Lecture 20: DNS

Intro to DNS




DNS Lookup


Assuming the cache is empty, which name servers would a DNS resolver contact to learn the IP address of oh.cs161.org?




Domain Names


(True/False) oogle.com is a subdomain of google.com.




DNS Lookup

Note: The second half of this video walks through the same DNS lookup as the one in video 14.2, so if you feel comfortable with the DNS lookup process, you can stop watching this video at 2:10.




DNS Records


In the previous video, the root responded to a query for eecs.mit.edu with "Don't know, but ask .edu with IP 192.0.0.1." What records represent this reply, and what section is each record sent in?




DNS Cache Poisoning


If the .edu name server is compromised, what records can the resolver no longer trust?




DNS Spoofing


If the ID field is randomized, what is the probability an on-path attacker successfully spoofs a DNS packet? Assume the on-path attacker always wins the race against the legitimate response.




Kaminsky Attack


How does the Kaminsky attack avoid bailiwick checking (the resolver checking that google.com only provides records for *.google.com)?