What is DNS?
DNS stands for Domain Name System and acts as the phonebook of
the internet. It translates human-readable domain names (such as example.com) into IP addresses
(such as 93.184.216.34) so that computers can find and communicate with one another.
Without DNS, you would have to remember the numeric IP address for every website.
🧠 How does DNS work?
- You type
example.cominto your browser. - Your device requests the IP address through a DNS query.
- The DNS resolver looks this up in several steps:
- Root server → points to the
.comnameserver -
Top-level domain (TLD) server → points to the
example.comnameserver - Authoritative nameserver → returns the IP address
- The browser connects to that IP address.
🔧 Key DNS records
| Record type | Function |
|---|---|
A |
Maps a domain name to an IPv4 address |
AAAA |
Maps to an IPv6 address |
CNAME |
Alias for another domain name |
MX |
Points to mail servers |
TXT |
Free text, often used for verification (SPF, DKIM) |
PTR |
Reverse lookup: IP to name |
NS |
Indicates which nameservers are authoritative |
🛡️ DNS and security
| Risk | Security measure |
|---|---|
| DNS spoofing / cache poisoning | Use DNSSEC and trusted resolvers |
| Exfiltration via DNS tunnelling | Monitor and block suspicious queries |
| Unwanted resolvers | Permit only internal resolvers via Firewall or Proxy |
🏭 DNS in OT environments
- Often used in hybrid IT/OT networks
- Internal DNS management is important for PLCs, HMIs and SCADA systems
- Air gapped systems sometimes use local DNS via host files
- ICS equipment is often sensitive to incorrect DNS configurations
📌 In summary
DNS is a foundational protocol that translates domain names into IP addresses. It is essential for network connectivity and reliability — and also an important focus area for Cybersecurity.