Professional Documents
Culture Documents
Domain Name Server
Domain Name Server
How does your computer know that www.facebook.com is at IP 202.54.116.3? How can you track your networks health?
The first IP networks distributed host files on a regular basis IP Addresses are a must for computers as they include the information used for routing IP addresses are tough for humans to remember. IP addresses are impossible to guess.
The DNS is the hierarchical naming system for computers, services, or any resource participating in the internet Resolves internet host name into an ip address and vice versa
Major Components:
arpa net
edu
com
org ac
in
uk nl
rpi albany
arpa
arpa
com
in
gov
mil
net
org
us
ac
iimcal www
Iimcal.ac.in doamain
Name resolution is the process by which resolvers and name servers cooperate to find data in the name space Remember, not a search To find information anywhere in the name space, a name server only needs the names and IP addresses of the name servers for the root zone (the root name servers) The root name servers know about the top-level zones and can tell name servers whom to contact for all TLDs
Local DNS
XYZ
ping www.facebook.com.
xyz
ping www.facebook.com.
Root DNS
Local DNS
xyz
ping www.facebook.com.
Com domain
xyz
ping www.facebook.com.
Root DNS
Local DNS
Com doamin
xyz
ping www.facebook.com.
Local dns
ns1.facebook.com
ping www.facebook.com.
Root dns
Local dns
ns1.facebook.com
Com domain
ping www.facebook.com.
Local dns
ns1.facebook.com
ping www.facebook.com.
xyz
ping apps.facebook.com.
ns1.facebook.com
com domain
ping apps.facebook.com.
Ns1.facebook.com
Com doamin
xyz
ping apps.facebook.com.
Root dns
Local dns
ns1.facebook.com
Com domain
xyz
Ping apps.facebook.com.
ns1.facebook.com
Com domain
xyz
ping apps.facebook.com.
The entire communication is done by the exchange of the resource records. Format:(name,value,type,ttl) Type:A :Name server :Cname :Mail Exchange
TTL: It is the time period for which the record is to be available in the cache of the device
Ns1.facebook.com
Com doamin
xyz
ping apps.facebook.com.
DNS A accepts the response of DNS B without performing any checks and puts corrupted records in its cache.
DNS ID Spoofing:
Machine X needs to know the IP of machine Y X assigns a random identification number (16 bits) to the request it sends to the DNS and expects this number to be present in the DNS reply
An attacker using a sniffer, intercepts the DNS request and sends the reply to X containing the correct identification number but with an IP of his choice.
Client Flooding:
Client sends a DNS query. Attacker send thousands of responses made to appear as if originating from the DNS server. Client accepts responses because it lacks the capability to verify the response origin.
Queries Chances
100 0.0728
200 0.2621
400 0.7048
650 0.9604
750 0.9865