Difference between revisions of "Domain Name System"
(→Misleading Names) |
(→Ethical Issues) |
||
| Line 34: | Line 34: | ||
Whether or not there is a reasonable way to stop this practice, outside of sending Cease and Desist notices to the squatters in question, has not been decided. It is a practice that is still in full swing today, and is one of the disadvantages of the domain name system that is in place today. | Whether or not there is a reasonable way to stop this practice, outside of sending Cease and Desist notices to the squatters in question, has not been decided. It is a practice that is still in full swing today, and is one of the disadvantages of the domain name system that is in place today. | ||
| + | |||
| + | |||
| + | ===Cache Poisoning=== | ||
| + | Also known as DNS spoofing, cache poisoning is the effort to direct internet traffic away from legitimate servers and towards fake ones. A hacker who gains control of a DNS server can alter information in it so that when utilized, a search to a specific DNS will take the user to a dangerous place somewhere else. | ||
| + | |||
| + | This can also be spread if ISP are receiving information from a compromised DNS server. The poisoned cache information then infects a user's home router and personal computer as users look up and store poisoned information <ref> https://www.howtogeek.com/161808/htg-explains-what-is-dns-cache-poisoning/</ref>. | ||
Revision as of 18:04, 22 April 2018
The Domain Name System, or DNS, is a naming system for anything connected to the internet. Its primary use is to allow humans to use meaningful domain names, such as www.google.com, in place of computer-readable IP address, such as 74.125.225.50. In addition, these names are not case sensitive making it unnecessary to memorize capital letters.
Contents
Organization
Internet Corporation for Assigned Names and Numbers (ICANN)
The Internet Corporation for Assigned Names and Numbers (ICANN) is a nonprofit organization that maintains DNS. ICANN is responsible for allocating IP address spaces, overseeing top-level domains, and creating Internet related policy [1]. Interestingly, ICANN has designated seven “keys” to different security experts around the world. If necessary, five of the seven key holders can reset the Domain Name System in the event of an emergency. These Recovery Key Share Holders include representatives from the United States, Trinidad and Tobego, China, Burkina Faso, Canada, and the Czech Republic[2].
Syntax
A domain name is made up of several parts called labels, seperated by periods. The right most label in a domain name is associated with the top level domain. Subsequent labels to the left are additional sub-domains of the top level domain[1].
For instance, in "ctools.umich.edu", "edu" is a top level domain to which "umich" is a subdomain, with "ctools" being a subdomain of that.
Top Level Domains
Every domain name ends with a top level domain. These are labels such as ".edu" ".org" and most commonly ".com".
There were seven original generic top level domains as well as 2-character country designation codes. The original and common seven are: ".gov" for government websites,".mil" for military websites,".com" for commerce websites,".edu" for education-associated websites,".org" for organization's websites,".net" for networks, and ".int" for international websites.[2]
Second Level Domains
A domain name can have a limitless number of sub-domains. As in the example "ctools.umich.edu", "umich" is a subdomain of "edu" where "ctools" is a subdomain of "umich." The preceeding element in a domain name, such as "www" indicates what the host server function is. For instance "mail.google.com" provides a specific function that is different from "www.google.com."
Events
2016 Dyn Cyberattack
On October 21, 2016, DNS service provider Dyn was taken down in the largest distributed denial-of-service (DDoS) attack ever performed. The attack was conducted by the Mirai botnet, a network of Internet of Things (IoT) devices infected with Mirai malware. This attack restricted access to many websites that rely on its services, including AirBnb.com, Amazon.com, CNN.com, Reddit.com, and Spotify[3].
Ethical Issues
Misleading Names
One common problem associated with the structure of domain names is confusion that can accompany it due to a domain name being all lowercase and containing no spaces. There are many examples where this has made otherwise unassuming domain names deter customers from visiting a website, such as "goredfoxes.com" for "Go Red Foxes", "therapistfinder.com" for Therapist Finder, and "molestationnursery.com" for "Mole Station Nursery". Similarly, typos of commonly visited sites are sometimes registered to get some of the traffic intended for the legitimate site. For instance, "leagueoflegends.co" redirects a user to a Spanish webpage with adult content, as opposed to "leagueoflegends.com" which would bring the user to Riot Games' popular League of Legends game.[3]
Cybersquatting
Cybersquatting is defined as "the registration of a commercially valuable Internet domain name, as a trademark, with the intention of selling it or profiting from its use."[4] Though less common now than in the beginning of the 'dot com' era, cybersquatting still occurs regularly. One notable case of (unintentional) cybersquatting was that of Mike Rowe and Microsoft.[5] In the time of anticipation prior to something such as a game release or movie announcement, cybersquatters will purchase domains that they believe others will want to use legitimately to promote their product or for some other reason. Prior to the announcement of The Elder Scrolls: Skyrim, many domains related to the phrase 'Skyrim' were bought and sat on until people with a vested interest in the game were forced to purchase the domain from the squatter at a highly marked up rate.
Whether or not there is a reasonable way to stop this practice, outside of sending Cease and Desist notices to the squatters in question, has not been decided. It is a practice that is still in full swing today, and is one of the disadvantages of the domain name system that is in place today.
Cache Poisoning
Also known as DNS spoofing, cache poisoning is the effort to direct internet traffic away from legitimate servers and towards fake ones. A hacker who gains control of a DNS server can alter information in it so that when utilized, a search to a specific DNS will take the user to a dangerous place somewhere else.
This can also be spread if ISP are receiving information from a compromised DNS server. The poisoned cache information then infects a user's home router and personal computer as users look up and store poisoned information [6].- ↑ https://www.icann.org/
- ↑ http://abcnews.go.com/Technology/brotherhood-internet-keys-chosen/story?id=11271450
- ↑ https://www.theguardian.com/technology/2016/oct/26/ddos-attack-dyn-mirai-botnet
- ↑ http://dictionary.reference.com/browse/cybersquatting
- ↑ http://en.wikipedia.org/wiki/Microsoft_vs._MikeRoweSoft
- ↑ https://www.howtogeek.com/161808/htg-explains-what-is-dns-cache-poisoning/
