Black Hat SEO tactics and garden-variety hack attacks are causing all kinds of headaches for IT administrators and their customers.eSecurity Planet columnist David Strom explains how some alternative DNS providers can improve your network’s performance and security.
The Domain Name System (DNS) is something we all use and depend on, yet don’t really pay much attention to; if you have some time to investigate alternatives, you could really enhance your network’s performance and security.
Before I tell you how to do this, let’s have a brief explanation of what DNS is. Think of what a phone book does; it allows you to look up someone’s phone number so long as you know the person’s name. The DNS does something similar for computers. For example, if you type in “google.com” it translates that name into a sequence of four numbers, called an IP address, which functions something like a phone number does. In this case, google.com’s number is 22.214.171.124.
The overall Internet infrastructure has a series of master phone books, or DNS root servers, located at strategic places around the world and maintained by a collection of public, semi-public, and private providers. They talk to each other on a regular basis to make sure that as we add new domains they are in synch.
As you may imagine, if someone wants to “poison” one of the entries, or misdirect Internet traffic to a phony domain, it can be done with the right amount of subterfuge.