DNS management becoming critical to businesses but poorly understood

By Shamus McGillicuddy, News Editor 09 Jul 2008 | SearchNetworking.com

Network management news, advice and technical information Digg This!     StumbleUpon     Del.icio.us

"DNS is one of those topic areas that I've always called a black art," said Robert Whiteley, senior analyst at Forrester Research. "It is very poorly understood, relative to how important it is."

DNS is essentially an immense, worldwide distributed database. DNS servers across the world help translate Internet domain names, which are comprehensible to humans, into the IP addresses that networks understand.

When a user goes into a Web browser and types a Web address such as SearchNetworking.com, the browser asks the operating system to translate the name into an IP address. The operating system first looks at the host file, then it looks at the local cache. If it finds nothing there, it goes to a local DNS server. If that server doesn't know, it moves on to local root servers and start of authority (SOA) servers.

"It becomes very complex very quickly," said Paul Parisi, CTO of DNSstuff.com, a provider of Web-based DNS management tools. "It's extremely large, so there are lots of points where people can make mistakes. Each one of these objects has a surface area for attack, and each one of these interfaces has a surface area of attack."

Enterprises usually maintain their own local DNS servers to connect their websites, email servers and other applications to the Internet. But these DNS servers have such a low profile in companies that DNS expertise becomes rare.

"Historically, DNS is one of those things that a lot of companies set up and then they kind of forget about it for a while," Whiteley said. "If you look at the vast majority of enterprise class DNS servers, they're these very old, aging bind environments running on Unix, Solaris or something like that. And people haven't touched their DNS infrastructure in quite some time. It's just worked."

However, new and popular networked technologies such as VoIP, Web services, SharePoint and Exchange use DNS, putting new stresses on those old DNS servers.

For more resources on DNS: DNS monitoring: If it's slow, everything is slow Ask Chris Partsenidis your DNS questions:

Then there's the possible use of DNS as a vector of attack by hackers. That possibility is becoming more and more of a reality. Late last month, a Turkish hacker group calling itself NetDevilz apparently hacked the DNS servers of the websites for IANA (Internet Assigned Numbers Authority) and ICANN (Internet Corporation for Assigned Names and Numbers), the international organizations that manage the DNS root zones and assign DNS roots. The same people had hacked the popular photo-sharing site Photobucket.com just a couple of weeks earlier.

"It certainly can be exploited," Whiteley said. "And a lot of companies don't recognize the exploits that they are susceptible to. Security IQ has kind of risen over the years, but this is a technology that has a history of being set-and-forget. A vast majority of companies do leave that open as a back door and don't even know it."

Whiteley said IP address management tools from companies like InfoBlox offer DNS management tools, but many companies aren't ready to invest in such products. "You're talking about an enterprise-class solution that isn't going to be right for everybody," he said.

Chris Harris, an email services expert, said he uses premium DNS management tools from DNSstuff.com to track the DNS information for his email servers. His company, Blackbaud, is a Charleston, N.C.-based provider of software and IT services for nonprofit organizations. Harris manages email servers for multiple nonprofits.

"If I'm having problems with a particular domain, I use their tools to figure out what's wrong, then work with our own folks or clients to resolve the issues," Harris said. "I don't have to worry about command line scripts and things like that to run certain tests. We had the ability to do some tests and check things on our own previously, but now when there is a problem, we can use the general DNSstuff toolset to diagnose problems at least twice as fast as we would on our own."

"There's not a lot of knowledge out in the market about [DNS]," said Rich Person, DNSstuff.com CEO. "It's in the heads of a couple of guys who live in command line. We're the third party that's able to take a general IT guy and show him how his customers are seeing his site."

Person claims that more than 1.2 million IT professionals visit DNSstuff.com every month to run tests on their DNS domains. Many of the website's tools are free, but a year ago the company started building premium tools in order to monetize its site. Last month, the company announced DNSalert 2.0, a tool that automatically runs up to 55 tests against a customer's domain and mail servers and then sends alerts to users if it detects a problem. A network pro who is responsible for his company's DNS can set the alerting tool so that it sends a message straight to his BlackBerry.

DNSstuff.com offers a good set of tools for companies that are trying to get some baseline information on DNS, Whiteley said. For network teams that are still trying to build a business case for IP address management technology, DNSstuff.com is a good interim step for troubleshooting DNS, he added.

"If you are a network administrator or engineer who's in charge of scaling your bind environment, before you go out and do that, you need a pretty good set of tools to baseline your environment," Whiteley said. "How secure is my DNS at the moment? How reliable is it? How is it configured?"

Let us know what you think about the story; email: Shamus McGillicuddy, News Editor

Tags: Network Monitoring,  Network Performance Management,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Monitoring Matrix switches can eliminate network tap and SPAN port shortages University tackles large-scale 802.11n wireless network management Meru reinvents wireless LAN troubleshooting and management Green enterprise: Three networking investments that make a difference Network device management overload: Engineers managing too many boxes What preventative maintenance procedures for network devices exist? WLAN QoS and SLA monitoring with 7/24 Wireless Quality Assurance costs How important are network infrastructure maps for engineers or admins? Understand Windows tracert output to troubleshoot network connectivity Network management and monitoring market remains crowded, fragmented Network Monitoring Research Network Performance Management Bandwidth measurement and management guide 2010 predictions: What IT trend affects network project management? Integrating wired and wireless network management Matrix switches can eliminate network tap and SPAN port shortages NetFlow traffic analysis tool solves network congestion woes for nonprofit Network management predictions for 2010: Automation, video, mobility What IP enables file sharing among multiple computers on different Internet connections? How to test LAN switch energy efficiency Web gateway helps Texas manufacturer develop network user management Desktop virtualization network challenges: A primer

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary 10-high-day busy period  (SearchNetworking.com) ACK  (SearchNetworking.com) baseboard management controller  (SearchNetworking.com) call failure rate  (SearchNetworking.com) jam  (SearchNetworking.com) Jini  (SearchNetworking.com) maximum segment size  (SearchNetworking.com) maximum transmission unit  (SearchNetworking.com) netstat  (SearchNetworking.com) network tracking tool  (SearchNetworking.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary