Information Leakage through the Domain Name System

Abstract

The Domain Name System (DNS) is the global lookup service for network resources. It is often the first step in an Internet transaction as well as a network attack since it provides the route map for reaching any resource (e.g., hosts) in any organization irrespective of its geographical and network location. An attacker can query an organization’s DNS as reconnaissance before attacking hosts on a particular network. To minimize the chances of these attacks succeeding, the administrator of an organization’s DNS (called the zone administrator), has various counter measures options in the form of content control, configuration, protocols, operational and infrastructure protection methods. In this paper, we analyze these and discuss the ireffectiveness and limitations.