The DNS (Domain Name System) is one of the most critical protocols in use on the Internet. Virtually every end user transaction involves a DNS query. Every email, text message, and web page viewed requires interaction with a DNS server. With such a critical service, it’s no surprise that it has increasingly become the target of attack since its inception in 1983. There are multiple ways the DNS can be attacked. The current implementations of DNS are inherently insecure and prone to attack using various methods including cache poisoning, man-in-the-middle attacks, DDoS (Distributed Denial of Service) Amplification attacks, or simply just hijacking the registrar and changing the authoritative DNS servers to the choice of the attacker, among others.
Corey Quinn | Senior Technical Consultant at Taos[/caption][caption id="attachment_480" align="alignright" width="160"]
A part of what I do at Taos involves interviewing prospective consultants for our Unix/DevOps practice via a thorough technical assessment. Our technical interview spans virtually the entire breadth of topics that encompass the practice of systems administration.
One focus area that I like to spend a bit of time on is DNS. This essential service acts as the underpinning behind almost everything else a system does; when DNS goes away, your system is likely to be very, very unhappy. Despite this, few people tend to have a grasp upon how DNS works underneath the hood. I went searching for a decent write-up that explains the name resolution process, and struggled to find anything succinct that hit the points I felt were important.