What Is DNS?

Definition

The Domain Name System (DNS) is the method by which an Internet Protocol (IP) address, a set of numbers (such as 173.194.39.78), is converted on a computer or other connected device into a human-readable domain name (such as www.google.com).

DNS History

In the earliest days of the internet, the only way to get to a website was to enter the IP address, that long series of numbers, into their browser window. In the early 1980’s, American computer scientist Paul Mockapetris and his colleague Jon Postel developed a system that automatically mapped IP addresses to domain names—and the DNS was born. This same system still serves as the backbone of today’s internet.[2]

Analysis

DNS has been dubbed the “phone book” of the Internet. Supposed you want to read the New York Times online. You enter its domain name, www.nytimes.com, into your browser and see the front page of the news outlet. You can then navigate to different sections of the paper by clicking on links titled “Business”, “Sports”, “Opinion” or to specific articles, each with its own domain name and IP address. Behind the computer screen, the query is sent to several servers across the internet in this order:

  • A recursive resolver server: This is the first stop for a DNS query from the client—the laptop, smartphone or any number of IoT devices—to the name servers down the line. If the resolver server can identify the IP address from the domain name, the connection is made. If not, it asks the next server.
  • A root name server: There are 13 root name servers in this system, but that doesn’t mean there are only 13 physical servers on the planet. They are replicated several times over using virtualisation. From there, the query moves to the next stop.
  • A top-level domain (TLD) name server: The top-level domain is the part of a domain name that is .com, .gov, .edu, or .org, among others. TLDs also include country codes such as .us, .uk, .ru, or .jp.
  • An authoritative name server: When a recursive resolver receives a response from a TLD name server, that response will direct the resolver to the last stop, the authoritative name server. This server contains information specific to the domain name it serves (such as google.com) and it can provide a recursive resolver with the IP address of that server.[3]

DNS Security

DNS comes with several potential security issues. Given that the system is so widely used, any kind of DNS failure could theoretically be catastrophic. That’s a major concern, said Mockapetris, the co-developer of DNS, in an interview with tech magazine TechTarget in 2016.[4] Billions of devices around the world are connected by DNS. And billions more will soon be connected by the internet of things (IoT), Mockapetris said.

In the height of the pandemic, threat actors attacked the DNS settings of people working from home amid the global Covid-19 pandemic. The attackers began changing DNS settings in Linksys routers, pointing users to what appeared to be legitimate website that includes a pop-up message with information about the pandemic. But once a user clicked through, a fake coronavirus-related app was downloaded. It performed a host of nefarious activities, according to security researchers.[5]

The FBI’s Internet Crime Complaint Center (IC3) warned the public in March 2020 to watch out for online scams related to Covid-19 that include links that download malware onto the target’s computer. The scams invite people to make charitable contributions, receive airline ticket refunds, offer fake cures for Covid-19 or fake testing kits and other tricks designed to obtain personal information.

Resources

  1. Cloudflare.com
  2. Cloudflare.com
  3.  
  4. Shannon Vavra, Cyberscoop. “Hackers are messing with routers’ DNS settings as telework surges around the world” March 2020.
  5. Shannon Vavra, Cyberscoop. “Hackers are messing with routers’ DNS settings as telework surges around the world” March 2020.