Domain name system (DNS) message processing method and network safety equipment

A network security, DNS server technology, applied in the field of DNS packet processing methods and network security devices, can solve problems such as inaccessibility and network attackers' attacks

Active Publication Date: 2011-10-19
HANGZHOU DPTECH TECH
View PDF6 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The domain name resolution service facilitates the use of the network by users. However, it may become the target of network attackers. Once the domain name resolution is attacked, the consequences will be very serious, because it may cause a large area to be inaccessible. occur

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Domain name system (DNS) message processing method and network safety equipment
  • Domain name system (DNS) message processing method and network safety equipment
  • Domain name system (DNS) message processing method and network safety equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] The inventors of the present invention have found through research that currently relatively common malicious attacks on DNS services are accompanied by domain name resolution failure events, such as violent attacks on DNS server resource consumption. The main object of the present invention is to check domain name resolution failure events through the network security equipment located between the DNS client and the DNS server in the network, form records and statistics to find suspicious attack behaviors. Before introducing the preferred implementation mode of the present invention, the message format and the basic flow of DNS interaction to be used in the present invention will be introduced.

[0031] The formats of DNS request packets and DNS response packets are as follows: figure 2 As shown, the 16-bit flag field is divided into several subfields. Please refer further image 3 , the meanings of each subfield are as follows:

[0032] QR is a 1bit field, 0 means...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to network safety equipment and a domain name system (DNS) message processing method, which are applied to a computer network. The network safety equipment is positioned between a DNS client and a DNS server and comprises a primary judgment unit, a secondary judgment unit and a forwarding unit, wherein the primary judgment unit is used for receiving a DNS response message and checking whether a resolved internet protocol (IP) address is carried in the response message, if so, submitting the message to the secondary judgment unit, otherwise determining that domain name resolution fails and updating failure domain name resolution record; the secondary judgment unit is used for checking whether the resolved IP address carried in the DNS response message corresponds to the domain name requested to be resolved by a DNS, if so, determining that the domain name resolution is success, otherwise determining that the domain name resolution fails and updating the failure domain name resolution record; and the forwarding unit is used for forwarding the DNS response message to the DNS client.

Description

technical field [0001] The invention relates to network communication technology, in particular to a DNS message processing method and network security equipment. Background technique [0002] In computer network communication, hosts need to know the IP address of the communication peer to be able to communicate with each other through the IP network. However, the 32-bit IPv4 address (the IPv6 address is 128 bits) is not easy to remember for the communication participants. Therefore, more intuitive domain names (such as www.google.com.hk) are widely used to solve the problem of difficult memory of IP addresses. However, network communication is based on the IP protocol, and the host to be accessed cannot be directly found through the domain name. Therefore, the host needs to convert the domain name entered by the user into an IP address. This process is called domain name resolution. [0003] In order to complete domain name resolution, the cooperation of Domain Name Syst...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/12H04L29/06H04L12/24
Inventor 滕晓燕
Owner HANGZHOU DPTECH TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap