Hacking Knowledge
  • 🏠​ Homepage
    • Welcome
    • About Me
    • Disclaimer
    • Conventions
  • 🔑Cybersecurity Basics
    • Introduction
    • Vulnerabilities
    • Cyberattacks
      • Cyber Kill Chain
      • Malware
    • Security Models
      • Methodologies
    • Legal Support
    • Career Paths
    • Certifications
    • Related Concepts
  • 🐧Linux
    • Introduction
    • Functional Structure
      • File Permissions
      • Environment Variables
      • Crontabs
    • Commands
      • Operators
    • Useful Shell Resources
    • Related Concepts
  • ⊞ Windows
    • Introduction
    • Functional Structure
      • File Permissions
      • Environment Variables and System Tools
      • System Events
    • Commands
    • Related Concepts
  • 🌐Networks
    • Introduction
    • Networking Frameworks
      • OSI Model
      • TCP/IP Model
    • Protocols
      • ARP
      • TCP
      • NetBIOS
      • SNMP
      • DNS
      • HTTP
      • Telnet
      • FTP
      • TFTP
      • SMB
      • RDP
      • SSH
      • SMTP
      • POP 3
      • IMAP
      • Oracle TNS
      • IPMI
    • Hypervisors
    • Related Concepts
    • Tools and Utilities
  • 🔐Cryptography
    • Introduction
    • Encoding (WIP)
    • Encryption (WIP)
      • Types of encryption (WIP)
      • Methods of Encryption (WIP)
    • Hashing
      • Well-known Hashes (WIP)
    • Related Concepts
    • Tools and Utilities
    • Useful Tips
  • 👣Digital Forensics
    • Introduction
    • Basic Plan
    • Related Concepts
    • Tools and Utilities
    • Useful Tips
  • 🎯Penetration Testing
    • Introduction
    • Categorization
    • Process Stages
      • Pre-engagement
      • Information Gathering
        • OSINT
          • Dorking
          • Searching breach data dumps
        • Enumeration
          • Get information from SSL certificates
          • Retrieve information from IMAP/POP3 servers
          • Redirect HTTP traffic using Feroxbuster and ZAP
          • Mount accesible NFS Shares
          • Bruteforce subdomains
        • Tools and Utilities
        • Useful Tips
      • Vulnerability Assessment
      • Exploitation
        • Tools and Utilities
        • Useful Tips
      • Post-Exploitation
        • Techniques (WIP)
        • Privilege Escalation
          • Linux Privilege Escalation
          • Windows Privilege Escalation
        • Tools and Utilities
        • Useful Tips
      • Lateral Movement
      • Proof-of-Concept
      • Post-engagement
        • Sample Report (WIP)
    • Related Concepts
  • 📡Web Exploitation
    • Introduction
    • OWASP Top 10
      • Broken Access Control
      • Cryptographic Failures
      • Injection
      • Insecure Design
      • Security Misconfiguration
      • Vulnerable and Outdated Components
      • Identification and Authentication Failures
      • Software and Data Integrity Failures
      • Security Logging and Monitoring Failures
      • Server-side Request Forgery
    • Attack Techniques
      • Local File Inclusion
      • Remote File Inclusion
      • Cross-Site Scripting
      • Command injection
      • XXE Injection
      • Abuse File Upload
      • Cross-Site Request Forgery
      • Header Poisoning
      • HTTP Parameter Pollution
      • Content Security Policy Bypass
      • Exposed .htaccess and .htpasswd files
      • Server-Side Request Forgery
      • Server-Side Template Injection
      • Cookie Hijacking
      • Null Byte Poisoning
      • PHP - Abuse PHP Type Juggling
      • PHP - Bypass using filters
      • WordPress - Abuse Theme Configuration on templates
      • WordPress - Getting credentials from configuration files
      • CVE - Log4Shell
    • Related Concepts
    • Tools and Utilities
    • Useful Tips
  • 🗄️Database Attacks
    • Introduction
    • SQL
      • MySQL
      • MSSQL
      • SQLite3
    • Attack Techniques
      • SQL Injection
        • Authentication Bypass
      • NoSQL Injection
      • MS SQL - xp_cmdshell Abuse
      • MongoDB - Impersonation via credentials change
    • Related Concepts
    • Tools and Utilities
    • Useful Tips
  • 👥Active Directory
    • Introduction
    • Related Concepts (WIP)
    • Tools and Utilities (WIP)
    • Useful Tips (WIP)
  • ☁️CLOUD HACKING
    • Introduction
    • Related Concepts
    • Tools and Utilities (WIP)
    • Useful Tips (WIP)
  • 📜Scripting
    • Introduction
    • Reverse Shell
    • Bind shell
    • Web Shell
  • 🚩Practical Skill Development
    • Learning Platforms
      • Hack The Box
      • TryHackMe
      • picoCTF
    • Featured Labs
    • CTF Competitions
  • 📝Write-Ups
    • Introduction
    • HTB Starting Point
      • Meow (Tier 0)
      • Fawn (Tier 0)
      • Dancing (Tier 0)
      • Redeemer (Tier 0)
      • Explosion (Tier 0)
      • Preignition (Tier 0)
      • Mongod (Tier 0)
      • Synced (Tier 0)
      • Appointment (Tier 1)
      • Sequel (Tier 1)
      • Crocodile (Tier 1)
      • Responder (Tier 1)
      • Three (Tier 1)
      • Ignition (Tier 1)
      • Bike (Tier 1)
      • Funnel (Tier 1)
      • Pennyworth (Tier 1)
      • Tactics (Tier 1)
      • Archetype (Tier 2)
      • Oopsie (Tier 2)
      • Vaccine (Tier 2)
      • Unified (Tier 2)
      • Included (Tier 2)
      • Markup (Tier 2)
      • Base (Tier 2)
    • HTB Machines
      • Nibbles (Easy)
      • BountyHunter (Easy)
      • Crafty (Easy)
      • Chemistry (Easy)
    • HTB Challenges
    • HTB Advanced labs
  • Group 1
Powered by GitBook
On this page
  • Domain Types
  • Domain Hierarchy
  • Root Level
  • Top-Level Domain (TLD)
  • Second-Level Domain (SLD)
  • Subdomain
  • Record Types

Was this helpful?

  1. Networks
  2. Protocols

DNS

The Domain Name System protocol acts like a phonebook for the Internet by translating human-friendly domain names into IP addresses, being a critical part of how the Internet functions. It operates in the Application layer usually on UDP port 53

For example, when users enter a domain name in their browser such as google.com, the DNS queries multiple servers to resolve the name into the corresponding IP address 8.8.8.8 related to this domain. It's also possible that various IP addresses are related to the same domain name.

Domain Types

  • Authoritative Nameserver: Hold authority for a particular zone, only answer queries from their area of responsibility, and their information is binding. If an authoritative name server cannot answer a client's query, the root name server takes over at that point

  • Non-authoritative Nameserver: Not responsible for a particular DNS zone, they collect information on specific DNS zones themselves, which is done using recursive or iterative DNS querying

  • Caching DNS Server: Cache information from other name servers for a specified period. The authoritative name server determines the duration of this storage

  • Forwarding Server: Forward DNS queries to another DNS server

  • Resolver: Non-authoritative DNS server that performs name resolution locally in a computer or router

Domain Hierarchy

The Domain Hierarchy organizes domain names on the Internet. It is structured like an inverted tree with multiple levels, where each level represents a domain, and the entire system is organized from the most general to the most specific. Each part of a domain name corresponds to a level in this hierarchy.

Root Level

  • The top level of the DNS Hierarchy

  • Represented as a dot invisible . hidden in domains

  • Is managed by root name servers that direct queries to the appropriate TLD servers

  • There are just 13 root servers in the world

Top-Level Domain (TLD)

  • Is the righthand part of a domain name

  • They can only be composed of a-z, 0-9, and hyphens, and can't start or end with hyphens or have consecutive hyphens

  • Can be classified into two types:

    • gTLD: Generic Top-Level Domain, tell the user the domain name's purpose, for example, the .edu domain for sites related to education

    • ccTLD: Country Code Top-Level Domain, used for geographical purposes, for example, the .uk for the sites from the United Kingdom

Second-Level Domain (SLD)

  • Is the most typical part of the domain which specifies the name of the page

  • Consist of a maximum of 63 characters

  • They are registered by individuals or organizations through domain registrars

Subdomain

  • Are optional and normally describe the specific application of a page

  • Can use multiple subdomains but the length must be kept to 253 characters or less

  • There is no limit to the number of subdomains you can create for a domain name

Record Types

The records are entries in a DNS server that map domain names to IP addresses and other information. They have some types that define specific classes of information stored about a domain name, each one serving a different purpose. Here are the most common DNS record types:

  • A Record (Address): Resolve to IPv4 addresses

  • AAAA Record (IPv6 Address): Resolve to IPv6 addresses

  • CNAME Record (Canonical Name): Resolve to another domain name, then the DNS request redirects to the second domain to work out the IP address

  • MX Record (Mail Exchange): Resolve to the address of the servers that handle the email for the domain you are querying. Includes a priority flag that tells the client which mail server should be contacted first

  • NS Record (Name Server): Indicates the authoritative DNS servers for a domain

  • TXT Record (Text): Stores human-readable or machine-readable text. Commonly used for security. Help to list servers that have the authority to send an email on behalf of the domain. Can be used to verify ownership of the domain name when signing up for third-party services

  • PTR Record: Applies reverse lookup to convert IP addresses into valid domain names

  • SOA Record (Text): Provides information about the corresponding DNS zone and email address of the administrative contact

PreviousSNMPNextHTTP

Last updated 2 months ago

Was this helpful?

🌐