DNS

Jan 1, 0001

Definition

DNS (Domain Name System) is a hierarchical and decentralized naming system used to resolve human-readable domain names (like www.example.com) into machine-readable IP addresses (like 192.0.2.1). It functions as the internet’s phonebook, enabling users to access websites using domain names instead of numerical IP addresses. DNS is critical for the functionality of the internet, but it can be vulnerable to various attacks, such as DNS spoofing or cache poisoning, if not properly secured.

Secure Settings Example

# Example of a secure DNS server configuration using BIND
options {
    directory "/var/named";
    allow-query { trusted_networks; };
    allow-recursion { trusted_networks; };
    dnssec-enable yes;
    dnssec-validation yes;
    rate-limit {
        responses-per-second 5;
        window 5;
    };
};

Insecure Settings Example

# Example of an insecure DNS server configuration
options {
    directory "/var/named";
    allow-query { any; };  # Allows any IP to query the DNS server
    allow-recursion { any; };  # Allows any IP to perform recursive queries
    dnssec-enable no;  # DNSSEC is disabled
    dnssec-validation no;  # DNSSEC validation is disabled
};

DNS

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter