53 - DNS Pentesting

Introduction

Domain Name System (DNS) serves as the internet's directory, allowing users to access websites through easy-toremember domain names like google.com or facebook.com, instead of the numeric Internet Procol (IP) addresses. By translating domain names into IP addresses, the DNS ensures web browsers can quickly load internet resources, simplifying how we navigate the online world.

Default port: 53

Different DNS Servers

• DNS Root Servers: These are the very top of the DNS hierarchy that manages top-level domains and is meant to be accessible if lower-level DNS servers do not respond. The Internet Corporation for Assigned Names and Numbers (ICANN) oversees their operation, with a global count of 13.

• Authoritative Nameservers: These servers have the final say for the queries in their designated zones, offering definitive answers. If they can't provide a response, the query is escalated to the root servers.

• Non-authoritative Nameservers: Lacking ownership over DNS zones, these servers gather domain information through queries to other servers.

• Caching DNS server: This type of server memorizes previous query answers for a set time to speed up response times for future requests, with the cache duration dictated by the authoritative server

• Forwarding Server: Serving a straightforward role, forwarding servers simply relay queries to another server.

• Resolver: Integrated within computers or routers, resolvers execute name resolution locally and are not considered authoritative.