<< Prev. Page: TCP/IP Protocol Development Groups

Each computer on the Internet identified by IP address, but it is difficult to remember them. Hence, DNS is used to identify a host. The domain name system (DNS) is the way that Internet domain names are located and translated Internet Protocol addresses. A domain name is a meaningful and easy-to-remember “handle” for an Internet address. The Domain Name System is one of the most critical parts of the Internet. It resolves URL names (such as ananova.com) into Internet Protocol (IP) addresses and vice versa. This enables Internet browsers to search for websites based on the machine address without the user being aware of translating the domain name into the IP address. As such, the DNS is crucial to the widespread success and implementation of the Internet.

The DNS consists of two parts: the hostname and the domain. The hostname is computer specific name the domain name identifies the network of which the computer is a part. The domain extension identifies the host type.

  • .com: Commercial or Businesses
  • .edu: Educational institutions
  • .de: Germany
  • .au: Australia
  • .in: India
  • .us: The United States

The domain name further splits into subdomains.

A common criticism of the DNS in the early days was that the system was too complex and would never work. The creators of the DNS responded by saying that the system had to be flexible enough to handle what was then a small amount of traffic and the much larger amounts they foresaw as the Internet grew.

DNS server can ensure that the information being sent and received is valid. This strategy is not limited to attacks on IP verification alone, but also is capable of protecting various types of information, including email, from fraudulent substitutes, even DNS hosted services. While such substitutes are not often particularly sophisticated, they can represent a serious threat to any set of DNS solutions, and should be handled on the DNS server itself by default by DNS Management Tools.

The process of securing and provisioning a central statistical security scheme for a DNS system is based on caching verified data and checking back with a master registrar for versions and mechanisms when necessary. If asked, a DNS server should be able to begin by responding to the claim with an overall standard response, only providing alternate results in the case of exceptional delegations of functions. In order to properly ensure the correct results, a delegation signer must have a record in a central location that can be accessed securely by the DNS security system.

>> Next Page: DNS Configuration Files