What Is DNS?

Date First Published: 17th January 2022

Topic: Computer Networking

Subtopic: Internet Protocols

Article Type: Computer Terms & Definitions

Difficulty: Advanced

Difficulty Level: 8/10

CONTENTS

What Are The Types Of DNS Records?
DNS Priority
DNS Vulnerabilities

DNS is short for Domain Name System and it can also be known as the phonebook of the internet. The purpose of DNS is to translate domain names into IP addresses, which makes it easier for people to remember and allows people to visit websites without memorising IP addresses, such as 151.101.66.137. Every domain name has an IP address, although not every domain name has its own IP address, since multiple domains can be hosted on the same server.

All requests for domains through a web browser contact the DNS servers, which translates the domain name into an IP address, sends a request to the web server, and then loads the webpage in the web browser. If DNS did not exist, people would have to remember the IP address of every website that they visit, which is much more difficult than remembering a domain name, such as example.com.

What Are The Types Of DNS Records?

A DNS record is a written instruction made out of text and stored inside a zone file. Some DNS records include:

CNAME record - Short for canonical name record. This is used for creating an alternative name from one domain name to another name (alias).
TXT record - This allows text to be entered into the DNS. It could be used for verification purposes.
A record - The most basic type of DNS record. It is used for pointing the domain name to a specified IPv4 address.
AAAA record - Similar to an A record, an AAAA record is used for pointing the domain name to a specified IPv6 address instead of an IPv4 address.
MX record - Short for mail exchange records. These show which mail server is in charge of accepting mails for that domain name.
NS record - Short for nameserver record. These records are used for telling the Internet where to go in order to find out the IP address of the domain name as well as pointing to the nameservers, which are in charge of managing and publishing DNS records of that domain name.
CAA record - Short for Certificate Authority Authorisation record. It is used for restricting which Certificate Authority are authorised to issue SSL (Secure Sockets Layer) certificates for a domain name. Without a CAA record, it is possible for any Certificate Authority to issue an SSL certificate for a domain name.
SOA record - Short for Start Of Authority Records. This is used for storing and providing important information about a domain, such as the administrator's email address, the time when the domain name was last updated, etc.
SRV record - Short for Service Record. It is used for indicating the services the domain operates along with the hostname and port number.
DS record - Short for Delegation Signer record. It contains the unique characters of the public key of the domain name which is used in SSL certificates.
PTR record - Short for Pointer record. The opposite of an A record. It is used to perform a reverse DNS lookup, which is a query that starts with the IP address and looks up the domain name. A normal DNS lookup matches the domain name to the IP address.
Web redirect record - To redirect requests from one domain name to another domain name.
NAPTR record - Short for Name Authority Pointer. It is most commonly used for applications in internet telephony.
RP record - To specify the mailbox of the person that is responsible for hosting the domain name.
TLSA record - To associate a TLS certificate with a domain name.

DNS Priority

Some DNS records require users to specify the priority. This is often used when adding MX records that connect a domain name to a mail server, which is necessary for adding a custom email address, such as [email protected]. The lower the number, the higher the priority. For example, if there were three mail exchange servers and the first one was set with priority 10, the second one was set with priority 20, and the third one was set with priority 30, the mail flow would go to the second mail exchange server if the first one was unavailable. If the second exchange server is unavailable, the mail flow would go to the third mail exchange server with priority 30. Finally, if the third exchange server is unavailable, the mail flow would fail.

DNS Vulnerabilities

DNS does have some vulnerabilities. One of the most common types of DNS vulnerability is DNS hijacking, which can also be known as DNS poisoning or DNS redirection. DNS hijacking occurs when a DNS request that is made to a server is hijacked and forcibly redirects online traffic to malicious websites. It is a common way for scammers to redirect users to malware or fake websites. DNS hijacking can be caused by malware that manipulates a user's computer, makes changes to the hosts file or a compromised DNS server. Another type of DNS vulnerability is DNS spoofing, which occurs when modified DNS records are used for redirecting online traffic to malicious or scam sites.

	TCP/IP Protocol
Application layer	BGP• DHCP • DNS • FTP • HTTP • IMAP • LDAP • MGCP • NNTP • NTP • OSPF • POP • PTP • ONC/RPC • RTP • RTSP • RIP • SIP • SMTP • SNMP • SSH • Telnet • XMPP
Transport layer	TCP • UDP • DCCP • SCTP • RSVP • QUIC
Internet layer	IP • ICMP • NDP • ECN • IGMP.
Link layer	Tunnels • PPP • MAC