Domain Name System (DNS) Protocol

What is DNS (Domain Name System), and is DNS a protocol?

A Domain Name System is a hierarchical decentralized naming system for computers and other resources connected to the internet or private networks. In use since 1985, it associates information with domain names assigned to participating entities and translates domain names to their numerical IP addresses. It's considered an essential component of the functionality of the internet and its ubiquity makes it a frequently-used vector of attack, such as DNS tunneling.

How does DNS work?

A frequently used analogy is that DNS functions as the phonebook for the internet; it stores the long numerical IP addresses by an easier to remember website address. The hierarchy of domain is read from right to left; a domain name is divided into separate parts, or labels, separated by dots (ex: Extrahop.com) with the farthest right demarking the dominant domain. (In this case, .com) When a user types a domain name into a URL or web address, the computer uses a DNS server to look up the domain name and redirect the page to the correct IP address.

Related Readings on the Blog

• DNS Tunneling and How to Protect Against It
• DNS Amplification Attacks: How DNS Is the Canary in the Coal Mine
• DNS: The Set It & Forget It Protocol - Or Is It?
• How SUNBURST Used DNS to Avoid Detection