Please enable JavaScript.
Coggle requires JavaScript to display documents.
5 - Domain Name System - Coggle Diagram
5 - Domain Name System
Authoritative DNS server
= NS record
DNS zone = domain and its subdomains for a specific NS authoritative server
If a subdomain is delegated to another authoritative server, it creates another DNS zone
DNSSEC
Add to DNS zone of domain DNS server
ZSK (Zone Signing Key)
KSK (Key Signing Key)
Add to the TLD DNS server
DS = hash(KSK)
3 levels
Root level = .com, .net
Top Level Domain (TLD) = example.org
Domain = DNS records for example.org
DNS attacks
Rogue DNS server
DNS Poisoning
Make real DNS server send false data back to clients
DNS cache poisoning
Make cache DNS server send false data back to clients
DNS pharming
Modify locally or on DNS server the entry to redirect to a phishing website
DNS query spoofing
DNS response
Include Query ID (16 bits)
DNS poisoning protections
DNS split
Limit zone transfers from internal DNS to external DNS
Require internal clients to resolve all domains through internal DNS
Use DoH (DNS over HTTPS) or OdoH (Oblivious DoH) == DNS proxy
DNS sinkhole
Provide false DNS response to malware
Domain hijacking == buy domain of someone else when it expires
Homograph attacks
Buy domains looking similar