Wednesday, December 4, 2024

Using DNS Servers to Improve Network Security

Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

The Domain Name System (DNS) is something we all use and depend on, yet don’t really pay much attention to; if you have some time to investigate alternatives, you could really enhance your network’s performance and security.

Before I tell you how to do this, let’s have a brief explanation of what DNS is. Think of what a phone book does; it allows you to look up someone’s phone number so long as you know the person’s name. The DNS does something similar for computers. For example, if you type in “google.com” it translates that name into a sequence of four numbers, called an IP address, which functions something like a phone number does. In this case, google.com’s number is 74.125.95.104.

The overall Internet infrastructure has a series of master phone books, or DNS root servers, located at strategic places around the world and maintained by a collection of public, semi-public, and private providers. They talk to each other on a regular basis to make sure that as we add new domains they are in synch.

As you may imagine, if someone wants to “poison” one of the entries, or misdirect Internet traffic to a phony domain, it can be done with the right amount of subterfuge. This is what happened in 2008 when an Internet provider in Pakistan managed to block access to all of YouTube when they were apparently just trying to keep Pakistanis from viewing a single video.  A more comprehensive list of the various flavors of DNS attacks can be found here at Google.com.

Read the rest at eSecurity Planet.

Subscribe to Data Insider

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more.

Similar articles

Get the Free Newsletter!

Subscribe to Data Insider for top news, trends & analysis

Latest Articles