DNS Acronyms

DNS Acronyms

These acronyms and terms are frequently used when discussing securing DNS.
  1. DNS: Domain Name System. This is a system that translates human-readable domain names (such as www.example.com) into numerical IP addresses that computers can use to communicate with each other.

  2. DDOS: Distributed Denial of Service. This is a type of cyber attack that involves overwhelming a network or system with traffic from multiple sources in order to disrupt or disable services.

  3. DDoS mitigation: This refers to measures taken to protect against DDoS attacks. These measures may include rate limiting, traffic filtering, and other techniques designed to prevent or minimize the impact of DDoS attacks.

  4. CDN: Content Delivery Network. This is a distributed network of servers that delivers web content to users based on their geographic location. CDNs can help to improve the performance and reliability of websites by reducing the distance that data has to travel.

  5. DNS filter: This is a security tool that analyzes DNS traffic and blocks requests that match patterns or rules associated with malicious activity. DNS filters are used to protect against a variety of cyber threats, including malware and phishing attacks.

  6. DNS server: This is a computer or network of computers that stores and manages DNS records, and responds to DNS queries from clients.

  7. DNS spoofing: This is a type of cyber attack in which an attacker modifies DNS records to redirect traffic to a malicious site. This can be used to steal sensitive information or to distribute malware.

  8. DNS cache poisoning: This is a type of cyber attack in which an attacker injects malicious data into a DNS cache, causing the cache to return incorrect DNS results.

  9. DNS tunneling: This is a technique that uses DNS queries and responses to transmit data between two points, often for the purpose of bypassing security measures or evading detection.

  10. DNS amplification: This is a type of DDoS attack that uses DNS servers to amplify the volume of traffic directed at a target network or system.

  11. DNS resolver: This is a client-side component of the DNS system that initiates DNS queries and receives responses from DNS servers.

  12. DNS over HTTPS (DoH): This is a protocol that encrypts DNS queries and responses using HTTPS, providing an additional layer of security for DNS traffic.

  13. DNS over TLS (DoT): This is a protocol that encrypts DNS queries and responses using TLS, providing an additional layer of security for DNS traffic.

  14. EDNS0: Extension Mechanisms for DNS. This is an extension to the DNS protocol that allows for larger payloads and additional functionality.

  15. IPSec: Internet Protocol Security. This is a protocol suite that provides security for Internet communications by authenticating and encrypting data packets.

  16. NAPTR: Naming Authority Pointer. This is a DNS resource record that provides a mapping between a domain name and a Uniform Resource Identifier (URI).

  17. SOA: Start of Authority. This is a DNS resource record that defines the authoritative information for a domain, including the primary name server and the contact information for the domain administrator.

  18. AXFR: Zone Transfer. This is a mechanism for transferring a complete copy of a DNS zone from one server to another.

  19. CNAME: Canonical Name. This is a type of DNS resource record that maps an alias or nickname to a real or "canonical" domain name.

  20. FQDN: Fully Qualified Domain Name. This is a domain name that includes the complete hierarchy of the domain, including the top-level domain and all subdomains.

  21. MX: Mail Exchange. This is a type of DNS resource record that specifies the mail servers responsible for a domain, and the priority of each server.

  22. NS: Name Server. This is a type of DNS resource record that specifies the name servers responsible for a domain.

  23. PTR: Pointer. This is a type of DNS resource record that maps an IP address to a domain name.

  24. RDNS: Reverse DNS. This is a process that maps an IP address to a domain name, using PTR records.

  25. RP: Responsible Person. This is a type of DNS resource record that specifies the contact information for a domain administrator or other responsible party.

  26. SRV: Service. This is a type of DNS resource record that specifies the location of a specific service within a domain.

  27. TXT: Text. This is a type of DNS resource record that can be used to store arbitrary text data, often for the purpose of providing additional information about a domain or service.

  28. A: Address. This is a type of DNS resource record that maps a domain name to an IPv4 address.

  29. AAAA: Quad-A. This is a type of DNS resource record that maps a domain name to an IPv6 address.

  30. CAA: Certification Authority Authorization. This is a type of DNS resource record that specifies which certification authorities (CAs) are authorized to issue SSL/TLS certificates for a domain.

  31. DNAME: Delegation Name. This is a type of DNS resource record that allows a subdomain to be an alias for a higher-level domain.

  32. DS: Delegation Signer. This is a type of DNS resource record that is used to securely delegate a subdomain to another DNS server.

  33. HINFO: Host Information. This is a type of DNS resource record that specifies the hardware and software configuration of a host.

  34. LOC: Location. This is a type of DNS resource record that specifies the geographic location of a host.

  35. NSAP: Network Service Access Point. This is a type of DNS resource record that maps a domain name to a Network Service Access Point (NSAP) address, which is used to identify nodes in the OSI networking model.

  36. RRSIG: Resource Record Signature. This is a type of DNS resource record that contains a digital signature that can be used to verify the authenticity of other DNS resource records.

  37. SSHFP: SSH Fingerprint. This is a type of DNS resource record that stores the fingerprint of a Secure Shell (SSH) public key, allowing it to be validated by clients.

  38. NX: Non-Existent. This is a term used to describe a domain or resource that does not exist. In the context of DNS, an NX record is a type of resource record that is returned in response to a query for a non-existent domain or resource.


    • Related Articles

    • DNS Return Codes

      There are many reasons why a DNS query may succeed or fail. Below is a list of the return codes and what they mean. You can filter for DNS response codes in your DigitalStakeout Securd DNS Dashboard and Log Analytics. 0: NoError. This indicates that ...
    • Protective DNS Dashboard Overview

      Note: Each company (tenant) has a unique dashboard.  Learn more about companies. The DigitalStakeout PDNS dashboard provides administrators with a high-level time-based summary into key security metrics and information about a company's underlying ...
    • Syslog Fowarding DNS Logs

      DigitalStakeout PDNS supports real-time log syslog forwarding. Log forwarding is a real-time fork of your DNS log data to a target syslog server. We do the hard work by enriching and annotating your logs with contextual information. DNS logs are ...
    • What is a DNS Firewall?

      A DNS firewall is a security tool that helps to protect networks and devices from cyber threats. It works by analyzing DNS (Domain Name System) traffic and identifying requests that match patterns or rules associated with malicious activity. If a ...
    • HTTP Log Forwarding DNS Logs

      DigitalStakeout PDNS supports real-time log HTTP forwarding. Log forwarding is a real-time fork of your DNS log data to a target HTTP webhook endpoint. We do the hard work by enriching and annotating your logs with contextual information. DNS logs ...