DNS Flashcards
Why should you never run an authoritative and recursive server on the same system
Running authoritative and recursive DNS on the same system is insecure because recursive servers handle user queries and can have their cache poisoned, spreading malicious data. Combining it with authoritative functions risks exposing sensitive data about internal networks and enables attackers to exploit the system for amplification attacks. Separation isolates these roles, reducing vulnerabilities and maintaining security.
What is the main role of DNS
DNS maps domain names to IP addresses and IP addresses to domain names
Why is DNS difficult to secure
- DNS lacks built-in security, making it vulnerable to attacks like spoofing.
- Its global infrastructure is highly complex and difficult to secure consistently.
- Political and administrative control adds challenges to improving DNS security.
What is DNS caching and why is it important
DNS caching stores query results temporarily to reduce lookup times and improve performance
What is cache poisoning in DNS
It misleads DNS queries to redirect users to malicious websites
Why are certificates important in DNS
Certificates are important in DNS because they prevent attacks like DNS cache poisoning and spoofing by verifying the authenticity of DNS responses. They ensure that the data comes from a trusted source, protecting users from being redirected to malicious websites.
What is the maximum size for DNS names
255 bytes with 63 bytes per label
What is a DNS zone
It is a group of resource records served from one primary nameserver
What are A and AAAA records in DNS
A records map to IPv4 addresses while AAAA records map to IPv6 addresses
What does TTL stand for in DNS
Time to Live which defines how long a record can be cached
What is the Kaminsky Attack
A DNS vulnerability exploiting predictable transaction IDs to poison caches.
Process;
The Kaminsky Attack works by guessing predictable DNS transaction IDs to send fake responses, which the resolver accepts and caches, redirecting users to malicious sites.
What are recursive servers in DNS
Recursive servers in DNS resolve user queries by contacting other DNS servers as needed to find the complete answer.
What are authoritative servers in DNS
Authoritative DNS servers store and provide definitive answers for specific DNS zones they are configured to manage, delivering accurate resource record data without needing to query other servers.
What are glue records in DNS
They are A(IPv4) or AAAA(IPv6) records for nameservers to prevent resolution loops
What is the function of a DNS resolver
A DNS resolver is a client that queries the DNS system to translate domain names into IP addresses and processes the responses to return the requested information.
What is EDNS0 in DNS
An extension mechanism for DNS with support for larger payloads and cookies
What is DNS over HTTPS (DoH)
DNS over HTTPS (DoH) encrypts DNS queries using HTTPS to enhance privacy and prevent third parties from intercepting or modifying DNS traffic
Why is DoH controversial
DoH is controversial because it bypasses traditional DNS controls, such as those used by network administrators for filtering and monitoring, making it harder to enforce policies or detect malicious activity. This can lead to challenges in network management and security.
What are Response Policy Zones RPZ in DNS
RPZs are used to block, redirect, or filter DNS responses based on security policies.
What is reverse mapping in DNS
It resolves IP addresses back to domain names using in-addr.arpa or ip6.arpa
Why are primary and secondary nameservers used in DNS
They are used for redundancy, load balancing, and reliability, ensuring DNS queries are resolved even if the primary nameserver fails
What is a zone file in DNS
A zone file is a text file that contains DNS records for a domain, including A, CNAME, MX, NS, and SOA records, to define mappings and settings for the DNS zone.
What is label compression in DNS
It reduces message size by reusing labels in DNS packets
Label = parts of domain name i.e. www or google or com
What is the role of mail exchangers MX in DNS
They define mail servers for a domain
What is the difference between iterative and recursive DNS queries
Iterative queries ask one server at a time, passing the next server back to the client for them to ask in turn until they find the answer.
Recursive queries are resolved by one server completely on behalf of the client, sending them back the answer, instead of sending the address of a server that might know the answer, etc etc…
Why are DNS clients considered problematic
They are often unreliable inconsistent and poorly implemented
What is the purpose of DNSSEC
To sign zones providing evidence that packets have not been tampered with
What is a delegation in DNS
It assigns authority for a subdomain to another nameserver
What is a PTR record in DNS
It maps IP addresses to domain names
Why is DNS governance challenging
DNS is complex politically sensitive and involves many stakeholders
What is DNS spoofing
It is a malicious attack redirecting users to fraudulent websites by manipulating DNS responses
What is a transaction ID in DNS
A 16-bit identifier used to match queries with responses
What is the function of the DNS root server
It is the starting point for resolving DNS queries
How does caching improve DNS performance
It stores resolved queries for future use reducing lookup times
What is the purpose of the additional section in DNS packets
It includes extra data that might be useful for the client
What are NS records in DNS
They specify nameservers for a domain
What is negative caching in DNS
It caches information about failed queries to avoid repeated lookups
What is the role of the authority section in DNS packets
It indicates the authoritative nameserver for the data
What is dynamic DNS
It updates DNS records automatically in real-time
Why should DNS resolvers not be run behind NAT
It can weaken security measures like port randomisation
What is the role of port randomisation in DNS
It improves security by making queries harder to spoof
Why is DNS scalability a concern
It struggles to handle modern internet demands without significant modifications
What are the limitations of IPv4 in DNS
It has limited address space compared to IPv6
What is the significance of SOA records in DNS
They provide information about the zone and its management
What is a wildcard record in DNS
It matches requests for non-existent names within a domain
How does DNS handle load balancing
By using multiple nameservers and sometimes anycast
What is the primary issue with legacy DNS implementations
They are prone to vulnerabilities like cache poisoning
What is a forwarder in DNS
A server that forwards queries to another server for resolution
How does DNS handle delegation
It uses NS records to point to authoritative servers for subdomains
What are common DNS query types
A AAAA PTR MX NS CNAME SOA TXT
What is the role of the query section in DNS packets
It contains the question the client wants answered
What is an example of DNS abuse
Using TXT records to store arbitrary data
What is the purpose of the flags field in DNS packets
It indicates query type and response status
What does the recursion desired RD flag in DNS mean
The client requests the server to perform a recursive query
What is an authoritative answer in DNS
It is a response directly from the authoritative server for the queried domain
What are the benefits of anycast in DNS
It improves redundancy and reduces latency
What is the purpose of the root hints file in DNS
It provides addresses of root nameservers for recursion
What is the role of secondary nameservers in DNS
They provide redundancy and load balancing
What are common security challenges in DNS
Cache poisoning spoofing and poor client implementations
Why is DNS considered a critical internet infrastructure
It enables the translation of domain names to IP addresses
What is the purpose of the opcode field in DNS packets
It defines the type of query or operation
What are the main types of DNS caching
Client-side and server-side caching
What is the significance of the DNS time-to-live TTL value
It defines how long a record can be cached before it must be refreshed
What are common attack vectors against DNS
Kaminsky attack cache poisoning and spoofing
Why are DNS queries often slow
Due to recursive resolution and network delays
What is the impact of a misconfigured DNS zone
It can lead to resolution failures and incorrect responses
What are the challenges with DNS over HTTPS DoH
It bypasses traditional controls and creates enforcement difficulties
What is the purpose of glue records in DNS
To prevent resolution loops by including IP addresses for nameservers
What is the difference between A and PTR records
A records map names to IP addresses PTR records map IP addresses to names
What is the role of the additional section in DNS queries
It provides extra information that may help resolve the query
Why is DNSSEC adoption low
It is complex and does not address common use cases effectively
What is the purpose of DNS iterative queries
To resolve parts of a name step-by-step starting from the root