click below
click below
Normal Size Small Size show me how
Name Resolution
cnit 242 exam 1
Term | Definition |
---|---|
what is name resolution? | Name resolution converts between human names and network addresses |
forward and reverse resolution? | • Forward resolution goes from names to addresses ○ www.purdue.edu →128.210.7.200 ○ Server1 → 10:F4:AB:00 • Reverse resolution goes from addresses to names ○ 10.2.1.1 → dc1.cit.lcl |
NetBIOS names | Used in Microsoft file and print sharing •names are used in the SMB (Server Message Block) protocol •Also known as CIFS - Common Internet File System |
DNS names | • Used for Ips and hosts • Also used in Microsoft AD |
How should computers be named? | A computers NetBIOS name and DNS hostname are independent ○ They should be set to the same value |
Why is naming important? | • The word domain means nothing if there is not a modifier in front of it ○ DNS Domain? ○ Active directory Domain? |
what is a hostname? | • Name of a computer in human readable characters • DNS allows it to be up to 255 characters • Equivalent to a computer's first name |
what is a namespace? | • Name of a domain - not specifically an AD domain though • Logical set of hosts signified by a name controlled by a set of name servers. Equivalent to the computer's last name • Example.com is the namespace for hosts in the example.com domain |
what is the FQDN? | • Fully Qualified Domain Name • Hostname appended to the namespace - such as EC01.example.com (first name.last name) |
what is the HOSTS file? | • Text file that helps computer know static maps of hostnames to Ips • Located in (c:\windows\system32\driver\etc) |
what is the Name Server? | • DNS server that resolves FQDNs to IP addresses • Controls namespaces for specified domains • Control namespaces for specified domains • Resolve requests for that namespace from DNS clients throughout the network |
DNS Name Space Structure | • hostname.subdomain(s).top_level_domain ○ Up to 127 levels of domains (separated by dots) ○ Up to 63 characters per host/domain |
DNS Name authority | Authority is handed down from top level to lower levels ○ ICANN manages the top level (root) domains -Traditional - edu, com, gov, mil, org, county codes ○ Newer - biz, info, name, pro, aero, coop, museum |
lover level domains | • Lower level domains ○ The holder of a second level domain holds authority over that domain and all created sub-domains ○ Sub-domains can be created at will |
what is NetBIOS? | • Legacy – still part of newer Windows operating systems though (usually for workgroup computers) • NetBIOS is supported over multi-layer 3 protocols ○ NetBIOS Frames protocol (NETBEUI) ○ IPX/SPX ○ TCP/IP -Known as NBT (NetBIOS over TCP/IP) 10 |
NetBIOS Names: | NetBIOS names are 15 user defined characters - Alphanumeric characters excepts ( \ / : * ? " | + _ ) A 16th character is appended to the end that denotes the service on the host to which the name refers |
NetBIOS names and domains | • before AD, Microsoft domains were NetBIOS based --The domain was a separate NetBIOS name --All NetBIOS supported layer three networks were available • AD default uses DNS for NR but NetBIOS is supported as a legacy option(with limitations) |
what is DNS? | Domain Name System • IETF Standard, starting from RFC 881* (Nov, 1983) • Defines a hierarchical naming system • Technically supports both IP and IPX addresses although only IP addresses are used in practice |
DNS history | • originally a static approach --hard coded list of names and IPs --worked with manual IP configs but not with dynamic configs (ex DHCP) BOOTP is 1 to 1 mapping of host to IP DHCP dynamically assigns IP based on available pool |
DNS process to handle name resolution query | • workstations run DNS resolver service -checks internally first from DNS cache and hosts file, then sends query to local DNS server -if local server can't resolve itself, makes iterative queries to locate the authoritative name server for target domain |
what is an authoritative domain? | • a server that is authorized and trusted to resolve names accurately for a DNS zone |
DNS caching | • local DNS resolvers and each DNS server save results from each query-speeds up later queries •time to keep cached entries varies-determined by authoritative server zone, reduces DNS overhead at cost of limiting IP address changes |
clearing DNS cache | •in windows, local DNS cache can be cleared with ipconfig /flushdns command --useful if you have bad DNS information in cache |
dynamic DNS (DDNS) -In an AD environment, disable NetBIOS to reduce security threats after DNS configured | •allows DNS clients to register hostnames in assigned namespace such as DHCP •reduces need of admins to manually enter records in the name server databases •essential part of DNS supporting AD |
what is dynamic DNS helpful? | •manual DNS record updating was immense work for sys admins •client queries Start of Authority (SOA) record for DNS namespace tell it what server can accept NDS •client does rever lookup with IP, then make DDNS request matched server |
Updating records in DDNS | •when DC in AD receives request, it modifies SOA record with its own name •DC can modify AD database, if update process fails, DC tries to find other name servers to perform the update •need DHCP server to make DDNS work (also SRV) |
service records | SRV records-key to workstations and servers finding DC |
SRV values | •Service Name: stand value often written with _gc. equal to hostname, added to service FQDN •Server FQDN: server that provides service •Port: where service is available (_TCP/_UDP) •Priority-1st prior •Weight-tiebreaker for prior(0 for no concern) |
SRV records | ‣ _gc, global catalog: LDAP service to look up data within the global catalog ‣ _kerberos: authentication process ‣ _kpassword: Another part of the authentication process ‣ _ldap: LDAP service to look up data within the domain -done by DC |
DNS Security | •in its current state, DNS has no security --vulnerable to DNS request spoofing, cache poisoning, and pharming •DNSSEC exists -attempt to stop attacks on DNS •validates DNS records and signs an encryption key |
DNS troubleshooting tools -Windows | • nslookup --comd line tool to perform DNS-related tests • ipconfig -- /displaydns -show what's in resolver cache, /flushdns -option clears local cache |
DNS troubleshooting tools -Internet | • whois-available to all DNS registrars-shows owner/nameserver IP address for domain • ARIN (American Registry for Internet Numbers) -find owner of IP address |