DNS stands for Domain Name System. It is often described as the “phonebook of the Internet.” Its primary job is to translate human-readable domain names (like google.com) into machine-readable IP addresses (like 142.250.190.46).
Without DNS, you would have to memorize the IP address of every website you wanted to visit.
How the DNS Process Works
When you type a URL into your browser, a multi-step “lookup” process occurs in milliseconds:
-
DNS Recursive Resolver: Your computer first asks a resolver (usually provided by your ISP or a service like Google 8.8.8.8) “Where is example.com?”
-
Root Nameserver: The resolver asks the Root server. The Root doesn’t know the IP, but it knows where the .com TLD (Top-Level Domain) server is.
-
TLD Nameserver: The resolver asks the .com server. It points the resolver to the Authoritative Nameserver for that specific domain.
-
Authoritative Nameserver: This server holds the actual IP address record. It gives the IP back to the resolver.
-
IP Returned: The resolver gives the IP to your browser, and your computer can finally connect to the web server.
Critical DNS Record Types
For your CompTIA PenTest+ studies and your Linux lab, you need to know these common record types:
| Record Type | Purpose |
|---|---|
| A | Maps a domain to an IPv4 address. |
| AAAA | Maps a domain to an IPv6 address. |
| CNAME | (Canonical Name) Maps one domain to another (an alias). |
| MX | (Mail Exchange) Directs email to a mail server. |
| TXT | Holds text information (often used for security like SPF or DKIM). |
| NS | Lists the Name Servers for the domain. |
| SOA | (Start of Authority) Contains core admin info about the DNS zone. |
DNS in Penetration Testing
DNS is a goldmine for information during the reconnaissance phase.
-
Zone Transfers (AXFR): A misconfigured DNS server might allow you to request a full copy of its DNS zone file, revealing every internal server and IP address in the organization.
-
Subdomain Enumeration: Pentest tools (like
sublist3rorgobuster) try to find “hidden” parts of a network, such asdev.example.comorvpn.example.com, by guessing DNS names. -
DNS Poisoning (Spoofing): An attack where a hacker provides false DNS information to a resolver, redirecting users to a malicious website.
Tools for your Linux Lab
Since you’re using an ASUS laptop with Linux, you have powerful DNS tools built-in:
-
dig(Domain Information Groper): The standard tool for querying DNS records.dig example.com A
-
nslookup: An older but still widely used tool for basic queries. -
host: A simple utility for performing DNS lookups.