Dušan Bernát (bernat@fiit.stuba.sk)



Similar documents
The Domain Name System

CS 348: Computer Networks. - DNS; 22 nd Oct Instructor: Sridhar Iyer IIT Bombay

DNS (Domain Name System) is the system & protocol that translates domain names to IP addresses.

DNS. DNS Fundamentals. Goals of this lab: Prerequisites: LXB, NET

Lesson 13: DNS Security. Javier Osuna GMV Head of Security and Process Consulting Division

Agenda. Distributed System Structures. Why Distributed Systems? Motivation

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

DEPLOYMENT GUIDE Version 1.1. DNS Traffic Management using the BIG-IP Local Traffic Manager

SIDN Server Measurements

1 Basic Configuration of Cisco 2600 Router. Basic Configuration Cisco 2600 Router

Single Pass Load Balancing with Session Persistence in IPv6 Network. C. J. (Charlie) Liu Network Operations Charter Communications

The memoq server in a Corporate Network

Application-layer protocols

Lightweight DNS for Multipurpose and Multifunctional Devices

Inbound Load Balance. User Manual

Mitigation of Breaking Connections. (a.k.a. OLSRd v1 Multi-Gateway & BRDP)

Configuration Notes 0215

The memoq server in a Corporate Network

USING TRANSACTION SIGNATURES (TSIG) FOR SECURE DNS SERVER COMMUNICATION

Domain Name System :49:44 UTC Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement

Network Working Group. Category: Best Current Practice S. Bradner Harvard University M. Patton Consultant July 1997

DNS traffic analysis -- Issues of IPv6 and CDN --

Network Layers. CSC358 - Introduction to Computer Networks

DNS SRV Usage June 22, 2011

Configuring Security for SMTP Traffic

DOMAIN NAME SECURITY EXTENSIONS

Teldat Router. DNS Client

dnsperf DNS Performance Tool Manual

Use Domain Name System and IP Version 6

Understanding DNS (the Domain Name System)

How to Setup an IMAP account in Outlook Express to Connect to Your Arrowmail Mailbox

HUAWEI OceanStor Load Balancing Technical White Paper. Issue 01. Date HUAWEI TECHNOLOGIES CO., LTD.

DNS zone transfers from FreeIPA to non-freeipa slave servers

home networking series Advanced manual - HOME NETWORKING

Communications and Networking

DISTRIBUTED SYSTEMS [COMP9243] Lecture 9a: Cloud Computing WHAT IS CLOUD COMPUTING? 2

How to Add Domains and DNS Records

About Firewall Protection

EE 7376: Introduction to Computer Networks. Homework #3: Network Security, , Web, DNS, and Network Management. Maximum Points: 60

An Intrusion Detection System for Kaminsky DNS Cache poisoning

Global Server Load Balancing

Detecting rogue systems

Introduction to Computer Security Benoit Donnet Academic Year

Use Shrew Soft VPN Client to connect with IPSec VPN Server on RV130 and RV130W

Introduction to Network Operating Systems

Names & Addresses. Names & Addresses. Names vs. Addresses. Identity. Names vs. Addresses. CS 194: Distributed Systems: Naming

INTERNET DOMAIN NAME SYSTEM

Covert Channels. Some instances of use: Hotels that block specific ports Countries that block some access

Firewalls 1 / 43. Firewalls

The Environment Surrounding DNS. 3.1 The Latest DNS Trends. 3. Technology Trends

IBM Software Group Enterprise Networking Solutions z/os V1R11 Communications Server

Predictability of Windows DNS resolver. ing. Roberto Larcher robertolarcher@hotmail.com

DNS and LDAP persistent search

Network Time Management Configuration. Content CHAPTER 1 SNTP CONFIGURATION CHAPTER 2 NTP FUNCTION CONFIGURATION

Improving DNS performance using Stateless TCP in FreeBSD 9

Motivation. Domain Name System (DNS) Flat Namespace. Hierarchical Namespace

Infoblox Inc. All Rights Reserved. Talks about DNS: architectures & security

LAN TCP/IP and DHCP Setup

The Domain Name System (DNS)

Application. Transport. Network. Data Link. Physical. Network Layers. Goal

Lab - Observing DNS Resolution

GLOBAL SERVER LOAD BALANCING WITH SERVERIRON

MCSE SYLLABUS. Exam : Managing and Maintaining a Microsoft Windows Server 2003:

SANE: A Protection Architecture For Enterprise Networks

DNS Resolving using nslookup

Network Protocol Configuration

DNS Conformance Test Specification For Client

Lab 2. CS-335a. Fall 2012 Computer Science Department. Manolis Surligas

Public-Root Name Server Operational Requirements

technical brief Optimizing Performance in HP Web Jetadmin Web Jetadmin Overview Performance HP Web Jetadmin CPU Utilization utilization.

TECHNICAL CHALLENGES OF VoIP BYPASS

LAN Switching Computer Networking. Switched Network Advantages. Hubs (more) Hubs. Bridges/Switches, , PPP. Interconnecting LANs

The secret life of a DNS query. Igor Sviridov <sia@nest.org>

Network traffic monitoring and management. Sonia Panchen 11 th November 2010

DoS/DDoS Attacks and Protection on VoIP/UC

Best Practices in DNS Anycast Service-Provision Architecture. Version 1.1 March 2006 Bill Woodcock Gaurab Raj Upadhaya Packet Clearing House

Understand Troubleshooting Methodology

IP and Mobility. Requirements to a Mobile IP. Terminology in Mobile IP

First Midterm for ECE374 03/24/11 Solution!!

The Domain Name System

Step-by-Step Configuration

Advanced DNS Course. Module 4. DNS Load Balancing

Attack and Defense Techniques

Firewalls with IPTables. Jason Healy, Director of Networks and Systems

Transcription:

Domain Name System as a Memory and Communication Medium Dušan Bernát (bernat@fiit.stuba.sk) Institute of Computer Systems and Networks, Faculty of Informatics and Information Technology, STU Bratislava, Slovakia

Overview Communication in an unusual way, indirect, hidden,... Medium DNS, cache,... Protocol principle (time based), implementation, properties,... Some results error rate, optimal performance, purpose,... Future work synchronisation, error correction, adaptability,... 2

Domain Name System Translates symbolic names into IP addresses (among other things). www.fiit.stuba.sk has address 147.175.1.54 Extensible, hierarchical, distributed,... Several DNS servers may be involved in single name resolution. Caching name servers reduce response times. 3

DNS Cache Consecutive queries for the same name 4

Storing one bit Result of caching: T 12 T TTL t 2 M t 1 for some M 1 T12 is interval between two consecutive queries for the same name. TTTL is Time To Live of cache record. Measuring the response time we can decide whether the bit is set or not. 5

Building a memory Write operation: write(addr,1): send query for addr, write(addr,0): do nothing. Read operation: read(addr): send two consecutive queries for addr, measure and compare response times. If the two response times have similar values (both are short), the bit has been set, else (the first one is greater) it is not set. 6

Address space Ordered subset (sequence) of domain names. Non-existent addresses does not conflict with regular traffic, negative caching (since RFC 2308). Can be spanned over several DNS servers may reduce possibility of detection. It must be know prior to communication to both parties. 7

Memory properties High capacity address space is formed by all legitimate DNS names, depends on actual cache size. Access time read time depends on the values read, it can be increased on the expense of visibility. Read-once behaviour data destroyed during read. 8

Properties Example Error rate the response time may depend on many random influences and network delays. Sending a message... well, it is possible :-) write DNS channel Hello World! read Hullo World! 9

Read operation Assume we have measured two response times (t1, t2): What is the result of read operation? B1 M, t 1, t 2 t 2 M t 1 Relation B1 is true (and evaluates to 1) if measured values corresponds to reading 1. This is the case when both queries are served from the cache so both response times are roughly equal (t2 is not M times shorter). 10

The M What role does play factor M? How large is the difference in response time? If the second one is M times shorter than the first one we get 0 (record was not cached). Thus all values read from the memory depend on M. What is the proper value of M? It depends... But we want to minimise E M = D, Dr M H N 11

Error rate dependence on M 12

Unusable values The first (unusable) region 0 M 1 M 1 B1 M, t 1, t 2 t 1 t 2 This is only due to random delays in the net. For all practical cases we have: M 1 B 1 M, t 1, t 2 0, t 1, t 2 If we assume a block of random uniformly distributed bits, we get E 0.5 Error rate is constantly at maximum value. 13

Useful values As we move slightly to the right from 1, error rate rapidly falls down. M=1, phase transition. Here is where the transfer is possible. The best possible performance for: M opt : E M opt =min {E M ; M 1} In practice, memory works properly for values of M from interval: M e =M 2 M 1, E M 1 =E M 2 =e M 2 M 1 14

Limits of the error rate Me e M1 Mopt M2 15

... and bad again Third region For M M 2 error rate tends to 0.5 again. M M 2 B1 M, t 1, t 2 1, t 1, t 2 E M 0.5 The value of M2 is a characteristic of particular DNS server and network settings. 16

DNS Fingerprint 17

Conclusions Time based communication via DNS cache is possible. It can be improved by: using error correcting codes, adding synchronisation mechanism to provide usual synchronous/asynchronous read and write operations, (it is straightforward, but decreases speed) (done, thought not shown here) self-adjustment of M during communication. 18

Conclusions Understanding its mechanism we can prevent its usage: not allow anyone to use DNS server, delay and/or reorder consecutive DNS responses (e.g. on a firewall). Time based protocol allows to find out some information about the network topology and settings, to make DNS fingerprints. 19

Thank you...

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information