Internet Problems worldwide
Posted: Thu Apr 07, 2005 6:03 pm
Th Internet Storm Center has raised the current internet threat level to Yellow. 
How does this effect you? Well my firends read on:
Some idiot figured out how to poision the Domain Name Service (DNS) caches worldwide and has been reaking havoc on some ISP's. According to Sans the Phillapenes were brought down due to this little problem. Check out FMI:
http://isc.sans.org
If you want to know how DNS works read on, otherwise escape now while you have the chance!!
DNS is the glue that holds the internet and e-mail together. When you type in www.totalmotorcycle.com your computer asks a DNS server to provide the IP address of that server (66.199.248.2). With the IP address Internet Exploder (or whatever you choose to use to browse the internet) asks that IP address to send it data over port 80.
<An easy way to think of it is this way. The IP address is the same as the street address, the port is the name of the person at that address.>
So your request (a letter to address 66.199.248.2) asks for the website (port 80) to be sent back to your computer.
Without DNS you would never recieve the street address for totalmotorcycle. It would be the same as sending a letter to someone but only puting their name on the letter, no address. Essenitally that is what is happening worldwide.
DNS also provides MX records. Think of the MX (Mail eXchanger) address as the location of the mailbox in relation to the address you are sending the letter to similar to a Post Office box. Totalmotorcycle is a bad example since the location of the mailbox is the same ast the street address of 66.199.248.2. If you look at www.mt.gov (montana state website) the location of the mailbox is 161.7.38.10 while their street address (website) is 161.7.8.137.
So if you want the www.mt.gov website you are sent over port 80 to 161.7.8.137. If you want to send an email to john.doe@state.mt.us you will be sent to 161.7.38.10 over port 25. All thanks to the wonderful, often underestimated DNS server.
Either way - Without DNS you go nowhere fast.
P.S. if you have made it this far, and you understand what I wrote you are now qualified to start learning Internet Security. Contact me for more lessons on Transmission Control Protocol, Internet Protocol (TCP/IP)
How does this effect you? Well my firends read on:
Some idiot figured out how to poision the Domain Name Service (DNS) caches worldwide and has been reaking havoc on some ISP's. According to Sans the Phillapenes were brought down due to this little problem. Check out FMI:
http://isc.sans.org
If you want to know how DNS works read on, otherwise escape now while you have the chance!!
DNS is the glue that holds the internet and e-mail together. When you type in www.totalmotorcycle.com your computer asks a DNS server to provide the IP address of that server (66.199.248.2). With the IP address Internet Exploder (or whatever you choose to use to browse the internet) asks that IP address to send it data over port 80.
<An easy way to think of it is this way. The IP address is the same as the street address, the port is the name of the person at that address.>
So your request (a letter to address 66.199.248.2) asks for the website (port 80) to be sent back to your computer.
Without DNS you would never recieve the street address for totalmotorcycle. It would be the same as sending a letter to someone but only puting their name on the letter, no address. Essenitally that is what is happening worldwide.
DNS also provides MX records. Think of the MX (Mail eXchanger) address as the location of the mailbox in relation to the address you are sending the letter to similar to a Post Office box. Totalmotorcycle is a bad example since the location of the mailbox is the same ast the street address of 66.199.248.2. If you look at www.mt.gov (montana state website) the location of the mailbox is 161.7.38.10 while their street address (website) is 161.7.8.137.
So if you want the www.mt.gov website you are sent over port 80 to 161.7.8.137. If you want to send an email to john.doe@state.mt.us you will be sent to 161.7.38.10 over port 25. All thanks to the wonderful, often underestimated DNS server.
Either way - Without DNS you go nowhere fast.
P.S. if you have made it this far, and you understand what I wrote you are now qualified to start learning Internet Security. Contact me for more lessons on Transmission Control Protocol, Internet Protocol (TCP/IP)
