|
. The DNS server of the entire world cooperating, it is the distributed database which operates. IP address it is possible to calculate host name on the basis of to seek the opposite.
concerning the domain which by himself manages approximately 10 units domain name registers his own address to the route server who is used in the world.
The client program which is called the resolver the domain name which we would like to inspect inquires to the route server first, inspects the DNS server who manages that domain, does conversion by the fact that information is drawn out in that DNS server. |
DNS <Name server>
Alias:
DNS server and domain name server, domain name server, name server and DNS server
Field:
Internet > domain > DNS |
The domain name which hits to the name of the computer on Internet, the computer which is converted to the line of four numbers which are called the IP address which hits to address.
The individual name server has the domain name of the computer which is connected to the network which by his manages, and the corresponding chart of IP address answers to the inquiry from outside.
The countless name server exists in Internet, is designed to be the layered structure which corresponds to domain name. The name server who is located most significantly is called the “route server”, 13 units are dispersed being arranged in the entire world.
The name server of the entire world cooperating, in order domain name and the system which makes IP address correspond with to call, as for the name server also the “DNS server” is called. |
DNS amp
Reading: D n s amplifier
Field:
Security > network > DNS amp
Internet > domain > DNS amp |
Being accustomed to sending the mass data simultaneously from the many computer, in one kind of DDoS attack which is paralysed the object, the technique which abuses cash function of the DNS server.
The attack person draws up, can point the record which arranges the meaningless character string of bulk into the DNS server whom first by his manages being accustomed to sending this in the open DNS server who had cash function cash. Next, the zombie PC who stealthily trains the remote management software to the computer whose management is sweet is prepared in large quantities, this is worked, the packet which requires the transmission of the bulk record to the DNS server who copied cash is made to transmit simultaneously. This time, transmission original address lying, response from the DNS server is transmitted to the attack object by setting the address of the computer which becomes the attack object. The computer which becomes the object handles this and without being cut off it falls to communication failure, the circuit gets flat
|
DNSSEC <DNS Security Extension>
Reading: D n s security
Field:
Internet > domain > DNSSEC
|
Extended specification in order to improve the security of DNS.
In order to guarantee that the message which is exchanged between the server and the client is not altered, it encodes the hash value of message with public key cryptosystem, with message sends. It calculates hash value from the message which reaches and if it matches the hash value which is decoded, |
| |
|
|
|
|
