Engineering Homework Help

The domain name system (DNS) protocol plays a critical role in enabling network communications. Before you begin this discussion, consider reviewing the optional resources in the Reading and Resources section of this module, as you may want to use them to support your posts.

For your initial post, discuss a potential consideration associated with the use of DNS. Frame your consideration in terms of potential impacts to network architecture, organizational security, or technology management. Consider the following DNS-related topics as the focus for your post:

Zones: resource record types and/or zone transfers

Zones: master (primary) zone versus slave (secondary) zones

• Public DNS versus private DNS versus split DNS
• DNS-related vulnerabilities: man-in-the-middle attacks, DNS cache poisoning/DNS spoofing, Kaminsky DNS vulnerability, dynamic DNS update vulnerabilities, or distributed denial of service (DDoS) attacks
• Static DNS versus dynamic DNS (DDNS)
• Respond to at least two of your peers by addressing one of the following:
• Select a different frame of reference (infrastructure, security, or maintenance) and compare the effect on the selected topic identified in the original post.

Or

Provide additional considerations, advantages, or implications related to the original post. 

• will post the peer posts later

Peer 1:

Benjamin Kachel posted Nov 16, 2021 4:16 PM

Subscribe

Hello Classmates,

I’m excited to see what you all come up with this week in terms of discussion posts! DNS protocols are not my forte by any means and they are a very new thing to me. So, I’m hoping this post can spark some good discussion to help me understand them better and you too if you have never really studied them before!

So, I’m slowly kind of piecing this together and the DNS type I would like to talk about is the public vs private vs split. So a private DNS is held within the company and works on the local network. It is cut off from the outside world by a firewall and is used internally. It should only answer to internal IPs. Public DNS is basically the internet. You type in a website address, the DNS server gets a request from you looking for the website, it finds the IP address you are trying to look for, and returns the information you requested. Split DNS uses multiple DNS servers to keep the traffic flow moving while also maintaining confidentiality on the internal network. I found an article on techopedia that explained it quite well. It states, “When internal network users look up hostnames, the internal DNS answers and externally forwards this information as needed. External users that lookup hostnames in an internal network are greeted by an external DNS, which contains data limited to publicly accessible resources; this prevents internal secrets from being divulged.”

This would impact the network architecture in a way that would allow for external to internal and internal to external communication so firewalls, switches, routers, DNS servers, and waps would all need to be configured to allow for these types of communications. Also, the DNS servers themselves can have rules as to which IP’s

As far as organizational security goes, I believe the settings for the DNS servers would impact this area the most. There is definitely a need for a firewall in a split DNS setup or any type of setup that allows outside traffic in or communication with the public internet.

Thanks and I’m excited to see what you all come up with.

~Ben

Resources

Techopedia, (2021), Split Domain Name System (Split DNS)
Retrieved from:https://www.techopedia.com/definition/1346/split-domain-name-system-split-dns

Peer 2:

Thomas Talbot posted Nov 17, 2021 2:55 PM

Subscribe

Well, I am not an expert by any means on anything DNS, but I will do my best to provide some useful and relevant information on the topic. The area that I opted to focus my post about is distributed denial of service (DDoS) attacks. DDoS attacks are malicious attacks on networks that disrupts normal operations and communications with a flood of malicious traffic (McAfee, 2021). The number of DDoS attacks is on the rise and both Amazon and Google have had these types of attacks launched against them (McAfee, 2021).

With DDoS attacks, groups of IoT devices or botnets which are typically, but not always affected, by malware and used to target a server or website (McAfee, 2021). Poor password habits can also lead to devices being hijacked by would-be attackers (McAfee, 2021). The attacker would likely need hundreds or thousands of devices working in unison to make one of these attacks possible (McAfee, 2021). The size of the botnet needed to take down the target depends on the intended target.

There are three main categories of DDoS attacks. These three categories are volume-based attacks, protocol attacks and application layer attacks (“What is a DDoS Attack?”, n.d.). Volume based attacks have the goal of utilizing all the bandwidth between the target and the internet (“What is a DDoS Attack?”, n.d.). Protocol attacks attempt to consume all server resources and sometimes include exhausting the resources of a firewall or load balancer (“What is a DDoS Attack?”, n.d.). Application layer attacks flood the system with what would appear to be legitimate requests in order to disrupt services (“What is a DDoS Attack?”, n.d.).

Identifying a DDoS attack can be tricky but there are a few telltale signs that one is taking place. These signs are:

• Suspicious amounts of traffic originating from a single IP address or IP range
• A flood of traffic from users who share a single behavioral profile, such as device type, geolocation, or web browser version
• An unexplained surge in requests to a single page or endpoint
• Odd traffic patterns such as spikes at odd hours of the day or patterns that appear to be unnatural (e.g. a spike every 10 minutes) (“What is a DDoS Attack?”, n.d., para. 10).

In order to prevent a device from easily being swept up into one of these botnets, there are several actions that one should take. The first of which is to secure your router by changing the default password that came with it (McAfee, 2021). The next action is to change the default passwords that are included with Internet of Things (IoT) devices (McAfee, 2021). The third action is to use a comprehensive security solution, which are widely available from third-party vendors (McAfee, 2021). Performing these three actions is also something that one should undertake to better secure their devices and network overall.

Reference

McAfee. (2021, March 24). What Is a DDoS Attack and How to Stay Safe from Malicious Traffic Schemes. Retrieved from https://www.mcafee.com/blogs/tips-tricks/ddos-atta…

What is a DDoS Attack? (n.d.). Retrieved from https://www.cloudflare.com/learning/ddos/what-is-a…