1
00:00:00,870 --> 00:00:07,380
Cybersecurity tax on DNS servers are one of the most significant threats to Internet security today

2
00:00:07,890 --> 00:00:11,220
and it is important to understand how it works.

3
00:00:11,520 --> 00:00:17,250
DNS domain name server is used to resolve names to IP addresses.

4
00:00:17,250 --> 00:00:19,770
When you type google.com in your web browser.

5
00:00:20,070 --> 00:00:25,890
Behind the scenes your computer is doing a DNS look up to find the IP address of the Web site that you're

6
00:00:25,890 --> 00:00:30,690
trying to connect to.

7
00:00:30,710 --> 00:00:35,260
You can almost compare it to saving a phone number as a contact in your phone.

8
00:00:35,270 --> 00:00:40,280
So when you want to call someone on your cell phone instead of actually typing in their actual phone

9
00:00:40,280 --> 00:00:47,810
number every time you just pull up your contact name and then hit call and it resolves the contact name

10
00:00:47,810 --> 00:00:54,950
to the phone number that you have store in your phone contacts and in the background you're actually

11
00:00:54,950 --> 00:00:57,890
calling that phone number and not the contact name.

12
00:00:58,190 --> 00:01:03,170
Just like with networking even though in our web browser we're typing in Google dot com we're actually

13
00:01:03,170 --> 00:01:09,270
in the background connecting to Google dot com IP address.

14
00:01:09,360 --> 00:01:11,800
So why not go directly to the IP address.

15
00:01:11,820 --> 00:01:18,420
You may ask yourself well for users it is a lot easier to remember a name like Google dot com instead

16
00:01:18,420 --> 00:01:20,910
of the actual IP address.

17
00:01:22,320 --> 00:01:30,210
DNS is built around a hierarchy of servers at the top level is the root servers that own anything once

18
00:01:30,210 --> 00:01:36,920
a root server receives the request it sends the response back to direct the requester to the right server

19
00:01:36,930 --> 00:01:39,190
based on a top level domain.

20
00:01:39,240 --> 00:01:43,270
You need to reach like dot com or dot org.

21
00:01:43,360 --> 00:01:49,360
Then the top level domain server will direct the requester to the owner of the domain name like Google

22
00:01:49,360 --> 00:01:50,260
for example.

23
00:01:52,320 --> 00:01:56,500
Here's what a DNS request for Google dot com would look like.

24
00:01:56,670 --> 00:02:05,760
Within the hierarchy of domain name servers.

25
00:02:06,010 --> 00:02:10,320
So you can see an example of a DNS request in my terminal here.

26
00:02:10,450 --> 00:02:19,140
I'm going to ping being dot com and in the background I have wireshark running and it's filtering to

27
00:02:19,140 --> 00:02:23,050
only capture packets that match DNS server requests.

28
00:02:24,110 --> 00:02:35,390
So when I ping this my computer should sign a DNS look up requests to my DNS server.

29
00:02:35,780 --> 00:02:44,510
Ok so you can see that my computer sent a DNS request to my DNS server at 10.0 up 3.3.

30
00:02:44,510 --> 00:02:52,160
And then my DNS server responded with the IP address for the domain name that I request.