validation dnp

8/3/2019 Validation Dnp

1/21


2/21

+

What is domain name?

What is domain name system?

What is domain name protection?


3/21

+Host name

IP Addresses are great for computers

IP address includes information used for routing.

IP addresses are tough for humans to remember.

IP addresses are impossible to guess.


4/21

+


5/21

+Purpose of the DNS

The purpose of the DNS is to enable Internet applications and their

users to name things that have to have a globally unique name.

The obvious benefit is easily memorizable names for things likeweb pages and mailboxes, rather than long numbers or codes. Less

obvious but equally important is the separation of the name of

something from its location.

Things can move to a totally different location in the network fullytransparently, without changing their name. www.isoc.org can be

on a computer in Virginia today and on another computer in

Geneva tomorrow without anyone noticing.


6/21

+

In order to achieve this separation, names must be translatedinto other identifiers which the applications use to communicate

via the appropriate Internet protocols. Let's look at what

happens when you send a mail message to me at

[email protected]. A mail server trying to deliver the

message has to find out where mail for mailboxes at 'ripe.net'has to be sent. This is when the DNS comes into play.

The mail server transmits this question, called a 'query' in DNS

terminology to the DNS. Quickly it receives as answer:

ripe.net. 1800 IN MX 100 postman.ripe.net.

ripe.net. 1800 IN MX 150 postboy. ripe.net.

"Mail for 'ripe.net' should be sent first to the computer called

'postman.ripe.net'. If 'postman.ripe.net' is not available, try

'postboy.ripe.net'".


7/21

+

The mail server will now make a connection with

'postman.ripe.net'. In order to do this it needs to know the

numeric Internet address for 'postman.ripe.net'. This numeric

address is sufficient to send Internet packets directly to the

computer called 'postman.ripe.net' from anywhere in the

Internet. Again the DNS is queried and it returns '193.0.0.199'.

postman.ripe.net. 172800 IN A 193.0.0.199

From here on, the mail server delivering your message can

directly communicate with the mail server that receives and

stores my mail for me to collect later on.


8/21

+So how does this work?

Let us follow the DNS query starting from your computer. Yourcomputer knows the address of a nearby DNS "caching server"

and will send the query there. These caching servers are usually

operated by the people that provide Internet connectivity to you.

This can be your Internet Service Provider (ISP) in a residential

setting or your corporate IT department in an office setting. Your

computer may learn the address of the available caching servers

automatically when connecting to the network or have it

statically configured by your network administrator

When the query arrives at the caching server there is a good

chance that this server knows the answer already because it has

remembered it, "cached" in DNS terminology, from a previous

transaction


9/21

+

So if someone using the same caching server has sent mail to

someone at 'ripe.net' recently, all the information that is needed

will already be available and all the caching server has to do is

to send the cached answers to your computer. You can see howcaching speeds up responses to queries for popular names

considerably. Another important effect of caching is to reduce

the load on the DNS as a whole, because many queries do not

go beyond the caching servers.


10/21

+As a domain owner, one should be aware

of and protect themself against the

following three scenarios..1. Inadvertent domain expiration

The owner does not renew the name in time and it is snatched up by a

domain speculator. This is often caused by failure to receive renewal

notices because of out of date contact information.

Most registrars no longer send out renewal notices via postal

mail. This means that if your e-mail address is out of date, you will

not receive renewal notices. This problem is further compounded by

your registrar's inability to warn you that your domain is about to bedeleted.

Once deleted, domains are commonly snatched up within seconds

by speculators running automated programs. Some speculators

offer to sell them back to the original owners for greatly inflated

prices.


11/21

+2. Domain hijacking or theft

A domain hijacker effectively 'steals' the domain by submitting

a fraudulent registrar transfer request and tricking an

unsophisticated domain owner or registrar into giving them

control of the name.

Once the hijacker has control of the name, they will usuallyassume ownership of the domain and start redirecting it to their

own web sites

At this point, legal options can be expensive and time

consuming. Since the domain has been transferred away from

the domain owner's original registrar, this registrar is often

powerless in assisting. Domain hijackers are aware of this and

commonly transfer domains to countries far away from the

original owner - making legal recourse cost prohibitive.


12/21

+3. Inaccurate contact information

Your name can be cancelled if your domain information is not

accurate and you fail to respond to a registrar's inquiries within

fifteen days?

From October 2003, ICANN is requiring all registrars to contact

their customers on a yearly basis to verify domain information.

If your information has changed and you have not taken the

time to update it, your domains may be at risk of being

deleted.


13/21


14/21

+

How to protect ???

2. Be careful who is listed in your contact information.

You or your organization should always be listed as theorganization and administrative contact.

When registering corporate domain names, make sure that the

company name is listed as the owner of the domain. Do not

allow an outside web site designer or host to be listed as eitherthe domain owner or administrative contact. If possible, the

business owner or a senior executive should be listed as

administrative contact since this person will be authorized to

modify or change ownership of company domain names.


15/21

+

How to protect ???3. Be careful when using free e-mail addresses

From services like Hotmail. Many free e-mail services will

automatically suspend or delete your e-mail account if you do

not log in frequently enough. Once your e-mail account isdeleted, a domain hijacker can sign up for your same e-mail

address and use it to give permission to transfer your domains

away from you.

If possible, avoid using a free e-mail address on your domain

records. If you are using a Hotmail account, you may want to

consider paying to upgrade your account to exempt you from

their inactivity policy.


16/21

+

How to protect ???4. Place a registrar lock on your domain.

This will lock your domain record at the registry level and

prevent it from being transferred, modified or deleted by a third

party. This feature is very helpful in protecting your name againstunauthorized transfers and hijacking.

If your registrar does not offer this feature, consider transferring

your domains to one who does. Since a 'registrar lock' can also

make it more difficult for you to transfer away from a registrar,

you should look for a registrar that gives you the ability to

automatically unlock your domain names at any time without

having to call or e-mail them.


17/21

+

How to protect ???

5. Do not reply (or click on any links) in any domain related

e-mail correspondence you do not recognize.

Also be careful not to reply to any 'official looking' renewalnotices you receive in the mail from companies you do not

recognize. Domain hijackers and unscrupulous registrars have

been known to submit mass amounts of transfers hoping that a

small percentage of confused registrants will accidentallyconfirm the transfers. When in doubt, contact your original

registrar to verify any suspicious messages.


18/21

+

How to protect ???

6. Add your registrar's domain name to your spam filter's

approved sender list.

If you (or your ISP) are using a spam blocking service, yourun the risk of not receiving domain renewal notices from your

registrar if they are incorrectly categorized. You can prevent

this from occuring by adding your registrar to your list of

'approved senders'. This will automatically bypass any filteringand ensure that all renewal notices make it straight to your

inbox.


19/21

+

How to protect ???

7. Consider renewing domain name early and for a longer

amount of time.

If your domain name is critical to your business and is one youwill want for years to come, consider renewing your domain

registration in five year increments. This will avoid yearly

registration hassles and prevent your domain from accidentally

expiring.


20/21

+References..

http://www.betterwhois.com/domainhijacking.htm

http://www.isoc.org/briefings/016/

http://laughingsquid.com/the-importance-of-dns-the-

internet-domain-name-system/


21/21

+

TU

validation dnp

Documents