"Ultimate DNS Digest": 45 materials from Habr and other resources
Most recently, we talked about how the team of our IaaS provider has automated work with DNS records in the hosting panel .The experience of creating a new service for providing free DNS hosting service led us to a cursory analysis of publications on Habré that affected certain aspects of DNS work. We collected these materials along with English-language additions to the next “ultimatum” digest from 1cloud .
In previous issues, we collected practical SSL material and a VPN digest .
')
/ photo Celine Nadeau CC
DNS basicsThis article describes the basic aspects of the functioning of the DNS.
URL history: domain, protocol and portA capacious post about the URL components that are needed to connect to a specific application on a remote machine somewhere on the Internet. The author talks about UUCP, DNS, TLD, Punycode, protocols and ports.
How it works: A few words about DNSOur material on the topic of domain names. In it, we consider the basic aspects of the functioning of the DNS and the security issues of DNS servers.
Domains: Internet historyWith the development of the Internet infrastructure, a system was needed that would streamline the ever-growing information. This is how domains of different levels of hierarchy arose. About them and will be discussed in this article.
My URL is not your URLTranslation of Daniel Stenberg's material on disagreements in understanding the concept of a URL (URI) and the peculiarities of identifying URL encodings in the world.
Significance of SPFThere is an important problem that even the largest global companies neglect - the lack of SPF records in most domains, which protects the domain from unauthorized use in e-mail. This illustrative material explains why this needs attention.
I want sites to open instantlyWeb developer Alexander Zelenin in his post tells how to make your website open quickly. Very fast.
DNS: HighlightsThe necessary theoretical basis for DNS: what commands to use and how to behave in the event of typical problem situations.
Website unknownA small but colorful comic about how DNS works.
IPv6 and DNSMaterial on the positive impact of IPv6 on DNS (with statistics).
DNS attack: What it is, who did it and how to resistThe causes of DDoS attacks, the principle of their actions, how to find out that it was a DDoS attack and who is behind it.
DNS tutorialDetailed, but concise tutorial on some features of DNS with a list of additional useful materials, tools and links on DNS.
DNS for dummiesWhy, after changing the DNS, you need to wait from days to 72 hours for the availability of the site by domain name?
Overview of DNS PoliciesDNS policies are needed to control how the DNS server processes requests based on various parameters. More in this material.
DNS server BIND (theory)Here is a hierarchical structure of the DNS database and discusses the processes of interaction between clients and DNS servers.
A little about the types of DDoS-attacks and methods of protectionThis article covers the most common types of DDoS attacks, including a DNS attack with a boost.
Once again about how not to make a “sieve” from your networkA wide arsenal of methods and recommendations for ensuring domain security: from organizing a DMZ local network and checking SPF records to setting up audit systems and security scanners.
We solve the problem of interception and substitution of DNS queries. DNSCrypt in Yandex BrowserConsideration of the problem of interception and substitution of DNS queries on the example of Yandex and the use of technology DNSCrypt as a way to prevent possible attacks.
Security of web resources of banks of RussiaThe study, which aims to find out how the top 100 banks in Russia ensure their security. Comparison with the most popular sites on the Internet.
Trojan Switcher: hacks Wi-Fi routers and replaces DNSIf instead of facebook.com you see, for example, fasebook.com or something like that, you should not expect anything good from such a page. But what if the fake page is located at this address? It turns out that such an unpleasant option is also possible. Here is how it works.
Stop making sand foundationsThe author's arguments about the imperfections and vulnerabilities of the DNS, decentralized Internet security and a bug called Dirty Cow.
Why do small packages keep the internet safe?Material about the opposition of DDoS-attack through reflection.
Exclude single point of failureMatthew O'Riordan, co-founder of Ably, provides a list of recommendations for eliminating errors associated with DDoS attacks on the DNS server.
What happened to Twitter, PayPal, Amazon and other American servicesYou may have heard that in October 2016 more than eight dozen major sites and services, including Twitter, Amazon, PayPal and Netflix, did not work due to a hacker attack. Read what happened, why it is so dangerous, and how this incident affects everyone.
The attack on the DNS provider Dyn came from the millions of IP addresses and the botnet MiraiNews material about who was to blame for the violation of the world's largest sites.
DNS Amplification DDoS: Anatomy of attack and defense. Part 1The first part of a large article about the device DDoS-attack through reflection (DNS Amplification). The ultimate goal of the article is to show how you can effectively deal with spurious DNS traffic.
How we did our DNS management system based on ANS productIn this article, we describe how 1cloud implemented the DNS management function based on various products.
Basics of computer networks. Subject number 3. Protocols of lower levels (transport, network and channel)This article discusses the protocols of the channel, network and transport layers. Sit back and read to your health.
Let's see DNSWhy is my site not working? Usually, the questioner either does not know about the DNS, or does not understand the fundamental ideas. For many, DNS is a terrible and incomprehensible thing. This article is an attempt to dispel such fear.
How are the DHCP lease duration and the DNS garbage collection process related?Algorithm for joint configuration of DHCP and DNS with the study of various problems and ways to prevent them.
/ photo Tristan Schmurr CC
Critical vulnerabilities of the BIND DNS server allow you to remotely disable it and conduct DoS attacksThis article discusses the popular vulnerabilities of the BIND DNS server implementation, as well as utilities to eliminate and prevent possible errors.
Recognition of DGA domains. And what if neural networks?Instructions for recognizing malicious DGA-domains by means of neural networks.
Home ad blockerAdvantages and disadvantages of using PowerDNS to block Internet advertising.
Your cloud hosting in 5 minutes. Part 0: VirtualizationA series of articles from Vladimir Kozlovsky about organizing your own cloud hosting.
Home hosting sites with dynamic IPHow to set up home DNS hosting in conjunction with DDNS subdomains for a free host of sites.
Have fun with DNSThe material from Vena, which explains why problems with the DNS (server, caching, CNAME, etc.) is not only pain, but also a certain amount of fun.
Personal experience: How we automated work with DNS records in the hosting panelThis article will discuss why we have developed a new service - a free DNS hosting service.
How to find subdomains in minutes?List of services that provide reliable (secure) subdomains and / or other useful information about the subdomain and its features.
A selection of free tools for developersAn impressive list of free resources for web developers (including those related to DNS, CDN, DDoS protection and web hosting).
The most basic need: how did we implement DNS hosting at Mail.Ru for business?The formation of DNS hosting Mail.ru: from the choice of server and name to debugging functionality.
14 DNS Nerdov do not control the InternetSarcastic material about the "failing technology" DNSSEC and its uselessness.
Transfer domain? Get ready for troubleThe study of possible difficulties and pitfalls when transferring a domain by the example of transferring the domain bits.media from the old Godaddy registrar to the new Internetbs.
Prospects for the commercial use of IPv6 in Russia (year 2016)Features of commercial operation of the IPv6 protocol in the form of dual stack.
The study of variables Mikrotik. Script update Dynamic DNS records FreeDNS.afraid.orgThe author conducted a small study of the variables in the Mikrotik scripts, examined the declaration and initialization under a magnifying glass. All this is his material.
Easter eggs in Mr Robot S02E01At the end of the first episode of the second season of Mr Robot, there is a scene where Darlene generates a ransomware Trojan using the modified SET framework. There appears the IP address 192.251.68.254, where the Trojan's control server is located. How deep is the rabbit hole?
PS Other interesting materials from our blog:
Source: https://habr.com/ru/post/319848/
All Articles