What's Up With DNS?

DNS (Domain Name Service) is that wonderful service that translates domain names to IP addresses, like sans.org to 66.35.45.201 or yahoo.com to 68.180.206.184. DNS is inherently a very troubled, insecure service. It uses UDP port 53. UDP is one protocol in the TCP/IP protocol suite that is used for transport. UDP is sometimes referred to as "Spray and Pray" because it just sends packets out and hopes they get to their destination. UDP is called an "unreliable protocol" as there is no guarantee of delivery or reponse for that matter.

So what's all the hubbub about DNS being such a problem? First - it may take a little time to get your answer back. You type in your browser "www.yahoo.com" and you wait for a connection. Behind the scenes, a UDP request goes out to your "name server" who will attempt to translate the words to an IP address and send your brower request to that address. If your "name server" doesn't know the answer, they send the request up the chain to another "name server", until someone along the line knows how to translate the name to its IP address. This week two of the big name servers, Neustar and Register.com, were both hit with DDOS (Distributed Denial of Service) attacks. Several big companies were affected, including Amazon and Petco. They reported a huge increase in name service requests, to the point that they were unable to service all of the requests. The result ... you probably would not be able to connect to Amazon.com.

This is just one of the many problems with the current DNS standard. To learn more about how DNS is set up, see RFC 1035 for the Implementation and Specification document. "RFC" stands for "Request for Comment" but the RFCs are the definitive documents on how things work in the Internet protocol world!