How to Understand DNS & Everything Else

 

This image was selected as a picture of the we...

WWW. SEO. URL. SSL. FTP. DNS. The Internet loves it some three-letter acronyms. The Domain Name System (DNS) is no exception. Saying a bunch of words is no match for saying some letters that represent them. That way you can have this conversation with someone.

Them: “What’s DNS?

You: “Don’t worry your pretty little head about it. It’s technical jargon that would literally blow your head off your body, and they’d use my tax money to clean up the mess, so no thanks.”

Them: “Got it. Thank you for helping me preserve the structure of my body.”

DNS is not very complicated, but this article will review it in full detail – sort of a “more than you ever wanted to know” guide. This piece, then, is much like a long, excruciatingly painful story from your grandfather about a trip he went to buy undergarments during the Depression and ended up getting kidnapped and tortured by naked and obese witches. Typical!

For this article, I drew from pieces on How-To Geek, Applied Trust, Stack Overflow, and a Josh Halliday piece on The Guardian.

DNS – What is it? Huh? Oh.

The domain name system (DNS) is Web protocol that converts the names of sites – eg ilovericepudding.xxx or nowivedecidedilikepastapuddingbetter.tv — into numbers for reading by computers/servers. DNS specifically converts from the URL, eg puddingisdeliciousandeveryoneknowsit.cc, into an IP address. The IP address hooks the visitor of the website to the correct server so that the page loads correctly.  DNS, then, is essentially the phone book that translates letters into numbers which are the server identification numbers.

When you think of a dedicated IP, typically you are in turn thinking of a dedicated server. In other words, having your own dedicated server for hosting — as opposed to using shared hosting — means that you have your own IP address specific to your own site. This “ownership” of an IP has obvious advantages regarding security and a minimization of and isolation of potential DNS-related errors. However, in shared hosting situations, a host header is used to access the correct site; that is the way that IP addresses can be shared without confusion.

DNS and Speed

Generally speaking, according to The Guardian, the connection between URL and IP is made via DNS almost instantaneously. The server is found and the data request by the visitor of the site – what any website visitor is doing when visiting any URL is making a request for data – is fulfilled. Once the DNS server makes the connection, it can move onto another request for URL/IP matching.

Most sites have DNS servers. DNS can be provided for free through a service such as everyDNS. However, solid DNS is crucial. When the DNS server does not function correctly, you can only get to a website through its IP address (the series of numbers that identify the server).

There are a couple of types of DNS problems worth looking at specifically:

  • DNS failure
  • DNS poisoning.

Failure is when a glitch makes the DNS system dysfunctional. This type of problem means that the site does not populate (with nothing populating its place).

Poisoning is a situation in which the information is purposely polluted with misinformation via a virus, other malware, or direct hacking interference. This problem directs site visitors to an impostor website – typically one that is intending to draw credit card or other personal information from people, often creating the false assumption that the site to which they are directed is the site they were originally trying to pull up – ie  a phishing scenario. A disappointing and cruel example of phishing is when you think you are putting your information into a sales portal to get a DDoS botnet, an army of malware-injected computers to bring down your competitor, and instead it turns out to be an FBI site trying to stop you from doing that, even though you’ve struggled this quarter because your competitor has better products and service than you do.

What is an IP address?

An Internet Protocol (IP) address is the identifying numbers assigned to any piece of hardware. Your cell phone, for instance, has a particular IP. The same is true of your PC or of the server for a website.

An IP address is in a format known as a dotted quad – four numbers ranging from 0 to 255, separated by dots. Note that though IP addresses are unique, sites (as discussed above) can share an IP address. Similarly, a household or business network can have a single IP, if only one router is used (assuming all devices flow through that router’s IP).

Note that within a network – also called a “domain” in terms of IP – multiple devices will each have an IP so that the router can tell them apart. However, the outside Internet is not told anything about the IPs of the internal network. The router translates the internal IPs into its own IP when Internet requests are made by the network’s devices. When a response comes in from the Internet, the router translates back to the individual IP so that the information is sent to the correct network computer. It’s similar to how thoughts and sensations each get stored in your various multiple personalities so that Cecilia, Jack, and Dr. Blankenship can each have their own personal stories, friendships, and memories.

One good thing about URLs, beyond the fact that they are easier to remember and can be branded in ways that strings of numbers cannot, is that IP addresses are specific to hardware. If a website changes its hosting company, for example, its IP address will change. But that doesn’t really matter, because no one is typing in the IP. As soon as the DNS entry is updated with the new IP information, the site will populate accurately from the files located on the new hosting service’s machine.

Sample – Google.com

So you can get a better sense of how IP addresses work, try typing 173.194.39.78 into your address bar. You should see Google populate. That is Google’s IP address. As you can see, the IP and the URL are essentially synonymous. Data-wise, it’s all about the IP. But everything must be named so that we humans can remember more easily.

Typically you’re not typing in 173.194.39.78, but rather Google.com (unless you’re really into IP addresses – an IPP or Internet Protocol Purist, as they’re called in IT circles). Nonetheless, the DNS server translates into the appropriate IP so that the data between you and the servers which populate the various websites that comprise the Web know what servers they need to access to send and receive data.

DNS Servers and Caching

You type a web address into your address bar. Then your computer sends out a request to the DNS server. The DNS server lets it know what the correct IP address is and sends out to that address. Your computer then goes to the correct IP. The URL in the address bar stays the same. The IP lookup and connection occurs in the background without your knowledge (unless you decide to look up the technical details).

The DNS servers you use to access IP addresses via your home or business network are typically provided by your Internet service provider (ISP). Typically a computer will send a DNS request to a router, which in turn send out the message to the ISP. The ISP’s DNS servers then respond with the correct IP number and populate the page.

DNS caching allows a computer to remember what IP is associated with a particular URL. This means that your computer only needs to retrieve DNS information one time (until the cache is cleared). The speed with which pages will load is optimized by not needing to perform a DNS lookup every time a page loads. You go straight to requesting the site, rather than going to the DNS server first, because you have the information locally to tell you where the correct IP is for the URL. Again, Internet Protocol Purists never allow the DNS to cache. They believe it is important to anthropomorphize the DNS and allow it to perform “work” constantly, strengthening its muscles and mind for the DNS apocalypse.

DNS & Security

Speaking of malware and viruses, sometimes you can be infected with one that changes your DNS server to a different one run by people who have implanted false IP addresses for heavily trafficked websites. If you put the name of one of those common sites into your address bar, the browser then instead visits the phishing site – where the evildoer attempts to pull login credentials and other sensitive details from you.

Two solutions to help prevent DNS hijacking:

  1. Antivirus software – A quality antivirus application can help prevent your computer from accessing a faulty DNS server.
  2. SSL errors – I’ve written a couple of pieces on SSL security certificates lately – both on different types of validation and on different types of certificates/ functionalities. Security certificate error messages – a window that pops up and says that there is a problem with the security certificate for the site – should always be read and considered. SSL errors are fairly uncommon, so when you come across one, ensure that the certificate was issued to an organization you recognize – it may have been and just doesn’t directly match the particular subdomain you are viewing, etc. (which doesn’t mean it’s not encrypting, so you’re fine there). Sometimes the SSL certificate, though, may have been issued to a completely different site. If you don’t recognize the site, do the following:
  • Stop
  • Collaborate with a partner in security
  • Listen to what they have to say
  • Ice, ice, baby, to go.

Summary & Conclusion

DNS is a phonebook for Internet sites, a way of matching up the identification numbers, called IP addresses, related to specific devices – servers as regards websites – with particular URLs. This allow your computer browser to send a data request to the appropriate server to populate a website. Caching of DNS allows your computer to access the website more quickly – without having to look up the DNS record each time. DNS servers can sometimes be miscoded, either innocently or malevolently. Be sure you have a quality antivirus installed and that you pay attention to SSL security certificate errors so that you are less likely to become a victim of phishing schemes (unless that’s , like, totally your thing, being a victim, which I can completely respect, as can Mr. Blankenship).

by Kent Roberts and Richard Norwood

Written By
More from admin

New Ubuntu 9.04! Codenamed “Jaunty Jackalope”

Ubuntu has released its lastest version codenamed “Jaunty Jackalope”. I usually tend...
Read More