Internet Domains
2 likes2,004 views
The document discusses Internet domain names and the Domain Name System (DNS). It explains that domain names have a hierarchical tree structure with top-level domains like .com and country-specific domains like .uk. DNS servers convert domain names to IP addresses, allowing communication between devices on the Internet. The DNS hierarchy is managed by organizations like ICANN and domain name registries to coordinate a globally unique addressing system.
![A typical mail header may look like this:
Return-Path: <ph10@cus.cam.ac.uk>
Received: ursa.cus.cam.ac.uk (cusexim@ursa.cus.cam.ac.uk [131.111.8.6]) by
al.animats.net (8.9.3/8.9.3/Debian 8.9.3-6) with ESMTP id WAA04654 for
<terry@animats.net>; Sun, 30 Jan 2000 22:30:01 +1100
Received: from ph10 (helo=localhost) by ursa.cus.cam.ac.uk with local-smtp
(Exim 3.13 #1) id 12EsYC-0001eF-00; Sun, 30 Jan 2000 11:29:52 +0000
Date: Sun, 30 Jan 2000 11:29:52 +0000 (GMT)
From: Philip Hazel <ph10@cus.cam.ac.uk>
Reply-To: Philip Hazel <ph10@cus.cam.ac.uk>
To: Terry Dawson <terry@animats.net>, Andy Oram <andyo@oreilly.com>
Subject: Electronic mail chapter
In-Reply-To: <38921283.A58948F2@animats.net>
Message-ID: <Pine.SOL.3.96.1000130111515.5800A-
200000@ursa.cus.cam.ac.uk>](https://image.slidesharecdn.com/hu0iaqw2slmd04iy4o89-signature-cd8ecd5b5dfde0a3b303daa66c44856412c9d6cb2cd34514d68cefadeef76e9a-poli-150905074055-lva1-app6892/85/Internet-Domains-21-320.jpg)
Internet Domains
- 1. Internet Domains The Domain Name System The Domain Name Service The Domain Name Space DNS
- 2. Internet host name Internet domain names are hierarchical in nature, that is, they have a tree-like structure. A `domain' is a family, or group of names. A `domain' may be broken down into `subdomain'. A `toplevel domain' is a domain that is not a subdomain. The Top Level Domains are specified in RFC-920. .COM Commercial Organisations .EDU Educational Organisations .GOV Government Organisations .MIL Military Organisations .ORG Other organisations .NET Network Country Designator are two letters codes that represent a particular country.
- 3. Each top level domain has subdomains. The top level domains based on country name are broken down into subdomains, so for example you end up with: .ac.uk, .co.uk. The next level of division usually represents the name of the organisation: .brad.ac.uk, .theinternetwebshop.co.uk Often the next level of subdomain is based on the departmental structure of the organisation but it may be based on any criterion considered reasonable and meaningful by the network administrators for the organisation: .eesf.brad.ac.uk, .eimc.brad.ac.uk The very left-most portion of the name is always the unique name assigned to the host machine and is called the `hostname', the portion of the name to the right of the hostname is called the `domainname' and the complete name is called the `Fully Qualified Domain Name‘: www.inf.brad.ac.uk
- 4. Internet Corporation for Assigned Names and Numbers (ICANN) http://www.icann.com/ What Does ICANN Do? To reach another person on the Internet you have to type an address into your computer -- a name or a number. That address must be unique so computers know where to find each other. ICANN coordinates these unique identifiers across the world. Without that coordination, we wouldn't have one global Internet.
- 5. www.internic.net: The InterNIC® web site is a public information resource for Internet users worldwide. It provides information on the domain-name system, the domain-name registration process, and domain-name registrars. To access information regarding registered domains, go to the Registry Whois. For Whois information about country-code (two-letter) top-level domains, try Uwhois.com. http://www.whois.net/ http://www.betterwhois.com/ http://www.nic.uk/ Nominet UK is the registry for .uk internet names. Manages the authoritative database of .uk domain name registrations. A not-for-profit company - has members instead of shareholders. Nominet is officially recognised as the .uk domain name registry by the internet industry, users and the UK Government.
- 6. DNS You will need to know what domain your hosts name will belong to. Eg .eimc.brad.ac.uk The name resolver software provides this name translation service by making requests to a `Domain Name Server', so you will need to know the IP address of a local nameserver that you can use. Eg. 143.53.238.5 The Domain Name Server converts machine names to IP addresses, so allowing messages to pass between machines in a format they understand. http://en.wikipedia.org/wiki/Dns
- 7. /var/named/eesf.zon ;This file is used to resolve hostnames to IP addresses. The origin refers to the eesf.brad.ac.uk domain ; nameservers for eesf.brad.ac.uk domain IN NS d4bs.eesf.brad.ac.uk. $ORIGIN eesf.brad.ac.uk. d4bs IN A 143.53.138.20 dforbes IN A 143.53.138.10 ; services $ORIGIN eesf.brad.ac.uk. ftp CNAME d4bs.eesf.brad.ac.uk. www CNAME d4bs.eesf.brad.ac.uk.
- 8. Domain Name System http://en.wikipedia.org/wiki/Domain_Name_System Paul Mockapetris invented the DNS in 1983. The Domain Name System or DNS is a system that stores information about Internet host names and domain names. It provides an IP address for each host name, and lists the mail exchange servers accepting e-mail for each domain. Originally, each computer on the network retrieved a file called HOSTS.TXT from SRI - Stanford Research Institute(now SRI International), which mapped an address to a name. The system had inherent limitations, because every time a given computer's
- 9. address changed, every single system that wanted to communicate with that computer would need an update to its Hosts file. The host file is located in the following directories for each operating system: Linux and other Unix related operating systems - /etc Windows 95/Windows 98/Windows Me - C:windows Windows 2000/Windows XP - %SystemRoot%system32driversetc Windows NT - C:winntsystem32driversetc Mac OS - System Folder:Preferences or System Folder (Format of the file may vary from Windows and Linux counterparts) Blocking ads on the Internet with a list of ad server hostnames and IP addresses (http://pgl.yoyo.org/adservers/index.php)
- 10. Ad filtering: One useful ability of the host file is that it is capable of ad filtering. This is accomplished by adding a line to the file that contains 127.0.0.1 (home IP) or 0.0.0.0 (no IP). That way, when a internet capable program attempts to access the IP of an advertiser the ad is prevented from appearing. For example, if you wanted to block Doubleclick ads, you could add the following to your host file: 127.0.0.1 ad.doubleclick.net How the DNS works in theory The practical operation of the DNS system consists of three parts: * The DNS resolver, a DNS client program which runs on a user's computer, and which generates DNS requests on behalf of software programs; * The recursive DNS server, which searches through the DNS in response to queries from resolvers, and returns answers to those resolvers; * The authoritative DNS server which hands out answers to queries from recursors, either in the form of an answer, or in the form of a delegation (i.e. referral to another authoritative DNS server).
- 11. The DNS consists of a hierarchical set of DNS servers. Each domain or subdomain has one or more authoritative DNS servers that publish information about that domain and the name servers of any domains "beneath" it. The hierarchy of authoritative DNS servers matches the hierarchy of domains. At the top of the hierarchy stand the root servers: the servers to query when looking up (resolving) a top-level domain name.
- 13. DNS recursion http://en.wikipedia.org/wiki/Domain_Name_System * The process starts by the recursor asking one of these root servers - for example, the server with the IP address "198.41.0.4" - the question "what is the IP address for www.wikipedia.org?" * The root server replies with a delegation, meaning roughly: "I don't know the IP address of www.wikipedia.org, but I do know that the DNS server at 204.74.112.1 has information on the org domain." * The local DNS recursor then asks that DNS server (i.e. 204.74.112.1) the same question it had previously put to the root servers, i.e. "what is the IP address for www.wikipedia.org?". It gets a similar reply - essentially, "I don't know the address of www.wikipedia.org, but I do know that the DNS server at 207.142.131.234 has information on the wikipedia.org domain." * Finally the request goes to this third DNS server (207.142.131.234), which replies with the required IP address. This process utilises recursive searching.
- 14. Root nameserver http://en.wikipedia.org/wiki/Root_nameserver A root nameserver is a DNS server that answers requests for the root namespace domain, and redirects requests for a particular top-level domain to that TLD's nameservers. All domain names on the Internet actually end in a . (period) character -- that is, technically, Wikipedia is actually hosted on the domain "www.wikipedia.org." (try it.) This final dot is implied, and all modern DNS software does not actually require that the final dot be included when attempting to translate a domain name to an IP address. The empty string after the final dot is called the root domain, and all other domains (i.e. .com, .org, .net, .uk, etc.) are contained within the root domain. There are currently 13 root name servers, with names in the form letter.root-servers.net where letter ranges from A to M:
- 16. Letter Old name Operator Location A ns.internic.net VeriSign Dulles, VA B ns1.isi.edu ISI Marina Del Rey, CA C c.psi.net Cogent (http://www.cogent.com/) Herndon, VA D terp.umd.edu University of Maryland College Park, MD E ns.nasa.gov NASA Mountain View, CA F ns.isc.org ISC (http://www.isc.org/) Palo Alto, CA G ns.nic.ddn.mil U.S. DoD NIC Vienna, VA H aos.arl.army.mil U.S. Army Research Lab Aberdeen, MD I nic.nordu.net Autonomica (http://www.autonomica.se/) Stockholm J VeriSign Dulles, VA K RIPE London L ICANN Los Angeles M WIDE Project Tokyo the C, F, I, J and K servers exist in multiple locations on different continents There are quite a few alternate namespace systems with their own set of root nameservers that exist in opposition to the mainstream nameservers.
- 17. Alternate DNS root http://en.wikipedia.org/wiki/Alternate_DNS_root In addition to the Internet's main DNS root (currently consisting of 13 nominal root nameservers working in agreement with ICANN), several organizations operate alternate DNS roots (often referred to as alt roots). Each alternate root has its own set of root nameservers and its own set of top-level domains. Legal users of domains No one in the world really "owns" a domain name except the Network Information Centre (NIC), or domain name registry. Most of the NICs in the world receive an annual fee from a legal user in order for the legal user to utilise the domain name (i.e. a sort of a leasing agreement exists, subject to the registry's terms and conditions). Depending on the various naming convention of the registries, legal users become commonly known as "registrants" or as "domain holders". ICANN holds a complete list of domain registries in the world. One can find the legal user of a domain name by looking in the WHOIS database held by most domain registries.
- 18. Tools to hack DNS YoLinux: List of Linux Security and Hacker Software Tools http://www.yolinux.com/TUTORIALS/LinuxSecurityTools.html Unix tools track hackers http://insight.zdnet.co.uk/hardware/servers/0,39020445,2123102,00.htm http://www.antihackertoolkit.com/tools.html For DNS lookups use - 'dig' (domain information groper) or host -a 143.53.29.129 ns2.splice1.com or nslookup Note: nslookup is deprecated and may be removed from future releases. or http://www.dns.net/dnsrd/tools.html C:>nslookup 143.53.29.129 ns1.splice1.com Server: server4.splice1.com Address: 66.45.242.178 Name: d209.inf.brad.ac.uk Address: 143.53.29.129
- 19. Where is the site hosted? traceroute/tracert Is the site on-line? ping Is there a back door or way in? nmap How is the network routing configured? netstat -r Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 143.53.28.0 * 255.255.255.0 U 0 0 0 eth1 169.254.0.0 * 255.255.0.0 U 0 0 0 eth1 127.0.0.0 * 255.0.0.0 U 0 0 0 lo default Skipton.cen.bra 0.0.0.0 UG 0 0 0 eth1 How are the network cards configured? ifconfig/ipconfig http://www.networksecuritytoolkit.org/nst/index.html
- 20. What Is a Mail Message? A mail message generally consists of a message body, which is the text of the message, and special administrative data specifying recipients, transport medium, etc., as you see when you look at an envelope of a real letter.
- 21. A typical mail header may look like this: Return-Path: <ph10@cus.cam.ac.uk> Received: ursa.cus.cam.ac.uk (cusexim@ursa.cus.cam.ac.uk [131.111.8.6]) by al.animats.net (8.9.3/8.9.3/Debian 8.9.3-6) with ESMTP id WAA04654 for <terry@animats.net>; Sun, 30 Jan 2000 22:30:01 +1100 Received: from ph10 (helo=localhost) by ursa.cus.cam.ac.uk with local-smtp (Exim 3.13 #1) id 12EsYC-0001eF-00; Sun, 30 Jan 2000 11:29:52 +0000 Date: Sun, 30 Jan 2000 11:29:52 +0000 (GMT) From: Philip Hazel <ph10@cus.cam.ac.uk> Reply-To: Philip Hazel <ph10@cus.cam.ac.uk> To: Terry Dawson <terry@animats.net>, Andy Oram <andyo@oreilly.com> Subject: Electronic mail chapter In-Reply-To: <38921283.A58948F2@animats.net> Message-ID: <Pine.SOL.3.96.1000130111515.5800A- 200000@ursa.cus.cam.ac.uk>
- 22. This list is a collection of common header fields From: This contains the sender's email address and possibly the “real name.” A complete zoo of formats is used here. To: This is a list of recipient email addresses. Multiple recipient addresses are separated by a comma. Cc: This is a list of email addresses that will receive “carbon copies” of the message. Multiple recipient addresses are separated by a comma. Bcc: This is a list of email addresses that will receive “carbon copies” of the message. The key difference between a “Cc:” and a “Bcc:” is that the addresses listed in a “Bcc:” will not appear in the header of the mail messages delivered to any recipient. It's a way of alerting recipients that you've sent copies of the message to other people without telling them who those others are. Multiple recipient addresses are separated by a comma. Subject: Describes the content of the mail in a few words. Reply-To: Specifies the address the sender wants the recipient's reply directed to. This may be useful if you have several accounts, but want to receive the bulk of mail only on the one you use most frequently. This field is optional.
- 23. How Is Mail Delivered? Generally, you will compose mail using a mailer interface like pine. These programs are called mail user agents, or MUAs. If you send a mail message, the interface program will in most cases hand it to another program for delivery. This is called the mail transport agent, or MTA. On most systems the same MTA is used for both local and remote delivery and is usually invoked as a program such as sendmail. Local delivery of mail is, of course, more than just appending the incoming message to the recipient's mailbox. Usually, the local MTA understands aliasing (setting up local recipient addresses pointing to other addresses) and forwarding (redirecting a user's mail to some other destination). Also, messages that cannot be delivered must usually be bounced, that is, returned to the sender along with some error message.
- 24. Mail delivered over a network using TCP/IP, commonly uses Simple Mail Transfer Protocol (SMTP). SMTP was designed to deliver mail directly to a recipient's machine, negotiating the message transfer with the remote side's SMTP daemon. Today it is common practice for organizations to establish special hosts that accept all mail for recipients in the organization and for that host to manage appropriate delivery to the intended recipient.
- 25. Email Addresses Email addresses are made up of at least two parts. One part is the name of a mail domain that will ultimately translate to either the recipient's host or some host that accepts mail on behalf of the recipient. The other part is some form of unique user identification that may be the login name of that user, the real name of that user in “Firstname.Lastname” format, or an arbitrary alias that will be translated into a user or list of users. Internet sites adhere to the RFC-822 standard, which requires the familiar notation of user@host.domain, for which host.domain is the host's fully qualified domain name. The character separating the two is properly called a “commercial at” sign, but it helps if you read it as “at.”
- 26. How Does Mail Routing Work? The process of directing a message to the recipient's host is called routing . Apart from finding a path from the sending site to the destination, it involves error checking and may involve speed and cost optimization.
- 27. Mail Routing on the Internet On the Internet, the destination host's configuration determines whether any specific mail routing is performed. The default is to deliver the message to the destination by first determining what host the message should be sent to, and then delivering it directly to that host. Most Internet sites want to direct all inbound mail to a highly available mail server that is capable of handling all this traffic and have it distribute the mail locally. The Mail Exchanger is a machine that states that it is willing to act as a mail forwarder for all mail addresses in the domain.