DNS stands for Domain Name System, which is a system used on the internet to translate human-friendly domain names into IP addresses, allowing users to access websites and resources using easy-to-remember domain names rather than strings of numbers. When a user enters a domain name, their browser sends a request to a DNS server to look up the associated IP address. DNS servers maintain databases of domain names and IP addresses and return the correct IP address to the browser. Without DNS, the internet would be difficult to use as users would need to remember complex IP addresses for every website.
KIT-601 Lecture Notes-UNIT-3.pdf Mining Data Stream
untitled_document.pptx
1. What is DNS?
DNS stands for Domain Name System, which is a system used on the internet to translate human-
friendly domain names, such as www.example.com, into IP addresses, such as 93.184.216.34. The DNS
is essentially a directory that matches domain names with their corresponding IP addresses, allowing
internet users to access websites and other resources using easy-to-remember domain names rather
than long strings of numbers.
When a user types a domain name into their web browser, the browser sends a request to a DNS server
to look up the IP address associated with that domain name. The DNS server then checks its database
for the IP address and returns it to the browser, which uses it to connect to the website or other
resource that the user has requested.
DNS is an essential component of the internet infrastructure, as it enables internet users to access
resources using easy-to-remember domain names, rather than having to remember complex IP
addresses. Without DNS, the internet would be much more difficult to use, as users would need to
remember the IP addresses of every website they wanted to access.
2. Why we need DNS ?
1. Human-readable domain names: IP addresses are difficult for humans to remember, and domain
names provide an easy-to-remember way to access resources on the internet.
2. Scalability: With the growth of the internet, the number of IP addresses required to identify every
device on the network would be immense. DNS allows multiple domain names to map to the same
IP address, making it easier to manage the internet infrastructure.
3. Load balancing: DNS can be used to distribute traffic among multiple servers that host the same
resource, improving the performance and availability of those resources.
4. Redundancy: DNS can be set up to provide backup servers in case a primary server fails or
becomes unavailable, improving the reliability of internet services.
4. Types of DNS server
1. Recursive DNS servers are responsible for resolving domain names by recursively querying other DNS
servers until they receive a response with the IP address. These servers are typically provided by Internet
Service Providers (ISPs) or third-party DNS providers.
1. Authoritative DNS servers: Authoritative DNS servers are responsible for providing answers to queries
about domain names within a specific zone. These servers store the DNS records for a domain name,
including information such as the IP address of the web server hosting the domain name. Authoritative
DNS servers are typically managed by the domain name owner or their hosting provider.
5. Domain name types :
1. Top-Level Domains (TLDs): TLDs are the highest level of the domain name system hierarchy. They are located to
the right of the last dot in a domain name, such as .com, .org, .net, .gov, .edu, .mil, etc.
2. Country Code Top-Level Domains (ccTLDs): ccTLDs are two-letter TLDs that are assigned to countries or
territories. Examples include .us for the United States, .uk for the United Kingdom, .de for Germany, .fr for France,
etc.
3. Generic Top-Level Domains (gTLDs): gTLDs are TLDs that are not tied to a specific country or territory. They
include .com, .org, .net, .info, .biz, .name, .pro, .mobi, etc.
4. Second-Level Domains (SLDs): SLDs are the portion of the domain name that appears to the left of the TLD. For
example, in the domain name "example.com," "example" is the SLD.
5. Subdomains: Subdomains are prefixes added to an SLD to create a new domain name. For example,
"blog.example.com" is a subdomain of "example.com."
6. Internationalized Domain Names (IDNs): IDNs are domain names that include non-ASCII characters. They allow
domain names to be written in non-Latin scripts, such as Cyrillic, Arabic, Chinese, Japanese, etc.
7. Premium Domains: Premium domains are domain names that are considered to be of higher value due to their
length, keywords, brandability, or other factors. They are often sold at a higher price than regular domain names.
6. DOMAIN NAME TYPES :
Top-Level Domains (TLDs): TLDs are the highest level of the domain name system
hierarchy. They are located to the right of the last dot in a domain name, such as .com,
.org, .net, .gov, .edu, .mil, etc.
Country Code Top-Level Domains (ccTLDs): ccTLDs are two-letter TLDs that are
assigned to countries or territories. Examples include .us for the United States, .uk for
the United Kingdom, .de for Germany, .fr for France, etc.
Generic Top-Level Domains (gTLDs): gTLDs are TLDs that are not tied to a specific
country or territory. They include .com, .org, .net, .info, .biz, .name, .pro, .mobi, etc.
Second-Level Domains (SLDs): SLDs are the portion of the domain name that appears
to the left of the TLD. For example, in the domain name "example.com," "example" is
the SLD.
7. What is FTP ?
FTP stands for File Transfer Protocol. It is a standard protocol used to transfer files over the internet or
a network. FTP is a client-server protocol, which means that a client computer establishes a connection
with an FTP server to transfer files between them.
To use FTP, you need an FTP client software installed on your computer. Some popular FTP clients
include FileZilla, Cyberduck, WinSCP, and CoreFTP. Once you have an FTP client installed, you can
connect to an FTP server by entering the server's hostname, username, and password.
FTP can be used for a variety of purposes, such as uploading and downloading files to and from a
website, transferring large files between computers, and backing up data to a remote server. However,
FTP is not a secure protocol, as it transfers data in plaintext, making it vulnerable to interception and
tampering. For this reason, it is recommended to use secure file transfer protocols such as SFTP
(Secure File Transfer Protocol) or FTPS (FTP over SSL/TLS) for transferring sensitive information.
8. Why we need FTP?
1. Uploading and downloading files: FTP provides a simple and reliable way to upload and download files
between two computers. This is especially useful when dealing with large files that cannot be easily emailed or
shared through other means.
2. Website maintenance: FTP is often used by website administrators to upload and download files to and from a
web server. This allows them to make updates and changes to the website, such as adding new content, fixing
bugs, or updating software.
3. Remote backups: FTP can be used to back up files from a local computer to a remote server. This is
particularly useful for businesses or individuals who want to protect their data from hardware failures, theft, or
other disasters.
4. Collaboration: FTP can be used to share files and collaborate with others in real-time. This is particularly
useful for teams who are working on a project together and need to share files and information.
5. Automation: FTP can be used in conjunction with scripting languages to automate file transfers and other
tasks. This can save time and reduce the likelihood of errors that can occur when performing tasks manually.
9.
10. Two main types of FTP:
Standard FTP: It Also known as FTP (File Transfer Protocol), this is the original FTP protocol that has been in use
since the 1980s. It is a client-server protocol that allows users to transfer files between computers over a network.
Standard FTP uses two channels for communication: a command channel and a data channel.
Secure FTP: There are two types of secure FTP protocols that have been developed to address the security
vulnerabilities of standard FTP:
a. FTPS (FTP over SSL/TLS): This protocol uses SSL/TLS encryption to secure the connection between the client and
server. FTPS supports both explicit and implicit encryption modes.
b. SFTP (SSH File Transfer Protocol): This protocol uses SSH encryption to secure the connection between the client and
server. Unlike standard FTP and FTPS, SFTP uses a single channel for communication, which simplifies the setup process.
Both standard FTP and secure FTP protocols are widely used for transferring files between computers over a
network. However, due to security concerns, it is recommended to use secure FTP protocols such as FTPS or
SFTP for transferring sensitive information.
11. A firewall is a security system designed to protect a network or computer from unauthorized access. It acts as a
barrier between a network and the internet or other untrusted networks, and controls the flow of network traffic in
and out of the network.
A firewall typically consists of a set of rules that specify which types of network traffic are allowed or blocked.
These rules can be based on a variety of factors, such as the source or destination IP address, the type of protocol
being used, and the specific ports being used for communication.
Firewalls can be implemented in various forms, including software firewalls and hardware firewalls. Software
firewalls are installed on individual computers or servers and provide protection for that specific device. Hardware
firewalls are installed on network routers or other network devices and provide protection for the entire network.
What is firewall ?
12. Types of Firewall :
1. Packet Filtering Firewalls: These firewalls inspect individual packets of network traffic and allow or block them based on a set of predefined
rules. They typically look at the source and destination IP addresses, ports, and protocols.
2. Stateful Firewalls: These firewalls keep track of the state of network connections and only allow traffic that matches a known, existing
connection. This helps to prevent unauthorized access by blocking connection requests from unknown sources.
3. Application Firewalls: These firewalls operate at the application layer of the network stack and inspect traffic based on the specific
application protocol being used. They can detect and block attacks that exploit vulnerabilities in specific applications, such as web servers or
email clients.
4. Next-Generation Firewalls (NGFWs): These firewalls incorporate advanced features such as intrusion prevention, deep packet inspection,
and application awareness. They are designed to provide more comprehensive protection against a wider range of threats than traditional
firewalls.
5. Proxy Firewalls: These firewalls act as an intermediary between the client and the server, inspecting and filtering traffic before forwarding it
on. This allows them to provide additional security features, such as content filtering and URL filtering.
6. Cloud Firewalls: These firewalls are designed specifically for cloud-based environments, providing protection for virtual machines and cloud
services. They are typically integrated with cloud service providers and can be managed through a web-based console.
14. Need of firewall :
1. Unauthorized Access: A firewall can block access attempts from unauthorized sources, such as hackers or
malware.
2. Malware: A firewall can block traffic associated with known malware, preventing it from infecting devices on
the network.
3. Denial of Service (DoS) Attacks: A firewall can limit the amount of traffic coming into a network, helping to
prevent a DoS attack from overwhelming the network and disrupting service.
4. Data Exfiltration: A firewall can monitor traffic leaving the network, preventing sensitive data from being sent
out without authorization.
5. Compliance: Many regulations and standards require organizations to implement firewalls as part of their
security measures.
15. Limitation of firewall :
1. Inability to Detect Advanced Threats: Firewalls are designed to block traffic based on predefined rules and
policies. While this can be effective for blocking known threats, it can be difficult to detect and block
advanced or targeted attacks that may use new or unknown techniques.
2. Lack of Visibility into Encrypted Traffic: As more traffic is encrypted using SSL/TLS protocols, it can be
more difficult for firewalls to inspect traffic and detect potential threats. This is because encrypted traffic
cannot be read by the firewall without first decrypting it, which can be a time-consuming and resource-
intensive process.
3. User Error or Malicious Intent: Firewalls are only as effective as the rules and policies that are defined by
administrators. If a firewall is misconfigured or not properly managed, it can be ineffective or even allow
malicious traffic to pass through. Similarly, if an attacker is able to gain access to an administrator account or
manipulate firewall rules, they may be able to bypass the firewall entirely.