Categories
Tags
269 words
1 minutes
DNS (Domain Name System)
DNS (Domain Name System)
π What is DNS?
- DNS translates domain names (e.g.,
www.hackthebox.com) into IP addresses. - Itβs like the Internetβs phonebook, helping browsers find websites.
- DNS is distributed β no central database.
- Thousands of DNS servers globally share this data.
π Types of DNS Servers
| Type | Role |
|---|---|
| DNS Root Server | Top-level; connects TLDs (e.g., .com, .org) with authoritative servers. 13 exist globally, managed by ICANN. |
| Authoritative Nameserver | Final authority for a DNS zone (e.g., domain.com). Responds with official DNS data. |
| Non-authoritative Nameserver | Not the main source. Gets info from others via recursive/iterative querying. |
| Caching Server | Temporarily stores DNS responses to reduce load and speed up queries. |
| Forwarding Server | Forwards queries to another DNS server. |
| Resolver | Often on your PC/router; starts the resolution process. Not authoritative. |
π DNS Security
- DNS is not encrypted by default.
- Vulnerable to spying, spoofing, MITM attacks.
- Secure alternatives:
- DoT (DNS over TLS)
- DoH (DNS over HTTPS)
- DNSCrypt (Encrypts DNS traffic)
ποΈ DNS Records
| Record | Function |
|---|---|
A | IPv4 address |
AAAA | IPv6 address |
MX | Mail servers |
NS | Name servers |
TXT | Misc info (SPF, DMARC, Google verification) |
CNAME | Alias for another domain |
PTR | Reverse DNS β IP to domain |
SOA | Zone info + admin email (hostmaster@domain.com) |
π§ͺ Example:
dig soa www.inlanefreight.comβοΈ DNS Configuration (Bind9 Example)
1. Local Config Files (Main Control)
/etc/bind/named.conf.local/etc/bind/named.conf.options/etc/bind/named.conf.log
π Example:
zone "domain.com" {
type master;
file "/etc/bind/db.domain.com";
allow-update { key rndc-key; };
};2. Zone Files (Forward Lookup)
π Example: /etc/bind/db.domain.com
$ORIGIN domain.com
@ IN SOA dns1.domain.com. hostmaster.domain.com. (
2001062501 ; serial
21600 ; refresh
3600 ; retry
604800 ; expire
86400 ) ; minimum TTL
IN NS ns1.domain.com.
IN MX 10 mx.domain.com.
server1 IN A 10.129.14.5
www IN CNAME server23. Reverse Zone Files
π Example: /etc/bind/db.10.129.14
$ORIGIN 14.129.10.in-addr.arpa
@ IN SOA dns1.domain.com. hostmaster.domain.com. (
2001062501 ; serial
...
)
5 IN PTR server1.domain.com.β οΈ Dangerous Configurations (Security Risks)
| Option | Description |
|---|---|
allow-query | Controls who can query the DNS server |
allow-recursion | Controls who can use recursive lookups |
Misconfigurations (especially with Bind9) can:
- Leak data
- Allow DNS amplification attacks
- Create backdoors for attackers