Chapter 6. DNS


Why devote an entire chapter to DNS? Isn’t DNS used to translate a host name to an IP address and that’s about it? Sure, that is a big and important part of DNS, but DNS is much more.

DNS servers are probably one of the most common targets of reconnaissance and exploit efforts. Your DNS server is a cherished prize for a hacker to compromise, so hackers are going to see how vulnerable it is by pounding on it for weaknesses. DNS servers are targeted for the following reasons:

  • DNS servers can provide a lot of reconnaissance information about hosts in preparation for launching an attack of a targeted network.

  • DNS is used to resolve host ...

Get Network Intrusion Detection, Third Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.