Sunday, July 21, 2019

Understanding DNSSEC and how it works

Today, the internet does provide convenience for human life. With the internet, me can find various important information to get interesting entertainment. You can't be denied, surfing in cyberspace also has some risks that threaten your privacy.

One of the internet security holes is in the DNS (Domain Name System). With the DNS Spoofing method, or DNS Poisoning you can be directed to fake websites instead of websites that you really want to go to. This can be dangerous because if you enter personal data on the web page, the data will be stored in their system.
Understanding DNSSEC and how it works
To prevent this from happening, DNSSEC appears. What is that? How does it work to improve your security when surfing the internet? See the explanation below.

Get to know DNSSEC
DNSSEC or Domain Name System Security Extensions are part of the Internet Engineering Task Force (IETF). Its main function is to increase the security of your website from the risk of hacking and misuse of other data. DNSSEC will prevent data leakage through DNS Spoofing or DNS Poisoning.

In practice this device is indeed still not considered important. Apart from the fact that DNS works behind the scenes, the risk of piracy through the DNS record of a website's domain name is considered very low. Even so, it doesn't hurt if you provide the best protection for the website.

Then, actually how does DNSSEC work to secure your website? You can see the explanation in the following points.

How does it work?
Before knowing how DNSSEC works, you have to know how DNS works first to better understand it.

Get to know DNS
You certainly already know what a domain address is, which is the website address typed in the search column. Examples of domain addresses are www.twitter.com or www.facebook.com.

After you have finished typing in the domain address and pressing enter, this is where the DNS server works. DNS will "translate" the domain address into an IP address where the website you mean is located. Now, after the browser gets an IP address, then the browser connects to the website's web server and you can access it

But in the system there is a gap, precisely when the browser requests access to an IP address through a DNS server. With DNS Spoofing or DNS Poisoning, the browser will get different information from what has been "translated" by the DNS server. As a result you will be connected to a website that is wrong and is likely to endanger personal data.

How it works DNSSEC
After finding out that there is a security hole in DNS, you now need to think of ways to overcome it. The simplest but still efficient way to close the DNS security holes is with DNSSEC. This DNS Server equipped with DNSSEC is equipped with cryptographic code. That way, any misinformation on the computer can be detected optimally so that as an official access you can still receive information correctly.

This device works by providing validation for each DNS query. After being validated, DNS queries are added to the registrar. Then every time there is communication with DNS, the device will verify first whether it is valid or not. Simply put, DNSSEC provides a special label on each DNS website query to distinguish it from fake DNS.

The security gap when you are surfing is indeed very much. Including a gap in DNS that is actually not very visible. Even so, there's nothing wrong with providing additional protection. You can use it for those needs. Although simple, DNSSEC is able to increase the security of your website efficiently.


EmoticonEmoticon