2. INTRODUCTION
• Ahmadullah Alnoor
• Software Engineer
• Microsoft Development Center, Copenhagen, Denmark
• Masters in Distributed Systems, KTH, Stockholm, Sweden
• NITPAA Member
3. DISCLAIMER
• The views expressed in this Presentation are Personal and
do not necessarily reflect the views of my employer.
• This Presentation is not from Microsoft.
4. ATTRIBUTION
• The Presentation is based on Sessions attending during
ICANN 58 which was held in Copenhagen, Denmark.
• Visit https://schedule.icann.org/ for the source materials.
6. NAMING
• Name identifies an Object
• Examples of Names are … Kabul, www.bing.com
• Name says What something is or Who someone is
• Name does not say Where something or someone is
7. ADDRESSING
• Address identifies a Location
• Examples of address are … (34.5553° N, 69.2075° E),
13.107.21.200
• Name Resolution maps a Name to an Address
• Address says Where someone or something is
• Address does not say How to reach the address.
8. ROUTING
• Route says How to reach an Address
• Examples of Route are … Road Signs, RoutingTables
• Route to Address is set before Traffic Arrives
• Traffic moves through the Route in steps or hops
• Traffic trusts each step/hop
10. WHY DNS
• Numbers are hard to remember. IP Addresses are many.
• 3.4 Billion IPv4 addresses, many many more IPv6 addresses
• Names are easier to remember
11. A DISTRIBUTED DATABASE
• Data is maintained locally and available globally.
• Scalable
• Maintainable
• Performant
• Resilient
12. NAME RESOLUTION
• The process of translating a (host) name to an (IP) address
• The process of translating an (IP) address to a (host) name
21. ROOT SERVERS
• Stub Resolvers, Recursive Resolves and Authoritative
Name Servers cooperate.
• Resolvers have a hints file pointing to Root Name Servers.
31. CACHE POISONING
• Change the DNS Cache in the Recursive Resolver to
return fake records
https://www.ipa.go.jp/files/000013084.png
32. DISTRIBUTED DENIAL OF SERVICE
(DDOS)
• Many Bots/Zombie machines sends DNS Queries to a
specific Name Server
https://www.incapsula.com/images/illustrations/ddos-mini-site/nxdomain-dns-ddos.jpeg
33. DDOS AMPLIFICATION
• Using UDP (User Datagram Protocol) to generate traffic to a specific
Name Server
http://securityskeptic.typepad.com/.a/6a0120a55f18a4970c0153907539c1970b-pi