View article

The domain name system (DNS) is the most essential part of primary Internet infrastructure that translates hostnames to IP addresses. DNS server is available to all users to resolve their hostnames. They are not configured with any administrative control. DNS is an open resolver so that it is a hot cake for attackers to perform various attacks such as cache poisonings, DOS, and DDOS attacks. DNS only converts domain names to their matching IP addresses without providing any protection when sending messages. The man-in-the-middle can easily snoop into the insecure channel and can get the user’s sensitive information. Due to this drawback of DNS, we came across another more secure layer of DNSSEC. DNSSEC uses certificates to authenticate the servers, and hence, more secure than DNS. It protects the DNS from other vulnerabilities as well. However, DNSSEC has its security concerns like …