Saturday, 24 June 2017

DNS

DNS or Domain Name System is like phonebook directory of the internet. It is so important for internet surfing and other work. But people can misuse it to hack your device or your account. So read this article to save yourself.

What is DNS?

Every day we surf the internet, we initialize this by adding any URL in our browser like www.google.com. and it throws us on Google. But, how do our PC and browser know where to go because it doesn't know what does this Google stands for. Our computer and whole internet works and talks in numbers only. 


There we need something called DNS. It is like phone book which has the domain name and IP addresses of all stuff flowing on the internet. 
Every website and every user on the internet has unique IP(Internet Protocol). Which is readable to our computers and internet because it is designed in binary language. We can read those too but cannot remember it so many IPs. Just think how many IPs should be there on the internet. Figures are in billions, that's why we have something called DNS. 


DNS is a big system and very complex to understand. It works like this.

Think you want to visit any website like www.example.com. Assume your computer or device is visiting this web site first time There you need DNS and it works like this:

  • You device
Every browser has its cache memory where it stores the details of visited websites if it knows the IP of example.com then the query will stop there and you will able to see the web page for example.om. If it does not know the IP of example.com then it will go to DNS resolver of your operating system.

Every operating system has a resolver, it may enter manually or automatic in your operating system. It also has cache memory.  If it has then it will provide the IP to the browser and then the browser can connect to the server of the domain directly. But if it does not have IP then it passes this information or query to next level called root server.
  • Root Server
The root server is the biggest part of DNS. It does not contain any information of domain's IP but it does know where to find IP of the query. Your resolver asks the root for the address of domain's IP and it provides the TLD(Top Level Domain) of .com domain. All websites extensions have their owned TLD and root server knows them. And from here, next level of DNS system starts.
  • TLD(Top Level Domain)
Top Level Domain is one who may contain the information of query but it does not know the answer then your resolver needs to go to the nameserver of that domain. And TLD helps with this. It knows the nameserver's address.
  • Nameserver
The nameserver is the last part of DNS. Here the journey of finding the correct IP of domain ends. It knows all the information of query.

 As the resolver asks the IP and finds it, it saves all the information in its cache memory and tells the IP to the browser. The browser also saves this information in its cache memory for future. That's how all this process works. And it works in the blink of an eye. 
If any of the systems does not works all internet will collapse. No one will able to open any website. That's why this DNS is very important.

Security 

As DNS is a big network so it also has some holes. Not on DNS but on you so you don't catch the correct IP for your query. Also if you have the concern about your anonymity then DNS may create some problems.

Malware

Malware is very dangerous, if your PC has some then it may change your browser's cache list with some malicious website. It means whatever you type it will take you to any malicious website. They change the IP of your cache list with their websites and let you run according to them.
For this, you must have any antivirus or you should kick the malware out and need to clean the browser's cache list. 

DNS Spoofing and DDOS

DNS spoofing and DDOS attack are very famous and effective attacks on the victim. DDOS are many types and one of them is performed by DNS spoofing.
In this attack, attacker spoof the identity of the victim or he convert his IP into victim's IP address. With this spoofing, he can further perform DDOS. Because now he can send extra traffic to victim's device. 
e.g. if victim want to search google but the hacker sends the request for Facebook, then the DNS will respond for both the requests and victim's device will get extra traffic. Also if hacker performs this attacks with many computers by spoof their IP into victim's IP/ Then victim's computer will get extra traffic and will get error messages.

But usually, this attack does not provide any profit to the attacker so DDOS over DNS does not happen every day it may be a prank by a friend or someone else. But spoofing also uses to gain profit.
It may happen you type facebook.com and it open's Facebook but not a real one it maybe a fake Facebook site. Which is sent by the attacker and you will not able to find the difference so he will have your ID and Password. This is called phishing over DNS. Not only fake Facebook but also fake PayPal or your bank's website may appear in your browser.  
For this reason, always check the security of web page, if it is an official website of any famous organization then it must use the HTTPS protocol. If it does not have HTTPS protocol then don't give your details there. It may be a scam.

DNS spoofing also uses to show an advertisement to the victim. This is what scammers always needs. They want traffic to malicious websites so it happens most of the spoof attacks.

DNS Leak Test

If you think VPN may save you on Dark Web and you are fully anonymous then think once again. VPN may save you from attackers on the internet but still, if you are using your ISP's DNS then it may cause some problems with your anonymity. For this DNS lookup have been made. You can google this and find your DNS server. Also, there are organizations which allow you to change your DNS into there like the proxy server. Google also provides free public DNS servers. Which usually use to boost the speed of our internet. To change your DNS you need to configure your DNS settings manually in network settings. Usually, people use Google DNS or OpenDNS service. It can give you full anonymity.

No comments:

Post a comment

Share your experience ,please give us your feedback it is important