Every device connected to the internet needs an Internet Protocol address, or IP address. The Domain Name System, or DNS, is a protocol that translates user-friendly domain names, such as www.paloaltonetworks.com, into their corresponding IP addresses – in this case, 199.167.52.137. The DNS is often called the phonebook of the internet.
Related Video
How Attackers Use DNS to Steal Your Data
Years ago, as the number of networked computers and devices increased, so did the burden on network administrators’ efforts to keep track of IP addresses. Moreover, IP addresses were – and are – in short supply. The Dynamic Host Configuration Protocol, or DHCP, was created to allow companies and internet service providers to assign IP addresses to computers automatically when they sign up online as a way to recycle the same IP addresses. Dynamic DNS, or DDNS, is a service that provides a mapping between a hostname, such as www.yourcompany.com, and your IP address.
What are the benefits of DDNS?
Along with the benefits, there are security risks associated with DDNS. Attackers can leverage DDNS services to change the IP addresses that host command-and-control servers. Malware campaigns and even exploit kits can utilize DDNS services as part of their payload distribution. By utilizing DDNS domains as part of their hostname infrastructure, adversaries can easily change the IP address associated with given DNS records and more easily avoid detection. Take a look at our white paper, Protect Your DNS Traffic Against Threats, for a more in-depth look at how to combat DNS attacks.