DNS utilizing
Nowadays quite enough users are aware of the security software concept. There exist basic ways to protect unwary surfers from fraud sites, intrusive advertising, as well as botnets and other unwanted visitors. Here DNS services are implied.
Perhaps, some brief information about DNS or Domain Name System (DNS) should be placed here. In general, it’s a computer distributed system for obtaining information about domains. Every time one surfs the net, typing a site name into the browser, DNS is queried for the IP address corresponding to the particular domain, so the browser can contact the Web server to get the content.
If to speak about DNS server types, there are two of them: recursive and authoritative. The ones that are used by most individuals and small companies (and that are covered here) are called recursive DNS and are the default services provided by most Internet Service Providers (ISPs). Authoritative DNS services are the ones, which allow website owners or hosts to define the Web server IP addresses that their domain names point to and to manage other DNS settings.
Since DNS servers are the middlemen between your browser and website content, there are many third-party DNS services that offer additional functionality for both users and network administrators. These tools can include:
• Content filtering. This can be conveniently implemented to block adult sites and other unwanted content, while requiring no software on the computers and devices.
•Malware and phishing blocking. This can be performed by the content filtering tool also, to block sites containing viruses, scams and other dangerous content.
•Protection against botnets. This blocks communication with known botnet servers so your computer isn’t taken over.
•Advertisement blocking. This is another type of content filtering, which some DNS services specifically concentrate on.
•URL type correction. E.g., if you mistype gogle.com, it will be corrected to google.com
Still, it should be pointed out that the speed, reliability and performance of DNS servers can vary. Slow or poor domain resolution can translate into slower and less reliable web browsing.
What is the DNS system vulnerability?
The process of converting a domain name to IP-address is called the resolution of DNS. When you enter a domain name in the address bar, browser accesses the server names for the corresponding IP-address. As it was mentioned above, there exist two types of name servers: the authorized name servers that store complete information about the area, and recursive name servers that respond to DNS queries for Internet users and store DNS replies for a certain period of time. When a recursive name server receives the response, it places it in the cache (stores) to speed up subsequent requests. Of course, caching reduces the required number of requests for information, but it can bring about fraud attacks using the so-called MITM technology.
Thus, among the attack consequences can be found:
• hacking e-mail addresses;
• intercepting transmitted protocol VoIP;
• creating fake Web sites;
• stealing passwords and account information;
• stealing credit card numbers and other confidential information.