Domain Name System. Translates IPs to domain names like 192.168.1.1 to router.lan and visa versa.
DNS querying can be either recursive or non-recursive.
Recursive. ISP DNS server queries other DNS servers until it finds the answer. Once it’s found, it’s returned by the ISP DNS to the client.
Non-recursive. ISP DNS is not involved? Response comes directly from the DNS server queried the last. So, who has asked initially, would be shown in the last DNS server’s logs ð.
DNS poisoning
DNS redirection
In case a malware beacons to its server via DNS, you have two options to trick it:
- tamper the hosts file
- run a local DNS service that’s going to resolve the requested domain names to the IP addresses of your choice.
DNS Cache
Windows
DNS Leak
See here.
References
[1] Once upon a time in the West: a story about DNS attacks