When you say Domain Name System (DNS), you might think, naturally enough, of domain names and the technical details of running your Internet connection. You might be concerned about denial of service attacks on your website, or someone hijacking and defacing it.
While those certainly matter, DNS isn't just for looking up Web URLs any more; it's used by software to check licences, by video services to get around firewalls and, all too often, by hackers stealing data out from your business. Plus, your employees may be gaily adding free DNS services to their devices that, at the very least, mean you're not in full control of your network configuration. It’s a fundamental part of your infrastructure that’s key to business productivity, as well as a major avenue of attack, and you probably have very little idea of what’s going on.
DNS is the most ubiquitous protocol on the Internet, but it’s also probably the most ignored. Data Leak Protection (DLP) systems that check protocols used by email, web browsers, peer-to-peer software and even Tor, often neglect DNS. “Nobody looks much at DNS packets, even though DNS underlies everything,” says Cloudmark CTO Neil Cook. “There’s a lot of DLP done on web and email but DNS is sitting there, wide open.”
To continue reading this article register now