Professional Documents
Culture Documents
Domain Name System Security: Rabia Noreen L1S10MSCS0002
Domain Name System Security: Rabia Noreen L1S10MSCS0002
Domain Name System Security: Rabia Noreen L1S10MSCS0002
Security
Rabia Noreen
L1S10MSCS0002
What is DNS?
Domain Name System
Domain Name System(Service or Server), an
Internet service that translates domain names into
IP addresses. Because domain names are
alphabetic, they're easier to remember. The
Internet however, is really based on IP addresses.
Need Of Domain Name System
Humans can’t think like computers. They just
can’t remember dozens of IP addresses. They
need easy-to-remember names to locate their mail
server or their favorite web pages. For example,
instead of typing an IP-number like140.90.99.144
on your browser you type in www.amazon.com.
Example:
““.com”, which indicates a name registered
to a business for commercial use on the
Internet.
Second-Level Domain
Variable-length names registered to an individual
or organization for use on the Internet.
Example:
““microsoft.com. ”, which is the second-level
domain name registered to Microsoft by the
Internet DNS domain name registrar.
Sub Domain
Additional names that an organization can create
that are derived from the registered second-level
domain name.
Example:
“example.microsoft.com.”, which is a sub domain
assigned by Microsoft.
Host Or Resource Name
Names that represent a leaf in the DNS tree of
names and identify a specific resource. Typically,
the leftmost label of a DNS domain name identifies
a specific computer on the network.
Example:
““host-a.example.microsoft.com.”, where the first
label (“host-a”) is the DNS host name for a
specific computer on the network.
DNS Query Types
Why Domain Name System
Security?
DNS data is too readily changed, removed
or replaced between the “server” and the
“client”.
This can happen in multiple places in the
DNS architecture.
DNS Attacks
DNS cache poisoning
DNS spoofing
DNS ID hacking
DNS Cache Poisoning
It is a security or data integrity compromise
in the Domain Name System (DNS). The
compromise occurs when data is introduced
into a DNS name server's cache database
that did not originate from authoritative
DNS sources.
DNS Cache Poisoning
DNS Spoofing
Denial of Service
Masquerading
Client Flooding
DNSSEC