Public DNS Server

A Public
The DNSDNS
public Serverserver
is one that has anameserver
is the lot of information
thatabout which website
networked is hosted onmay use
computers
towhich IP. When
resolve theDNS
DNS resolves
query. a website
That mayto an IP
beaddress
used itinmight haveofto(or
place ask in
multiple
addition to) the
DNS servers assigned by your ISP. These are publicly available,the
servers. The Public DNS Servers keep information about which other servers down andlaneanyone
needs to be asked.
can easily access them. The public DNS server is also called a public
There are total 94 DNS Servers in India, such are—
recursive nameserver or public DNS resolver.

Running DNS query on Centos:

1.

Sakshi and Tripti

 2.

3.

How to change your DNS server settings :

what is my DNS Server ?
Windows:
open your command prompt from the start menu (or type "Cmd" into the search in your
windowDNS settings
task Bar). are specified
Next ,type in the TCP/IPinto
ipconfig/all Properties window for
your command the selected
prompt networkenter.
and press
connection.
Look for the field labeled "DNS Server." the first address is the primary DNS Server
and the next address is the secondary DNS Server
Example: Changing DNS server settings on Windows 10

1. Go to the Control Panel.

Sakshi and Tripti

What is in the DNS database?

The database contains

2. Click Network andallInternet
free and public and
> Network DNS servers
Sharing to choose
Center > Changetoadapter
replace the original
settings.
ones configured by your ISP. This list includes the IPv4 and IPv6 public DNS servers in
3. Select the connection for which you want to configure Google Public DNS. For
the world.
example:
 To change the settings for an Ethernet connection, right-click the Ethernet interface
and select Properties.
What is the best public DNS service?
 To change the settings for a wireless connection, right-click the Wi-Fi interface and
select Properties.
Founded Ifinyou
2005
are and now for
prompted owned by Cisco, password
an administrator OpenDNS is one of thetype
or confirmation, biggest names in
the password
public DNS. The free service
or provide confirmation. offers plenty of benefits: high speeds, 100% uptime,
phishing sites blocked
4. Select by default,
the Networking optional
tab. Under This parental controls-type
connection web items,
uses the following filtering to block
websites select
by content type,
Internet along
Protocol with free
Version email support
4 (TCP/IPv4) if anything
or Internet goes
Protocol wrong
Version 6
(TCP/IPv6) and then click Properties.
5. Click Advanced and select the DNS tab. If there are any DNS server IP addresses
listed there, write them down for future reference, and remove them from this
The 8 steps window.
in a DNS lookup:
6. Click OK.
7. Select Use the following DNS server addresses. If there are any IP addresses listed
in the Preferred DNS server or Alternate DNS server, write them down for future
1– A user types ‘example.com’ into a web internet browser and the question
reference.
takes 8.a trip into
Replace theaddresses
those Internetwithand isaddresses
the IP received byGoogle
of the a Domain Name System
DNS servers:
recursive resolver.
 For IPv4: 8.8.8.8 and/or 8.8.4.4.

 For IPv6:
2– The resolver then2001:4860:4860::8888
queries a Domain and/orName System root nameserver (.).
2001:4860:4860::8844.
 For IPv6-only: you can use Google Public DNS64 instead of the IPv6 addresses in
3– The root server then
the previous responds to the resolver with the address of a
point.
Top-Level Domain (TLD) Domain Name System server (such as .com
9. Testwhich
or .co.uk), that yourstores
setup is the
working correctly;
details for see
its Test your new When
domains. settings. searching for
10. Repeat the procedure for additional network connections you want to change.
example.com, our request is pointed toward the .com TLD.

4– The resolver then makes a demand for the .com TLD.

5– The TLD server thenUsing reacts Dig Command

with the IP address of the domain’s
nameserver, example.com.
The dig (Domain Information Groper) command is a DNS lookup utility. It’s often used by system
and network administrators to collect Domain Name Server information. Apart from collecting data,
6– the
Lastly, the recursive
dig command is a useful toolresolver
for network sends out aandquery
troubleshooting solving to
DNSthe domain’s nameserver.
issues

7– The IP address for example.com is then returned to the resolver from the
How to Install dig on CentOS
nameserver
.
8– The Domain Name System resolver then responds to the web internet
browser with
sudo yum the
install IP address of the domain requested at first.
bind-utils

The command installs the bind-utils package, a collection of utilities that include dig and other DNS
querying.
Sakshi and Tripti
DNS different features/services they are providing to people.
1.Free: Google Public DNS server is a Free service that you can integrate with your
website. It protects your data and helps load your website much faster with caching.
The server also has a Premium service designed for organizations, known as Google
Cloud DNS.

2.Latency: These include its actual load, available network capacity, latency to root,
TLD, and authoritative name servers. DNS latency includes both latency from the
user to the resolver and, in the case of cache misses, from the resolver to the
authoritative name server.
High latency in DNS traffic can result in an overall sluggish experience for end-users.
In the DNS Settings pane, you can quickly identify DNS latency issues in your
configuration.

3.Security: A DNS firewall is a tool that can provide a number of security and
performance services for DNS servers. A DNS firewall sits between a user’s recursive
resolver and the authoritative nameserver of the website or service they are trying to
reach. A robust security system in DNS would also eliminate the need for
organizations and users to install additional software to filter content and malicious
sites effectively. Some clients want to simultaneously stay protected from malicious
attacks and reduce the number of unwanted advertisements.

4.DNSSEC: DNSSEC stands for Domain Name System Security Extensions and is
an additional security extension to our DNS service. Additional safety layers
DNSSEC, together with our Anycast DNS, gives your brand additional layers of
security, and in your customer platform you have full control of DNS and zone files.
DNSSEC creates a secure domain name system by adding cryptographic signatures to
existing DNS records. These digital signatures are stored in DNS name servers
alongside common record types like A, AAAA, MX, CNAME, etc. By checking its
associated signature, you can verify that a requested DNS record comes from its
authoritative name server and wasn’t altered en-route, opposed to a fake record
injected in a man-in-the-middle attack.

5. User Privacy:
Improving DNS privacy

Two changes to the DNS resolution process that can improve end-user privacy
protection are the following:

1. providing confidentiality to DNS transactions through encryption; and

Sakshi and Tripti
 2. minimizing the information leaked to DNS authoritative name servers.

6. DNS OVER HTTPS:DNS over HTTPS (DoH) is a protocol for performing remote Domain
Name System (DNS) resolution via the HTTPS protocol. A goal of the method is to increase user
privacy and security by preventing eavesdropping and manipulation of DNS data by man-in-the-

middle attacks[1] by using the HTTPS protocol to encrypt the data between the DoH client and the

DoH-based DNS resolver.

Sakshi and Tripti