DNS

From MgmtWiki
Jump to: navigation, search

Full Title or Meme

Domain Name System DNS is the term for a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. Most prominently, it translates more readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. By providing a worldwide, distributed directory service, the Domain Name System has been an essential component of the functionality of the Internet since 1985.

Context

In order to ensure the global uniqueness of a domain (host) name there is only a single root where all top-level domain (TLD) names are registered. Every country gets there own TLD, for example US or EU. Other TLDs are assigned by the IANA.

Problems

  1. DNS spoofing allows attackers to change the results that are obtained from a request for a IP address.
  2. ARP, the address resolution protocol runs in plain text so that acquiring the address of a web site allows an ISP to see all of the site they anyone plans to visit.

Solutions

  1. DNS SEC encrypts the name look-up process.

But some very large companies don't what people to hide their actions. On 2019-09-13 some large ISPs petitioned congress to prevent users from hiding this information.[1] Naturally congress is more responsive to large corporations than they are to their constituents.

References

  1. Timothy B. Lee, Why big ISPs aren’t happy about Google’s plans for encrypted DNS Ars Technica (2016-09-30) https://arstechnica.com/tech-policy/2019/09/isps-worry-a-new-chrome-feature-will-stop-them-from-spying-on-you/

Other Material