The role of the domain name system in IP networks has evolved over the years, from simple hostname lookups to modern DNS architecture with extended functionality and numerous new record types.  Many vendors and organizations leverage client dependence on DNS resolvers to centralize management,  interoperability and security functions.

As a requisite step for most Internet communication, the cleartext DNS protocol is uniquely situated to provide an ideal point for monitoring and filtering traffic, but this transparency brings both opportunity and risk.  Understanding the alternatives and trends can help determine the best roadmap for IT departments and service providers looking to future proof infrastructure investments, and respond to shifting cybersecurity threats.

Geoff Huston from APNIC discusses some possible considerations on the road ahead for DNS applications…

“DNS queries are in the open and can be readily intercepted and fake responses substituted. This DNS interception is not just part of the toolset for malware, but an intrinsic component of many national Internet filtering measures — many national content policies are implemented through DNS interception. And it’s not just removing certain names from the purview of users’ activities.

The DNS is a rich source of data about users and applications. If an observer were to collate the complete set of DNS queries from an individual user over a period of time then it’s possible to construct a very accurate profile of that individual user. It seems that the DNS is a willing collaborator in this exercise of digital surveillance and control”Geoff Huston via APNIC’s blog.

Read the full article below…

https://blog.apnic.net/2020/06/18/where-is-the-dns-heading/