What is DNS?

DNS or Domain Naming System is a fundamental component of modern-day networking. DNS can be likened to a phone book containing information about systems on the internet allowing systems to find each other to communicate. Essentially DNS translates IP addresses into a human-readable format such as a website address. Although DNS is often associated with websites specifically, DNS is used to underpin almost every type of network request.

What is the vulnerability of DNS?

Due to its age, widespread use, simplicity and lack of authentication DNS has been the target for attackers over recent years. Attacks such as DNS reconnaissance could allow an attacker to query the DNS server in order to extract information from the victim network such as live hosts or the hostnames of high-value targets such as email or file shares.

DNS attack example

Additional attack vectors include DNS cache poisoning also known as DNS Spoofing and Denial of Service (DoS) or Distributed Denial of Service (DDoS). With DNS cache poisoning an attacker will attempt to enter false information into a DNS cache to redirect victims to an attacker-controlled website.

If you like this blog post, find more content in our Glossary.