DNS is an acronym like many others in the IT field. DNS stands for Domain Name System. That is important to know and understand, but so are some of the items associated with the internet protocol used every single time you open a web browser to go to a website or check your email. Let’s start with the basics.
- Domain Name System = DNS
- DNS utilizes port 53
- Can use Transmission Control Protocol (TCP) or Universal Datagram Protocol (UDP)
- Primary usage: DNS uses mostly UDP
- Different DNS Records (A, AAAA, CNAME, PTR, NS, MX, SOA, and TXT)
- DNS A Record is the most common
Now that we have defined DNS, what is it?
Well, as noted above, it is an internet protocol. What does that really mean though?
Protocols are responsible for a particular action. In this case, DNS has a focus on acting like a phone book for the internet to put it into very simple terms. Of course, some reading this post might not have ever seen a phone book before, but I will stick with the assumption that there is an understanding of what a phone book is. [Ghee whiz, I’m old!]
Anyways, this internet phonebook associates website names with their IP addresses. In other words, it maps the site name to its IP.
OK, so what’s an IP address? It’s like the phone number for the computer you are communicating with. IP addresses are not the easiest things to remember. A perfect example, the IP address for CyberNow Labs is 199.250.194.141. Most would find it easier to remember cybernowlabs.com instead of 199.250.194.141. This is the main reason for DNS. Human convenience!
How does DNS work? There are different depths at which DNS can be discussed, but let’s look at this at a simple level for today. When you want to visit a website, the first thing you do after turning on your computer is to click the icon for your favorite browser. Then in the address bar, you type either the IP address or the name of the website. As discussed, most people remember the domain name, not the IP address. I can honestly say I do not know off hand any specific company’s IP address without looking it up. OK, well, maybe I remember the Google DNS server, which is 8.8.8.8. But who can’t remember that one!! Anyways, you begin to type in the website address. Then your browser springs into action.
First, it will look locally and see if you have visited the site previously. If you have, then it already has a cached or stored memory of the IP that it needs to translate the website name. If it does, then it translates the name to the IP and connects to the site. However, if it is a site that has not been visited from that computer, it doesn’t have the IP stored in its DNS caching. So, it reaches out to the local DNS resolver for your ISP (Internet Service Provider) or corporate network to ask if it has it. If it doesn’t, then that server reaches out to DNS servers on the internet to find it. It starts with the TLD server for the type of website, .com, .net, .biz, etc. Then once connected to that server, it provides the entire website name. Once it gets the location of the name server options to check from, it routes that information back to the resolver so it can communicate with the appropriate name server. The name server searches its list for the website, gives the associated IP address, and then sends it back to the DNS resolver. Now the DNS resolver can send the IP back to your browser so it can accurately connect the browser in your machine to the website by resolving the website name to the IP.
Phew!! That was a lot of work. But it happens in seconds!! We take for granted all the work that happens in the background just to allow us to visit the sites we want to see.
Want to learn more about DNS? Check out Mike Meyers and me on our YouTube channel for ‘2 Bald Nerds: Day in the Life of a Cybersecurity Analyst’
DNS is just one of the many items you will learn here at CyberNow Labs to help prepare you for an industry-standard certification and fully understand joining the ranks of cybersecurity professionals. See you in the next Cohort!