top of page
  • Linkedin
  • bluesky
  • Instagram
Sök

Notes: DNS in detail | THM

  • solbergtonje
  • 25 dec. 2024
  • 3 min läsning

What is DNS


Domain Name System (DNS)

- simple way to communicate with devices online, without remembering numbers

- every computer has its own unique address = IP Address


IP Address

- 4 sets of digits between 0 and 255

- each set separated by a period (.)


DNS makes it easier for you to remember a website name, instead of its IP address (f.ex.: tryhackme.com instead of 104.26.10.229)



Domain Hierarchy


Top-Level Domain (TLD)

- the most righthand part of a domain name (f.ex.: ".com")

- 2 types of TLD

- Generic Top Level Domain (gTLD)

- Country Code Top Level Domain (ccTLD)



Second-Level Domain

- is the "tryhackme" in the url tryhackme.com

- limited to 63 characters

- can only use a-z, 0-9 and hyphens (not at start/end)


Subdomain

- on the left-hand side of the Second-Level Domain, f.ex: admin.tryhackme.com - "admin" is the subdomain

- separated with a period (.)

- limited to 63 characters

- can only use a-z, 0-9 and hyphens (not at start/end)

- possible to use multiple subdomains split with periods -> jupiter.servers.trychackme.com (max 253 characters)

- possible to create unlimited amounts of subdomains



Record Types


DNS Record Types


A Record

- resolve to IPv4 addresses, f.ex: 104.26.10.229


AAAA Record

- resolve to IPv6 addresses, f.ex: 2606:4700:20::681a:be5


CNAME Record

- resolve to another domain name, f.ex: store.tryhackme.com returns a CNAME record shops.shopify.com

- another DNS request would then be made to shops-shopify.com for IP address


MX Record

- resolve address of servers handling email for the domain you are querying, f.ex: MX record response for tryhackme.com - alt1.aspmx.l.google.com

- these record come with priority flag <- tell client in which order to try servers


TXT Record

- free text fields where any text-based data can be stored

- have multiple uses

- common use: list servers with authority to send email on behalf of domain (help battle spam/spoofed email)

- another use: verify ownership of domain name when signing up for third party services



Making a Request


DNS Request


1. Request domain name -> computer check its local cache if recently looked up address <- if not: request to Recursive DNS Server


2. Recursive DNS Server provided by your ISP, possible to choose your own <- it has a local cache of recently looked up domain names:

- found: sent back to your computer = end of request

- not found: request sent to the internet's root DNS servers


3. Root servers acts as the DNS backbone of the internet <- job to redirect you to correct Top Level Domain Server. f.ex: request: www.tryhackme.com the root server will refer to the correct .com TLD server


4. TLD servers holds records for where to find the authoritative server to answer DNS requests. <- authoritative server = nameserver for the domain (usually multiple nameservers for backups)


5. An authoritative DNS server is responsible for storing DNS records for a particular domain name <- its where updates to domain name DNS records are made. Request: DNS record is sent back to the Recursive DNS server <- local copy is cached for future requests -> relayed back to original client requesting


DNS requests come with a Time to Live (TTL) value: number represented in seconds - saved locally

Caching saves time

Contact / Kontaktformulär

© 2024-2025 Tonje Solberg

bottom of page