Definition
The Domain Name System (DNS) is the method by which an Internet Protocol (IP) address, a set of numbers (173.194.39.78), is converted on a computer or other connected device into a human-readable domain name, such as www.google.com.
DNS History
Years ago, when the Internet was in its pioneer days, the only way someone could get to the site they wanted to visit was to enter the IP address, that long series of numbers, into their browser window. In the early 1980s, Paul Mockapetris, an American computer scientist, developed – along with colleague Jon Postel – a system that automatically mapped IP addresses to domain names, and the DNS was born. This same system still serves as the backbone of the modern Internet today.[1]
Analysis
DNS has been dubbed the “phone book” of the Internet. If you want to read the New York Times online, for example, you enter its domain name, www.nytimes.com, into your browser and you are shown the front page of the newspaper. You can then navigate to different sections of the paper by clicking on links titled “Business,” “Sports,” “Opinion” or to specific articles, each with its own domain name and IP address. Behind the computer screen, the query is sent to several servers across the Internet in this order:
- The Recursive Resolver Server: This is the first stop for a DNS query from the client – the laptop, smartphone or any number of IoT devices – to the name servers down the line. If the resolver server can identify the IP address from the domain name, the connection is made. If not, it asks the next server.
- The Root Name Server: There are 13 root name servers in this system, but that doesn’t mean there are only 13 physical servers on the planet. They are replicated several times over using virtualization. From there, the query moves to the next stop.
- The Top-Level Domain (TLD) Name Server: The top-level domain is the part of a domain name that is .com, .gov, .edu, or .org, among others. TLDs also include country codes such as .us, .uk, .ru, or .jp.
- The Authoritative Name Server: When a recursive resolver receives a response from a TLD name server, that response will direct the resolver to the last stop, the authoritative name server. This server contains information specific to the domain name it serves (e.g., google.com) and it can provide a recursive resolver with the IP address of that server. The authoritative name server contains information specific to the domain it serves (e.g., google.com) and it can provide a recursive resolver with the IP address of that server.[2]
DNS Security
There are security issues related to DNS. Given that it is so widely used, any kind of DNS failure could theoretically be catastrophic. Paul Mockapetris, an American computer scientist and co-developer of DNS, told the tech magazine TechTarget in 2016.[3] Billions of devices around the world are connected by DNS and billions more will soon be connected by the Internet of Things (IoT), Mockapetris said.
In the height of the pandemic, hackers attacked the DNS settings of teleworkers directed to work from home because of the global coronavirus pandemic of 2020. Attackers began changing DNS settings in Linksys routers, pointing users to what they believe is a legitimate website that also includes a pop-up message with information about the pandemic. However, once a user clicks through, a fake coronavirus-related app may be downloaded containing malware that can perform a host of nefarious activities, according to Liviu Arsene, a global cybersecurity researcher at BitDefender.[4]
The FBI’s Internet Crime Complaint Center (IC3) warned the public in March of 2020 to watch out for online scams related to Covid-19 that include links that download malware onto the target’s computer. The scams invite people to make charitable contributions, receive airline ticket refunds, offer fake cures for Covid-19 or fake testing kits and other tricks intended to obtain personal information.
[1] DNS Made Easy
[2] Cloudflare.com
[3] Margie Semilof, TechTarget. “DNS co-founder discusses need for a more secure DNS”
[4] Shannon Vavra, Cyberscoop. “Hackers are messing with routers’ DNS settings as telework surges around the world”