Pull to refresh
4.33

DNS *

Domain Name System

Show first
Rating limit
Level of difficulty

The Implementation of a Custom Domain Name Server by Using С Sockets

Reading time 5 min
Views 3.6K

We describe the implementation of a custom Domain Name System (DNS) by using C socket programming for network communication, together with SQLite3 database for the storage of Internet Protocol (IP) for Uniform Resource Locator (URL). Then we provide a performance analysis of our implementation. Our code is available publicly [1].

Read more
Total votes 5: ↑4 and ↓1 +3
Comments 0

What is going to happen on February 1, 2020?

Reading time 4 min
Views 8.2K
TL;DR: starting February 2020, DNS servers that don’t support DNS both over UDP and TCP may stop working.

Bangkok, in general, is a strange place to stay. Of course, it is warm there, rather cheap and some might find the cuisine interesting, along with the fact that about half of the world’s population does not need to apply for a visa in advance to get there. However, you still need to get acquainted with the smells, and the city streets are casting cyberpunk scenes more than anything else.

In particular, a photo to the left has been taken not far from the center of Thailand’ capital city, one street away from the Shangri-La hotel, where the 30th DNS-OARC organization meeting took place on May 12 and 13. It is a non-profit organization dedicated to security, stability, and overall development of the DNS — the Domain Name System.

Slides from the DNS-OARC 30 meeting are recommended for everyone interested in how the DNS works, though perhaps the most interesting is what is absent in those slides. Namely, a 45-minute round table with a discussion around the results of DNS Flag Day 2019, which occurred on February, 1, 2019.

And, the most impressive result of a round table is the decision to repeat DNS Flag Day once again.
Read more →
Total votes 25: ↑24 and ↓1 +23
Comments 0

Automatically obtaining SSL certificates by Let's Encrypt using DNS-01 challenge and AWS

Reading time 5 min
Views 5.6K

This post describes the steps needed for setting up automatic SSL certificates creation and renewal, using Let's Encrypt as the automated Certificate Authority, which provides a well-maintained API.
acme-dns-route53 is the tool to obtain SSL certificates from Let’s Encrypt using DNS-01 challenge with Route53 and Amazon Certificate Manager by AWS. acme-dns-route53 also has the built-in functionality for using this tool inside AWS Lambda, and this is what we are going to do.

Read more →
Total votes 11: ↑10 and ↓1 +9
Comments 0

DoT for RPZ distribution

Reading time 2 min
Views 1.4K
Just a few months ago there were a lot of buzz because IETF in expedited time frame (about one year) accepted DNS over HTTPS (DoH) as a standard (RFC-8484). The discussions about that are still going on because of its controversy. My personal opinion is that DoH is good for personal privacy (if you know how to use it and trust your DNS provider) but it is a security risk for enterprises. DNS over TLS (DoT) is a better alternative for enterprise customers only because it uses a well-defined TCP port but for personal privacy it is not good because of the same reason (easy to block).
Read more →
Total votes 14: ↑14 and ↓0 +14
Comments 0

Authors' contribution