9. Network security: application layer and DNS Flashcards
What does DNS stand for?
Domain name system
What does HTTP stand for?
Hypertext transfer protocol
What are the internet email protocols (3)?
IMAP, POP, SMTP
What does FTP stand for?
File transfer protocol
What is telnet?
Early remote access protocol
What is SSH?
Secure remote access protocol
What is TLS used for?
Secure encrypted browsing (HTTPS)
What does URL stand for?
Uniform resource locators
What are URLs?
Standardised format for describing the location and access method of resources via the internet
What is the structure of a url?
scheme://user:password@host:port/url-path?query-string
What is the structure of the host (URL’s)?
subdomain.domain.top-domain
What is DNS used for most often?
Maps domain names to IP addresses (many to many)
What is an A record?
Address record (IP address)
What is an MX record?
Mail server for domain
What is an NS record?
Name server, authoritative server for domain
What is a resolver?
Program that retrieves DNS records and caches them
What is iterative resolution?
Name sever refers client to author active server (repeat) com -> Facebook-> mobile
What is recursive resolution?
Name sever quires another server (recurse) and forwards final answer
How does DNS Cache Poisoning work?
- Attacker sends a DNS request
- Before local DNS gets responce attacker floods server with fake responces
- Local DNS caches malicous responce
- Future requests will return malicous responce from cache
What is a glue record?
Address records with nameserver and IP addresses
Why do we need glue records?
To resolve circular dependencies.
If the NS for www.example.org os ns1.example.org then we have a circular dependency (www and nsw are within example.com), so we use the IP of the authorative name server to complete the query.
What is DNSSEC?
DNS replies signed by public-key cryptography
