Computers that are part of a network (such as the Internet) have a numerical address that must be used if you want to connect one machine to another. Remembering a 32-bit number—even when converted to decimal and neatly formatted in the form 58.199.11.2—for every computer to which you want to connect isn't practical. We can't usually remember the phone numbers of just a handful of our contacts, instead storing them in some form of address book. Most of us would agree that it is essential to have some form of lookup table or, at the least, a list of names and numbers—whether dialing a phone or a computer—especially if those entries are frequently updated.

Enter the Domain Name System (DNS). In this chapter, you will first learn about DNS—about name servers and the software that runs on them. Then you will learn how to interrogate a name server, find vulnerabilities in the software running on these servers, and, ultimately, exploit them.

The Implications of Hacking DNS

Companies rely on name servers to provide answers to queries—queries like, “What is the IP address of www.yourcompany.com?” Taking down or limiting the capabilities of a company's name server can prevent customers and employees from accessing a range of services (not just websites), thus impacting a company's credibility, reputation, and revenue. Furthermore, the way in which DNS has been designed and implemented can be exploited to perform distributed denial-of-service (DDOS) ...