Dns ppt

18,581
-1

Published on

Published in: Technology
0 Comments
17 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
18,581
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
1,161
Comments
0
Likes
17
Embeds 0
No embeds

No notes for slide
  • BIND: Berkeley Internet Name Domain
  • a spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data
  • Dns ppt

    1. 1. DNS : A STUDYPresented By- MAUOOD HAMIDI MSC CS CUB1102312006GUIDED BY:- NEMI CHANDRA RATHORE SIR HOD Dept. Of Computer Science Central University Of Bihar8/2/2013 Presented For Dissertation On DNS
    2. 2. COVERAGE DNS DEFINITION DNS SERVER DNS TOOLS DNS QUERY DNS RECORDS8/2/2013 Presented For Desertation On DNS
    3. 3. COVERAGE NETWORK TOOLS NEED OF DNS DNS COMPONENTS DNS TYPES DNS CONTEXT8/2/2013 Presented For Desertation On DNS
    4. 4. DOMAIN NAME SYSTEM DNS Technology Allows Hosts On TCP/IP Networks To Be Address By Its Name. DNS Automatically Convert The Names We Type In Our Web Browsers Address Bar To The IP Addresses Of Web Servers Hosting Those Sites. Internet.w3school.com Hostname Organization Top-level domain8/2/2013 Presented For Desertation On DNS
    5. 5. DNS CONTINUED• DNS Include A Network Protocol for Memorizing Host Name And Addresses Through A Distributed Data Base.• All The Top-Level domains, delegates authority for second-level domains, and a database of registered name servers for all second-level domains Monitored by The Network Information System(NIC). 8/2/2013 Presented For Desertation On DNS
    6. 6. DNS CONT………• Host name assignments maintained through zone files on primary DNS server. Secondary DNS server gets zone file from primary server.8/2/2013 Presented For Desertation On DNS
    7. 7. DNS SERVER• There are different types of DNS SERVER available we can install any of them as per our requirement. It Is Of Three Types,• Primary:- Locally stored files exists on the name server data base.• Secondary:- Gets data called a zone transfer from another server that is the zone authority.8/2/2013 Presented For Desertation On DNS
    8. 8. DNS SERVERS• Caching:- Only caches name server information and does not contain its own files.• For example:-• BIND, DJBDNS, ANS/CNS, POWER DNS etc.8/2/2013 Presented For Desertation On DNS
    9. 9. SERVER SUBSCRIPTION• Costs range from $20 to $50 per year.• ISP’s beginning to offer domain name registration as part of other packages.• Need to register a primary and secondary domain name servers for your domain and arrange to have zone files created on DNS servers.8/2/2013 Presented For Desertation On DNS
    10. 10. DNS IN ACTION….8/2/2013 Presented For Desertation On DNS
    11. 11. DNS TOOLS• There are several tools for monitoring DNS information: – whois – tells you the owner and primary DNS servers associated with a domain (e.g. whois yahoo.com). Also available via web browser at www.networksolutions.com8/2/2013 Presented For Desertation On DNS
    12. 12. DNS TOOLS• -nslookup and host (on UNIX machines) tell you IP address information for a particular hostname on the internet (e.g. -nslookup www.gmail.com or host www.nic.edu)8/2/2013 Presented For Desertation On DNS
    13. 13. DNS TASKS• What are IP addresses of the DNS servers that contain information about rutgers.edu?• What are the IP address of: – www.ahuja.com – sandy.admin.tcs.com – www.linux.org8/2/2013 Presented For Desertation On DNS
    14. 14. DNS Queries• A DNS query packet is formed at the application layer.• DNS is unique, as it can utilize either UDP/IP or TCP/IP to send a message. – Uses UDP by defult – if message is too bit (>512 bytes), it will use TCP8/2/2013 Presented For Desertation On DNS
    15. 15. Types of DNS Records There are several types of DNS records that are kept by DNS servers: – “A” Records: give the IP address for a hostname. – CNAME Records: give aliases for hostanmes (i.e. web.cub.ac.in = www.cub.ac.in)8/2/2013 Presented For Desertation On DNS
    16. 16. DNS RECORDS -MX Records: give the IP address of the ‘mail host’ for a hostname or domain (I.e. “Mail addressed to anyone @cub.ac.in gets handled by the ‘mail server’ mail.cub.ac.in) Some more are, - SOA, NS, PTR, HINFO, TXT8/2/2013 Presented For Desertation On DNS
    17. 17. Network Tools• Ping (Windows and UNIX)• Traceroute (tracert on Windows, traceroute on UNIX)• Nslookup (UNIX only)• Host (UNIX only)8/2/2013 Presented For Desertation On DNS
    18. 18. Why We Need DNS• As the system grew, HOSTS.TXT had problems with: – Scalability (traffic and load) – Reliability – Dynamicity – Name collisions – Consistency8/2/2013 Presented For Desertation On DNS
    19. 19. DNS NAME SPACE• The name space is the structure of the DNS database – An inverted tree with the root node at the top• Each node has a label – The root node has a null label, written as “”8/2/2013 Presented For Desertation On DNS
    20. 20. DNS ROOTS T h e ro o t n o d e "" t o p -le v e l n o d e t o p -le v e l n o d e t o p -le v e l n o d es e c o n d - le v e l n o d e s e c o n d - le v e l n o d e s e c o n d - le v e l n o d e s e c o n d - le v e l n o d e s e c o n d - le v e l n o d e t h ir d -le v e l n o d e t h ir d -le v e l n o d e t h ir d -le v e l n o d e 8/2/2013 Presented For Desertation On DNS
    21. 21. Domain Names A domain name is the sequence of labels from a node to the root, separated by dots (“.”s), read left to right – The name space has a maximum depth of 127 levels – Domain names are limited to 255 characters in length A node’s domain name identifies its position in the name space8/2/2013 Presented For Desertation On DNS
    22. 22. TYPES OF DOMAIN GENERIC DOMAIN COUNTRY DOMAIN8/2/2013 Presented For Desertation On DNS
    23. 23. GENERIC DOMAIN "" com edu gov in t m il net o rg n o m in u m m e ta in fo b e r k e le y nwu n a to a rm y uu w est e a st www d a k o ta to rn a d o8/2/2013 Presented For Desertation On DNS
    24. 24. COUNTRY DOMAIN Each Country Is Assigned A Single Top Level Domain, Like .in(ac.in, nic.in, gov.in) .us(ac.us, af.gov.us)8/2/2013 Presented For Desertation On DNS
    25. 25. Subdomains  One domain is a subdomain of another if its top node is a descendant of the other’s top node  More simply, one domain is a subdomain of another if its domain name ends in the other’s domain name So purchase.tradus.com is a subdomain of tradus.com8/2/2013 Presented For Desertation On DNS
    26. 26. Delegation Administrators can create subdomains to group hosts – According to geography, organizational affiliation etc. An administrator of a domain can delegate responsibility for managing a subdomain to someone else The parent domain retains links to the delegated subdomain8/2/2013 Presented For Desertation On DNS
    27. 27. Zones By Delegation Each time an administrator delegates a subdomain, a new unit of administration is created – The subdomain and its parent domain can now be administered independently – These units are called zones – The boundary between zones is a point of delegation in the name space Delegation is good: it is the key to scalability8/2/2013 Presented For Desertation On DNS
    28. 28. Name Servers Name servers store information about the name space in units called “zones” – The name servers that load a complete zone are said to “have authority for” or “be authoritative for” the zone Usually, more than one name server are authoritative for the same zone – This ensures redundancy and spreads the load Also, a single name server may be authoritative for many zones8/2/2013 Presented For Desertation On DNS
    29. 29. Name Servers and Zones 10.0.0.6 serves Name Servers Zones data for bothcentraluniversityofbihar.ac.in and 10.0.0.6 cub.org zones cub.ac.in 10.0.0.5 serves data for cub.ac.in zone 10.0.0.5 only cu.com 20.1.1.1 serves data for cu.com 20.1.1.1 zone only 8/2/2013 Presented For Desertation On DNS
    30. 30. Types of Name Servers Two main types of servers – Authoritative – maintains the data • Master – where the data is edited • Slave – where data is replicated – Caching – stores data obtained from an authoritative server Other types exist… No special hardware necessary8/2/2013 Presented For Desertation On DNS
    31. 31. Loads On DNS DNS can handle the load – DNS root servers get approximately 3000 queries per second o Empirical proofs (DDoS attacks) show root name servers can handle 50,000 queries per second o Limitation is network bandwidth, not the DNS protocol – in-addr.arpa zone, which translates numbers to names, gets about 2000 queries per second8/2/2013 Presented For Desertation On DNS
    32. 32. DNS Efficiency DNS is a very lightweight protocol – Simple query – response Any performance limitations are due to the network limitations – Speed of light – Network congestion – Switching/forwarding latencies8/2/2013 Presented For Desertation On DNS
    33. 33. DNS Security Base DNS protocol (RFC 1034, 1035) is insecure – “Spoof” attacks are possible DNS Security Enhancements (DNSSEC, RFC 2565) remedies this flaw – But creates new ones • DoS attacks • Amplification attacks DNSSEC strongly discourages large flat zones – Hierarchy (delegation) is good8/2/2013 Presented For Desertation On DNS
    34. 34. REFERENCES• Computer Networks-Andrew S Tanenbaum• Fundamental Of Computer Networks• CDEEP BOMBAY(TUTORIALS)• Wikipedia.com• W3school.com8/2/2013 Presented For Desertation On DNS
    35. 35. Time To Ask ?8/2/2013 Presented For Desertation On DNS
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×