What Is DNS
DNS is one of the most well know factors based on the internet, but still many don’t know about it in detail. In the old days when of the internet, people were using an IP address to correspond with their computers.
Now a specific domain name is used for corresponding for wider network e:g technoschain.com etc, because of it nobody needs to memorize the IP address or complex alphanumeric IP address except the domain name which is a piece of cake for anyone to memorize.
It is also considered as a phonebook.
How it Works?
It is used as a street no to find the house address.
Let’s understand how the process works in some steps.
- Entering Domain Name: Suppose, you search for domain example.com on the browser. What happens, the browser sends the domain name (you typed i:e example.com) to the internet for inquiry about the website. When you search for the website the browser sends it as a question i:e where is example.com, after sending it to the internet it interacts with a recursive resolver first that can be operated by your ISP (Internet Service Provider).
- Interaction With Root Server: After interacting with the recursive resolver provided by your ISP, a recursive resolver knows which server your query needs to be sent to. The first DNS server your recursive resolver interacts with is the root server that is running all over the world. The recursive resolver gathers information about the DNS information for .com(Top Level Domain).
- Interaction With TLD Server: When the query interacts with the TLD server, the TLD server responds with the IP address of the Domain’s name server that will give the key to the next door.
- Domain Name Server: Now the recursive resolver sends your query to the Domain’s name server for verification. The DNS knows the complete domain name:e example.com and then it sends back this answer to the recursive resolver.
- Hosting Server: As the recursive resolver knows the IP address of the domain name, it tells the browser about the IP address and then the browser sends the request to show the website by using that IP address.
DNS Cache Poisoning
Cache Poisoning is used to put wrong information on the DNS cache to make its queries response incorrect, by which what happens is that it redirects the user to the wrong website by rendering the IP address to something resemblance like changing 1 into ‘I’, such characters look same in some screen.
The task DNS resolver performs is to translate the domain name like “technoschain.com” into an IP address that is readable for the machine when the user enters the domain name and a query is sent by the browser through the resolver to the domain name server.
After that, the resolver comes back with the IP address for the website, and then the website proceeds to load.
The resolver does the same for other domain names when the user enters the domain name in the URL box.
DNS resolver is kind of like a servant, you send a query based on the domain name you entered, and then the resolver takes it and gather information around the internet from other servers and comes back with the desired IP address to make the website run you wanted.
DNSSec (Domain Name Server Security) is a technology that protects the information on the DNS which is used on the IP networks.
When it was beginning of the Domain Name System, unlike today it was not secure.
So there were so many vulnerable issues found in it and attackers were able to corrupt data integration and information and make the user enter malicious websites or sending viruses into their devices.
When ICANN (Internet Corporation for Assigned Names and Numbers) understand the problem in the communication between DNS top, second and third-level directory server that we’re able to allow the attackers to attack the lookup, so ICANN devised the DNSSec.
How DNSSec Works
To make them secure, DNSSec adds some security extensions to extend the protection which includes:
Origin Authentication of DNS Data: It makes sure that the source can be verified by the recipient of the data.
Authenticated Denial Of Existence: It informs the resolver that a particular domain is not found or does not exist.
Data Integrity: It makes sure that the data is not altered in transit.
DNSSec uses two types of keys:
Zone Signing Key(ZSK): It signs and validates the individual record sets within the zone.
Key Signing Key(KSK): It signs the DNSKEY records within the zone.
Since the advent of the DNS, it is one of the most important topics based on the internet.
However, there were so many malicious issues in the beginning, and as we know how these issues are resolved now by the organization like ICANN.
We also have known that how its process works and how DNSSec is used to guard that process.