DNS in Detail
TryHackMe Walkthroughs â‹… Guided â‹… DNS in Detail
Task 1: What is DNS?
Devices on the Internet are identified with an address called an IP address. IP addresses, such as 104.26.10.229, can be difficult to remember. To make IP addresses more friendly to humans, we use a protocol called the Domain Name System (DNS). DNS translates between IP addresses and domain names, such as tryhackme.com, and allows us to communicate with devices more seamlessly.
Task 2: Domain Hierarchy
A domain can be split into different levels. Consider the domain https://feodotracker.abuse.ch
.
.ch: This is the top-level domain (TLD).
TLDs can be generic TLDs (gTLD) or country code TLDs (ccTLD).
abuse: This is a second-level domain.
Second-level domains are limited to 63 characters.
Second-level domains can only use the characters a-z, 0-9, and hyphens.
feodotracker: This is a subdomain.
The subdomain is separated from the second-level domain by a period.
Subdomains have the same restrictions as a second-level domain.
A domain can have multiple subdomains as long as the entire domain name is 253 characters or less.
Task 3: Record Types
There are many types of DNS records.
A: These records resolve IPv4 addresses.
AAAA: These records resolve IPv6 addresses.
CNAME: These records resolve another domain name.
MX: These records resolve to the address of the servers that handle the email for the domain being queried
TXT: These records are free text fields where any text-based data can be stored.
TXT records are commonly used to verify domain ownership and list authoritative servers.
Task 4: Making A Request
When a DNS request is made, the following steps occur:
The computer checks its cache to see if the address has been looked up recently. If the address is not in the cache, a request to the computer's Recursive DNS Server is made.
The recursive DNS server, usually provided by an ISP, checks its cache for the address. to send back to the computer. If the address is not in the cache, then root servers are queried.
The root server directs the computer to the correct Top Level Domain Server.
The TLD server holds records for where to find the authoritative server, or nameserver, to answer the DNS request.
The authoritative server is responsible for storing the DNS records for a particular domain name. THe DNS record may also be sent back to the Recursive DNS server in order to be cached for a certain amount time, specified by the record's time-to-live (TTL) value.
Task 5: Practical
Open the site associated with the task to answer the following questions.
Last updated