Sunday, 23 July 2017

Domain Name System (DNS) – At the Heart of the Internet

It is safe to say that without the Domain Name System (DNS), the Internet would not be the force it is today.

In the early days of the Internet, users trying to reach another host on the network were required to input lengthy IP number strings (e.g., 74.125.45.105- a listed IP address for Google). As the internet grew number strings became more cumbersome and unworkable as most users could not consistently remember the proper sequencing of random numbers.

To simplify this process, a solution was developed based on a data solution (flat file) that related each IP address to a comparatively easy-to-remember common language address (e.g., Amazon.com, U-Tube.com, and Twitter.com) that was easy to remember and provided ease of use.

By the late 1980s, the flat file had evolved to the Domain Name System (DNS) in use today-a system that is open, distributed, and expands as users, enterprises, Internet Service Providers (ISPs) and domains appear on the network. Ease of use and expandability was the goal but, since cyber security attacks and malware were virtually unknown, DNS security was not a priority.

DNS is very effective and works in the background of search activity. Internet users are assured that when they type in a URL or e-mail address, they will be connected to the correct Web site or e-mail box. Many commercial companies developed brand strategies based on this functionality in order to use the Internet’s reach to develop more customers and increase sales/revenue. Most of these companies adopted a.com or.net extension. The Federal government adopted a.gov or.mil extension.

DNS Brand Implications

The functionality of DNS opened the branding world to the Internet. Common names became commonplace brands (e.g. Google, Bing, Amazon, and E-Bay) and powerful strategies were developed to market brands on the Internet.

An entirely new marketing strategy called Search Engine Marketing (SEM) developed whereby keyword searches and positioning on search pages developed into a major industry. Premier placing on the first page of a search engine gave the recipient an advantage for more business versus the competition.

Google became a multi-billion dollar concern by developing algorithms that enabled effective and powerful key word searches. Web based purchases supported by easy, convenient key word searches now account for 20-30% of all retail business and the web based e-commerce market share continue to enjoy strong growth. DNS is an integral part of this success. But as traffic on the Internet grew, the entire net became vulnerable to Cyber attacks. A good portion of this vulnerability can be attributed to the inherent vulnerability of DNS.

DNS is inherently Insecure

The original design of the Domain Name System (DNS) did not include robust security features; instead it was designed to be a scalable distributed system and attempts to add security, while maintaining backwards compatibility were rudimentary and did not keep pace with the skills of malicious hackers. As a result cyber attacks created Internet chaos.

Security may top the list of enterprise and network administrators, but too often the link between security vulnerability and DNS is not understood. In order to enhance security and defend against cyber attacks, government agencies, commercial enterprises and network administrators must acknowledge the importance of DNS to the secure operation of the Internet.

Consequently, any commercial company that uses the Internet for sales, e-commerce, service, marketing or logistics, as well as Internet Service Providers (ISPs) and large, strategically sensitive government networks need to be aware of DNS vulnerability.

As the Internet expands in terms of users, devices and traffic, so does the opportunity for sophisticated DNS mayhem-whether malicious (hacking), aggravating (spam) or illegal (accessing sites containing content that violates legal and regulatory mandates) or devastating denial of service (DoS) attacks..

It became very evident that enterprises and ISPs must protect their users and networks-sometimes from the amateur hacker but increasingly from organized crime and state sponsored cyber terrorism. One of the most vulnerable, critical areas was DNS. Cyber attacks are expected to increase and have a bigger impact as the Internet grows.

The internet is also growing by an order of magnitude and just about every user of the internet is directly affected by the Domain Name System (DNS). The Domain Name System (DNS) is an essential part of the Internet. Many Internet security mechanisms, including host access control and defenses against spam and phishing, heavily depend on the integrity of the DNS infrastructure and DNS Servers.

DNS Servers

DNS servers running the software known as BIND (for Berkeley Internet Name Daemon, or sometimes Berkeley Internet Name Domain), is one of the most commonly used Domain Name System (DNS) server on the Internet, and still proclaims it to be so.

Presently, BIND is the de facto standard DNS server. It is a free software product and is distributed with most UNIX and Linux platforms. Historically, BIND underwent three major revisions, each with significantly different architectures: BIND4, BIND8, and BIND9. BIND4 and BIND8 are now considered technically obsolete. BIND9 is a ground-up rewrite of BIND featuring complete Domain Name System Security Extensions (DNSSEC) support in addition to other features and enhancements. But even with the rewrite BIND, in all versions, remains vulnerable.

A new version, BIND 10 is under development but the effectiveness of it its security features are untested. Its first release was in April 2010, and is expected to be a five-year project to complete its feature set.

Although BIND is still the de facto DNS software because it is included by most UNIX based server manufacturers at no cost, a number of other developers have produced DNS Server software that addresses the inherent weaknesses of BIND. Ratings of these packages can be found on http://www.kb.cert.org/vuls/

9 Comments

  • [url=http://th.oracleabc.com/libido/]http://th.oracleabc.com/libido/[/url]
    [url=http://hu.adanailkhaber.com/engineaging/]http://hu.adanailkhaber.com/engineaging/[/url]
    [url=http://cz.i-liaison.com/hairgraying/]http://cz.i-liaison.com/hairgraying/[/url]
    [url=http://et.buslik.net/hallux/]http://et.buslik.net/hallux/[/url]
    [url=http://el.oracleabc.com/legs/]http://el.oracleabc.com/legs/[/url]

  • Hey!

    Up to 50% OFF for President’s Day, EXP:Feb.28 I felt the same way too after making them over in transaction fees.
    made in china mobile list [url=http://kilamo.info/]best android phone philippines cheap[/url] note 7 drop test.
    The Nano SIM occupies the second tray in the phone that can also be used for a SD card so you cant have both dual SIM functionality and extra storage space but with GB on board that should not be too much of a problem. A stroke of marketing genius then but a risky strategy.
    Consumer Cellular seems like a contender. benchmark Score of iPhone series which is monstrous yet no other device touched that so it indicates that the new iPhone will be much powerful.
    china mobile android price list [url=http://kilamo.info/]best smartphone from china[/url] meizu ep auto 0 percent.
    It isnt perfect but this can be a handy workaround if youre keen. Youll find this plastic at the top and bottom on the backside and this is to allow the antennas to work and not have the metal interfere with them.
    Here in the US they have much greater market share unfortunately. The first two devices that will be sold directly to customers are the Redmi X for MXN and the Redmi Note for MXN.
    10 best android phones to buy in 2016 under 15000 [url=http://kilamo.info/]10 best android phones to buy in 2014[/url] buy huawei p8r head hunters.
    All the compact cameras recommended below offer better image quality than most smart phones and are not much bigger or heavier either perfect for throwing in a jacket pocket. GB of RAM GB of storage with room for a GB SD card and a mAH rated battery.
    If you want to get hands on with a new smartphone before buying one visiting the high street retailers gives you a chance to really play with the devices and ask questions. You can choose color accents all around your personalized phone and the back cover material between soft grilastic real wood or real leather.
    htc one m8 verizon [url=http://kilamo.info/]best android phones january 2016[/url] blue book nj office.
    IPS HD display GHz quadcore CPU GB RAM GB internalGB expandable memory dual SIM MP rear MP front camera G etcDisplay HD IPS LCD. Fortunately unshackled from Microsoft Nokia is once again free to make smartphones with operating systems users want.

    Up to 71% OFF,Low to $0.99 for Black Friday,EXP:Nov.28 Check the map on their website before buying.
    das beste china smartphone [url=http://kilamo.info/]cheapest china android phone[/url] htc desire 930 ub.
    Margins are now decent though we do make a little bit less due to lower volumecapacity but I sleep better at night. A sporty riding position places the rider in a comfortable dynamic seating stance thats ideal for mastering curves without being overly cramped when its time to commute across town or out on a weekend journey.
    uSwitch Limited is registered in England and Wales Company No. Powerful search filters for targeted results.
    buy best android phones with good [url=http://kilamo.info/]best android phone dialer[/url] top 13 juegos nokia lumia 520 por silcadum parte 1.
    This will mean the Alta HR will present more data for exercise as well as offer more accurate calories burned data as it will more aware of how hard you are working. ca for vehicle availability details and systems limitations.
    Read more of this story at Slashdot The companys curation team was overwhelmed by the number of Stories submitted so Snap built a tool to let users search on their own. The device comes with a price tag of and is something which looks a value for money.
    best android phones range upto 6000 [url=http://kilamo.info/]chinese phone android[/url] buy huawei p8r welding journal.
    AT T Next has a few payment plan options access to which can vary depending on your credit. May not redeem for cash or use at ATMs or automated gas pumps.
    Most Online sellers grow their business by taking advantage of excellent deals and discounts when they come around. Even Iphone looks dull in comparison.
    zte nubia my prague price [url=http://kilamo.info/]best chinese smartphone camera[/url] opportunity top o the world.
    TMobile has not made any determination as to the call quality performance or other functionality of these devices. OnePlus will be their latest flagship device will soon surely rock the market with huge sales and specs too.

  • Ihr Sexualleben wird nicht die gleiche sein – eine gro?e Auswahl an Frauen, Manner und Paare fallt, zwingt denken uber bisher unbekannte Aspekte des Geschlechts. «Banana.ua» entfallt die komplexe und Verlegenheit, so dass jederzeit ein Online-Formular zur Ausgabe, mit einem Hauch von Feuer und wurzigen Geschmack auf die enge Beziehung von jedem Paar hinzuzufugen. Hier wissen, wie selbst die anspruchsvollsten Geschmacker uberraschen [url=http://example.com?gfffg23]![/url]

Leave a Reply

Your email address will not be published.