated a whole lot of mess of all the domain names and IP addresses, and it would’ve taken ages just to locate google.com from a haphazard collection of all the domain names. DNS has streamlined the process of IP resolution and seriously, if DNS wasn’t there, I know you would’ve burnt your brain circuits in order to remember all those IP addresses. And let me ask you, do you remember Facebook’s IP address I mentioned above. And don’t scroll up now, even I don’t remember it because DNS is there to remember it for us. We only need to express our gratitude for the noble work DNS has been doing since the last three decades, and it has become faster, smarter and more reliable.

www.extremehacking.org
Cyber Suraksha AbhiyanCEHv9, CHFI, ECSAv9, CAST, ENSA, CCNA, CCNA SECURITY,MCITP,RHCE,CHECKPOINT, ASA FIREWALL,VMWARE,CLOUD,ANDROID,IPHONE,NETWORKING HARDWARE,TRAINING INSTITUTE IN PUNECertified Ethical Hacking,Center For Advanced Security Training in India, ceh v9 course in Pune-India, ceh certification in pune-India, ceh v9 training in Pune-IndiaEthical Hacking Course in Pune-India