What is DNS poisoning (DNS spoofing)?

DNS poisoning (DNS spoofing) is a technique that hackers use. It imitates another device, user, or client. It acts as a cover, which makes it easier to disrupt the regular flow of traffic or reach protected information.

The attackers remodel a Domain Name System (DNS) into a spoofed one. So, when a client wants to visit a website, they will be directed to a completely different site, rather than opening the legitimate destination they requested to visit. Users usually don’t even understand that they have reached a fake site. That is because they are designed as same as the original site without any major differences.

After the attack is initiated, the traffic is directed to the non-legit server. Therefore hackers are capable of performing malicious actions, such as man-in-the-middle attacks and steal sensitive information. Another scenario is installing a virus to the victim’s computer and cause a lot of damage. Even further, they can place a worm to expand the harm to more devices.

How is DNS poisoning so dangerous?

DNS poisoning poses risks to organizations and also to individuals. Maybe the biggest risk is that once a device has become a victim of DNS poisoning, it is very challenging to solve the issue. This is because the poisoned device will continue to go back to the forged site. Besides, the DNS poisoning attack is very hard to be detected by a user. The attackers direct the traffic to a very similar website. In this situation, the visitor doesn’t identify that there is something wrong. The user inputs their sensitive information as usual and doesn’t realize that they exposed themselves to severe risk.

Here are some of the severe dangers that this type of attack includes:

  • Robbery

With DNS poisoning, it is easy for attackers to steal sensitive information. For example, logins for protected sites – banks, organizational systems, or information about house proprietary. The personally identifiable information is also valuable, like social security numbers or information details about payments.

  • Malware and viruses

After a visitor is led to a forged website, for the attackers is possible to access and install a host of viruses and malware to the users’ device. It includes a virus designed to harm their device and also other devices with which it interacts. On the other hand, the malware provides the attackers continuous access to the device and the information inside it.

  • Security blockers

With DNS poisoning, malicious actors can cause critical damage in a long time period. This happens through redirecting the traffic from security providers to block devices from getting essential updates and patches that keep the strong security. In this way, the devices are becoming more defenseless through time. So like that, the door is open for various other kinds of attack, such as Trojans.

What are appropriate protective measures against it?

There are possible ways to protect the resolution of the DNS name from being tampered with. As an example, by implementing DNS cookies that secure the integrity and authenticity of clients, DNS queries can be protected. Also, the servers and the information which is transferred between them. Another thing that can help with protecting against DNS spoofing is implementing a DNSSEC technology.

To create DNS tampering even more difficult, it is essential to use well-maintained and up-to-date software on routers, name servers, and all kinds of devices. This is because the weaker points for attack performed by attackers and malware are far less on the patched system.

Internet is a really large network. The current amount of interconnected networks, devices, servers, routers, data centers, etc., is massive. So it is the amount of information exchanged every day. If we could visualize all the data packets traveling worldwide every single second, the image could be really astonishing.

This constant transit and interaction of components for sure need order. Fortunately, the Internet’s creators took proper actions to avoid chaos, like developing the Internet protocol (IP) that was officially incorporated into the ARPANET (Internet’s ancestor) in 1983. The original version of such IP is exactly the IPv4 address. 

What’s IP?

The Internet protocol is a set of rules for communicating online. It’s in charge of ruling the format of the data moved across networks and the Internet. It also routes and addresses data packets to deliver them to their correct destination through the use of IP addresses. 

What’s an IP address? 

An IP address is an identifier for most of the components involved in a network. Devices, your computer, laptop, smartphone, etc., will need a private IP address to connect to a private network. When you connect to the Internet, you receive a public (also called global) IP address supplied by an Internet service provider (ISP). Servers also have a public IP address to operate.

Through IP addresses, the Internet identifies participants (devices) involved in every communication. IP addresses also provide their location in the network and make machines accessible to communicate and exchange data.

IPv4 address – definition.

IPv4 address is the addressing method that IPv4 uses. It is a numerical string formed by four groups of numbers (between 0 and 254), divided by dots. Example: 224.67.110.13. It’s a 32-bit address. 

IPv4 address is a connection-less protocol. Therefore it doesn’t need a previous arrangement between the endpoints (two) to operate. In other words, devices can send data to a recipient without checking its availability first. 

IPv4 defines packets’ format, addresses, and routes data. A lot of data is communicated every second on the networks. IPv4 can detect if those data are too big for being transferred to their destination. Then another protocol can divide them into smaller pieces, easier to be transported. After the IP address of their destination will be written on every data packet. Their route will also be defined. And here, their travel through routers, nodes, etc., starts until they hit their destination.

Devices need IPv4 addresses to connect to a network and being allowed to use its resources. Via IPv4, devices also can be identified and located on a network.

No matter its age, IPv4 is still a very popular IP version. Its replacement is ready and working, the IPv6. But to make, the whole transition until we don’t use IPv4 anymore is taking time. 

Pros of IPv4 address.

IPv4 addresses’ structure involves fewer numbers than the ones offered by the new version (IPv6). This reduces the margin of human errors during manual tasks.

Wider compatibility. Old and new systems support this version very well. Only new devices support IPv6.

Its topology is simpler and easier to use on networks.

Cons of IPv4 address.

IPv4 header allows a maximum of 60 bytes (typical 20). You can’t include many parameters.

There’s a shortage of IPv4 time ago. Due to this, the world is in transit to IPv6.

The still high demand for IPv4 and the lack of offer can drive you to pay a lot for it.

Conclusion.

Many administrators still prefer IPv4, but the need for IP addresses grows massively every day. Soon we will have to adhere to the new protocol. Meanwhile, well-done IPv4! 

Imagine you have an e-commerce site about shoes. One of your models has run out of its black-colored variant, but you still have gray. Your clients could be interested in the other color, but what can you do to direct them to it instead of showing a “temporary out of stock” message? Or what happens if you completely stopped selling this model? Wouldn’t it be nice if you can redirect the traffic to another page and not lose clients? Let’s see the 301 redirect vs 302 redirect comparison now!

HTTP status codes

There are different HTTP status codes that will indicate a problem or show you an important message. In our case, we will see two examples of 3XX status codes that are responsible for redirecting. They will show what the client should do to finish the request.

301 Redirect

The 301 Redirect is the permanent redirect, and it is used when you want to redirect the traffic going from one URL to another URL permanently.

You have website.com/page1, and you set 301 redirect to website.com/page2. Now all the visitors to 

website.com/page1 will be automatically redirected to website.com/page2

If we use the case from the beginning, you can redirect the traffic from an item on your online shop to another category or the home page if you won’t sell it anymore. That way, the visitors won’t see an error 404 page not found, and there is a good chance they will still browse your site. 

301 Redirect is also very useful when you have permanently changed the location of an URL. Imagine if you had your blog in a subdomain (blog.yoursite.com), but after a change on your site, now you have it as a category (yoursite.com/blog). Now you can redirect the articles that you already have from blog.yoursite.com to yoursite.com/blog

The same 301 redirect can be used when you move to a new domain. You can redirect everything from the previous one to the new one. 

Google, as well as most other search engines, understand 301 redirect and start indexing the new page, so it has SEO significance. 

302 Redirect

The 302 redirect is a temporary redirect, and it is used when you want to redirect the traffic going from one URL to another URL temporarily. 

You have website.com/page1, and you set 302 redirect to website.com/page2.

Now all the visitors to website.com/page1 will be automatically redirected to website.com/page2. But the difference here is that Google, and the rest of the searching engines won’t start indexing the second URL and will keep the first one in their indexes. 

In our case with the e-commerce shop, you can use the 302 redirect to point the traffic from a “temporary out of stock” item like the black shoe model to another that you still have in gray. Your visitors will automatically move to the second page, and there is a good chance they will buy the slightly different variant. 

Another very common use of the 302 redirect is for marketing purposes. You can create short URLs and use them to count visitors on each of the links that you can use in a different way. You can do A/B testing of 2 or more versions of a campaign and put a higher budget on the more successful one. 

Conclusion

So, when we are comparing 301 redirect vs 302 redirect, the most important points that we must learn are that 301 redirect is permanent and the search engines will start indexing the page it leads to, while the 302 redirect is temporary and search engines won’t index the second page. 

The Ping command explained.

Ping command is an easy-to-use network utility tool with a command-line interface. When you type different commands, you can test many parts of your network, such as the router, computer on the network, a selected domain, or IP address.

The ping command benefits from using ICMP (Internet Control Message Protocol). When you want to make a check, you have to choose a target. In addition to that, you can add options, such as the number of packets, timeout limits, continuous pinging, IPv4 or IPv6, etc.

You will receive an answer with statistics.

The ICMP request is a small packet of data, which your device will send to the target. The target has to bounce it back and provide a response for every ping.

The ping command is available on macOS and Linux within the Terminal application. On Windows, you can use it through the Command Prompt.

Why use it?

  • Connectivity test. – Using applications or systems on network connectivity is essential. A fast ping proves that the two devices can communicate.
  • Troubleshooting. – Each echo response gives clues for identifying and solving problems. For example, if the echo response takes a longer time to arrive, this can show a routing problem, congestion, or sluggishness on the network.
  • Monitoring. – You can check the devices’ availability on a network and the network’s performance through a ping.

How to test with the ping command?

First, let’s observe how to use the ping command on Linux or macOS. Also, let’s check some examples.

For this case, open the Terminal application. If you use Windows, you will have to open the Command Prompt for completing the commands.

*For our purposes, we will use IP addresses, which are just an example, and exampledomain.com. Please feel free to change the text and use the samples with the domain or device (IP address) you want.

Basic Ping command. – You are capable of checking if you can reach the target. This allows you to see if you, or the machine you are testing, are connected. The result will be constant ping on Linux or macOS. You can stop it with Ctrl-C. The other possible case on Windows is receiving 4 replies and statistics if there are no problems.

ping exampledomain.com

For constant ping on Windows, you have to apply an additional option “-t.” The ping that you have to make is:

ping -t exampledomain.com

You can send a higher number of ping requests or a custom number of requests. For example, on Windows, you can perform more than 4 requests. And a particular amount of requests on macOS/Linux.

For Linux/macOS

ping –c 8 exampledomain.com

For Windows

ping –n 8 exampledomain.com

You can establish an interval between the pings. Between the requests, you can arrange time in seconds. 

Linux/macOS

ping -i 20 8.8.4.4

You can establish a timeout period. It is in seconds, commonly to stop the ping command on macOS/Linux.

ping –w 50 exampledomain.com

You can receive the statistics only on your ping request. And not revealing the individual pings.

macOS/Linux

ping –q exampledomain.com

You can arrange the packet’s size to the amount that you require. On Linux and macOS, the default is 56 bytes. On Windows is 32 bytes.

Let’s put in example 112.

macOS/Linux

ping -s 112 exampledomain.com

We could not skip one of the essentials – the DNS CNAME record- to expand the information about Domain Name System records. So let’s dive in and explain a little bit more about it.

DNS CNAME record explained

Another way that the DNS CNAME record is also known as the canonical name record. It has a very specific role. Which is to define one domain name is just a different way to receive the primary hostname. This host name is also known as the canonical domain. Through you are able to benefit from the CNAME record. You can use it for different results and many purposes, but the appropriate way of applying it is for subdomains.

Simply directing your subdomains to your primary domain is the perfect case of using the CNAME record. 

There is one thing that you should remember for the DNS CNAME record. If you have such a record already created for one hostname, it will not give you the chance to import any other DNS records for that specific hostname. If you desire to have an action similar to this, directing one hostname to another but also adding more records, such as MX records, you can use the ALIAS record. And that will help you achieve this goal.

Structure

The DNS CNAME record is a simple text file with several elements inside it:

  • Host – The current hostname. Here it can be a subdomain or service that you want to direct to the actual host. 
  • Type – CNAME. Here is the type of DNS record that you want to apply.
  • Points to – Here, set the actual canonical name. You are capable of importing several CNAME records, which are from several subdomains to the accurate one. 
  • TTL – This is the time period that displays how long will be cached the cache data on the recursive DNS server

Example of the DNS CNAME record 

  • Host: www.example.com
  • Type: CNAME
  • Points to: example.com
  • TTL: 1 Hour.

You can use DNS CNAME for:

  • To guide usual subdomains and such ones that are for services like FTP or email to the primary host. 
  • Content Delivery Networks (CDN) can benefit from DNS CNAME records to better coordinate the traffic. A query, which is for the original server, can be guided to a CNAME record. Which is a component of the CDN, and it will provide back a result, which will fit the user best.
  • When one company owns many websites, the DNS CNAME record can be beneficial to point all of them to just a single one. 

CNAME record VS ALIAS record

The DNS CNAME record can point one name to another hostname. It is important only to be applied when there are no other records for that hostname. On the other hand, the ALIAS record also leads a name to another hostname. The difference is that the ALIAS record is able to coexist with other records on that hostname. The ALIAS record is also possible to be added for the root domain. 

Conclusion.

The DNS CNAME record is really beneficial. Just make sure you use it the right way.

Optimization is a constant task for website owners. It’s totally required to enhance key aspects of your online business, like speed. High speed is a gold value on the Internet. It really influences your chances of succeeding or not. 

Here you have six effective recommendations to speed up your website.

A minimalist website reduces HTTP requests. 

A fast website’s loading is vital for users not to get impatient and abandon it. If a site’s composition has too many elements, it will take more time to complete the loading. Remember that an HTTP request is required to load every element (text, images, themes, videos, animations, ads, etc.).

A minimalist and neat website is easier to navigate and so much faster to be loaded. Check how many HTTP requests every page on your site makes and eliminate the excess.

Files’ minification accelerates speed.

Your website’s look is defined by CSS (cascading style sheets), JavaScript, and HTML (hypertext markup language) files. All these files also cause HTTP requests.

Unnecessary items and code (whitespace, format, indentation, line breaks…) are slow to download.

Minification means reducing markups and code in the script files in all your web pages. By minifying, you will remove pointless items and re-write code to make files smaller, therefore faster to load.

Get an efficient caching plugin. 

Every request of your website means all the files that integrate it must be asked to a server to be loaded for the user. A caching plugin saves the final view of the website to deliver it faster to every upcoming user and without generating it from the beginning every time. 

Media files optimization. 

Optimization of images involves different actions that will result in less disk space and bandwidth, lighter, easier, and quicker to load web pages. Resize the dimensions and adjust their quality by compressing them. Choose a light format (JPEG, PNG, HEIF…). Consider helpful resources like the lazy load of images. Images contained in a web page will be loaded until the user scrolls them, not all simultaneously. 

Speed DNS response time. 

Loading’s speed also involves the time that it takes to answer the DNS lookup. When a user’s browser requests your website, domain name system (DNS) machinery gets engaged. A recursive server will search for the corresponding IP address of your domain. Without it, the site can’t be loaded. If this server finds it in its cache, it will answer the user’s request immediately. If it is not there, the recursive will need to ask another server until it gets the necessary DNS information for loading the website.

Get a DNS service with multiple servers that can cover your target markets’ locations. If your market is Europe, but your DNS server is in the U.S., response time for your users’ requests will take longer than if that server is geographically closer to them. A shorter travel distance of the DNS query means faster loading.

To have multiple servers also will provide you redundancy, 100% up-time. If a server gets down, your website will be available because other servers can keep responding to users’ requests. 

Choose wisely your hosting provider.

What you need is enough resources depending on the size and needs of your website. An international business with big loads of traffic will require a faster plan with a lot of dedicated resources. Don’t forget to check the servers’ location. Again it’s key that they are as close as possible to your target market. That way, your website will be loaded fast.

Conclusion.

Fast speed is key to offer a positive experience for users. It influences the way search engines to rank your business. Don’t waste time! Boost your website’s speed, and leave your competitors biting the dust! 

Nslookup explained.

Nslookup is a very practical network administration command-line software. It is very useful, and it has a simple interface. Its name breaks to “ns” for nameserver and “lookup” for querying it. Primarily is used to find the IP address that corresponds to a host. Also, for a process called “Reverse DNS Lookup,” which is the domain name that matches an IP address. You can use it from the Terminal. Check domains, devices/IP addresses, or DNS records. It is available on the traditional computer operating systems Linux, macOS, and also Windows. 

For most Linux distros, it comes pre-installed, so you don’t have to download it by yourself. Network admins enjoy it because it also has extra options to adjust the query by picking a port, timeout period, and more. This command comes up with a clean and simple answer. 

You will receive the IP address – when you checked the domain.

Or you will receive the domain – for Reverse Lookup.

The command will tell you that and information such as if the answer comes from an authoritative or non-authoritative server. 

For what is it used?

Nslookup is appropriate in different situations. The command-line program is an essential tool when resolving DNS problems. 

  • A data query helps detect the cause of the issue.
  • Check if all involved servers are converted in the domain name system properly. 
  • When several subdomains are involved, you can check for connection problems.
  • Search for mail servers (SMTP, POP, IMAP) for the domain. Nslookup shows the servers based on the MX records that belong to the email provider’s domain. These records contain the IP addresses and names of the provider servers.

Nslookup guide

Try it Nslookup command with these examples of general use cases:

  • The A record of a domain (shows IP address)

nslookup example.com

You will see the address of the domain. 

  • The NS records of a domain (the authoritative nameserver)

nslookup -type=ns example.com

You will see which are the non-authoritative and which is the authoritative nameserver.

  • The SOA record of a domain (start of authority)

nslookup -type=soa example.com

This record will provide you the start of authority and general technical information about the zone.

  • The MX record, information about the email exchange

nslookup -query=mx example.com

View the MX records of the mail servers. 

  • See all DNS records of the domain.

nslookup -type=any example.com

You can also make a more general query, and you will see all available DNS records. 

  • Check a specific name server.

nslookup example.com ns1.nsexample.com

You can also perform a query and see data for a particular name server. You will see the domain name, IPv4, and IPv6 addresses. 

  • Reverse DNS lookup

nslookup 11.22.33.44

Make sure that an IP address is matching the domain. Do a reverse DNS lookup and verify it. 

  • Check a domain through a specific port.

nslookup -port=51 example.com

The same, but the difference is that we are doing it through port 51. You can replace the number with the port that you like. 

  • Check a domain with a specific reply timeout interval.

nslookup -timeout=20 example.com

You can change the reply timeout interval. Here is set to 20 seconds, but you can extend to more time or shorten it to less. You are giving more time to the name servers to respond if you increase it. 

  • Activate the debug mode

nslookup -debug example.com

The debug mode will provide a lot more information. Further data will be given both for the question and the answer to the query. 

Using a Dynamic DNS could be very beneficial for many people. Simply this DNS service is an automatic method for refreshing the new IP addresses. A static IP address might be very pricey. So let’s explain a little bit more about Dynamic DNS and what are the benefits of using it.

Dynamic DNS explained.

Dynamic Domain Name System is also called DDNS or Dynamic DNS.

The standard DNS links domain names to IP addresses through A or AAAA DNS records. The advantage of having Dynamic DNS is that it automatically updates and changes the host’s IP address. Even if its IP address changes, the visitors can reach it.

Dynamic DNS is a simple to use service. It lets you reach your hosted services easily when your ISP changes your IP address. For example, you can have a web hosting server, mail server, database server, or use your home network for CCTV cameras with DDNS. 

Why would the ISP change your IP address? The truth is that it is easier to administrate the network that way. The IP addresses are leased to the clients for a particular amount of time. This task is assigned to a DHCP server, which the ISP relies typically on. So when that limited time finishes, customers will receive a new IP address.

The Dynamic DNS is an easy-to-use and easy to set up solution. It is usually free and serves nearly every scenario.

How does Dynamic DNS work?

If you want to implement DDNS, you have to sign up with a Dynamic DNS provider. After that, you have to install their software on the host computer. It applies to that exact computer that is managed as the server, like a web server or a file server. 

The software watches the dynamic IP address for changes. When it detects a difference in the address, it reaches the DDNS service to update your account with the new IP address. 

The DDNS software has to be constantly running and able to identify a change in the IP address. Thus the DDNS name you have associated with your account will proceed to direct clients to the host server despite the fact that the IPs could change a severe number of times.  

If you have files that you want to be able to access no matter at what location you are, a Dynamic DNS service becomes a requirement. Also, another case would be if you want to host your website from home, you like to manage your home computer network from a distance, you like to remote into your computer when you are away, or whatever other similar reason.

A Dynamic DNS service is unnecessary for networks with static IP addresses. After the IP address is initially told the first time, the domain name doesn’t need to ask a second time. The reason is simple – static IP addresses don’t change.

Benefits from using it

Holds you online. It will decrease downtime by auto-update the IP addresses. So, the devices or services will still be available through the net.

Easy-to-use. You need to set it up once. For example, for IP cameras for monitoring. You will have to set up your router by going to settings and putting the user and the password for your Dynamic DNS service. 

More affordable than static IPs. It will be much cheaper to pay for just one DDNS service if you have several devices. To pay for every static IP address could be pricey.