diff --git a/posts/1733218835053.md b/posts/1733218835053.md new file mode 100644 index 0000000..8c9a32a --- /dev/null +++ b/posts/1733218835053.md @@ -0,0 +1,98 @@ +--- +title: 'Domain Name System (DNS): Architecture, Operation, and Security' +date: 2024-12-01 +author: Soulaimane Yahya +gravatar: b07a2846505a2629b7123ad50d5e21c303cf7c562a8893473c2114f7491c7796 +twitter: '@soulaimaneyh' +image: 'https://raw.githubusercontent.com/multividas/engineering-multividas/main/thumbnails/DNS-Resolution-Domain-Name-System-IP-Address-Lookup-Name-Resolution-DNS-Resolver.png' +--- + +Domain Name System (DNS): Architecture, Operation, and Security + +--- + +### Table of content + +- Shortly, what is DNS ? + - Shortly, what is DNS resolution? Importance of DNS in Networking ! + +- How DNS resolution works + - DNS Query Process + - Recursive vs Iterative DNS Queries + - DNS Hierarchy (Root, TLDs, and Authoritative Servers) + +- DNS Components + - Domain Names and Zones + - Name Servers + - Resource Records + +- DNS Record Types + - A, AAAA, and CNAME + - MX, NS, and TXT + - PTR, SRV, and SOA + +- DNS Configurations + - Setting Up DNS for a Domain + - Forwarding and Reverse DNS + +- Advanced DNS Concepts + - DNS Caching + - DNS Load Balancing + - Dynamic DNS (DDNS) + +- DNS Security + - Common DNS Threats (Spoofing, DDoS) + - DNSSEC (DNS Security Extensions) + - Mitigation Strategies + +- DNS in Practice + - Tools for DNS Troubleshooting (dig, nslookup) + - Real-World Use Cases + +- Future of DNS + - DNS over HTTPS (DoH) and DNS over TLS (DoT) + - Challenges and Innovations + +- Conclusion + - Recap of Key Points + - DNS’s Role in Modern Internet Infrastructure + +# Domain Name System (DNS): Architecture, Operation, and Security + +# Shortly, what is DNS resolution? + +Domain Name System (DNS) resolution, is the process by which domain names are translated into IP addresses. When you type a website's domain name into a web browser, such as "**multichat.network**" your computer needs to know the corresponding IP address to establish a connection with the website's server. + +# Importance of DNS in Networking ! + +DNS in Networking is `crucial` because it enables easy access to websites by converting domain names into IP addresses + +- ensuring reliable and efficient routing of internet traffic + +Without DNS, users would need to remember numerical IP addresses to access websites. + +### DNS Security Issues: + +- **DNS Spoofing**: Attackers inject false DNS responses to redirect traffic. +- **DNS Cache Poisoning**: Malicious data is stored in DNS cache, causing incorrect IP address resolution. +- **DNS Amplification Attacks**: Exploiting DNS servers to launch DDoS attacks. +- **Domain Hijacking**: Gaining unauthorized control over domain registration. +- **Man-in-the-Middle Attacks**: Intercepting DNS queries and responses to steal sensitive data. + +# How DNS resolution works: + +# Request Initiation + +When you enter a domain name (e.g., **multichat.network**) in your web browser, your computer sends a DNS resolution request to a `DNS resolver`. +The resolver can be; + +- Internet Service Provider's (ISP) +- DNS server +- third-party DNS resolvers like Google DNS, Cloudflare DNS or OpenDNS (cisco)… + +# Recursive Query + +DNS Resolution Domain Name System IP Address Lookup Name Resolution DNS Resolver Recursive Query Root DNS Servers TLD DNS Servers Authoritative DNS Servers DNS Records DNS Caching DNS Lookup DNS Infrastructure DNS Hierarchy DNS Resolution Process DNS Resolution Time DNS Response Time DNS Response Codes DNS Forwarding DNS SecurityDNS Resolution Domain Name System IP Address Lookup Name Resolution DNS Resolver Recursive Query Root DNS Servers TLD DNS Servers Authoritative DNS Servers DNS Records + + +The `DNS resolver` receives the request and starts the resolution process. If the resolver doesn't already have the IP address corresponding to the domain name in its **cache**, it begins a `recursive query`. diff --git a/thumbnails/DNS-Resolution-Domain-Name-System-IP-Address-Lookup-Name-Resolution-DNS-Resolver.png b/thumbnails/DNS-Resolution-Domain-Name-System-IP-Address-Lookup-Name-Resolution-DNS-Resolver.png new file mode 100644 index 0000000..e0ab671 Binary files /dev/null and b/thumbnails/DNS-Resolution-Domain-Name-System-IP-Address-Lookup-Name-Resolution-DNS-Resolver.png differ