smartsub.co

Learn everything about the Tech World!

7 tactics to protect against DDoS attacks in 2021

Statistics of cyber attacks are multiplying fast every year. Online businesses really have to strengthen their security in 2021 to prevent or mitigate these threats. Don’t wait any longer! Enable today the necessary these 7 tactics to protect your business against DDoS attacks.

Know what a DDoS attack is

A distributed denial of service (DDoS) is an attack where criminals look to drown a victim (network or server) by sending it massive traffic loads from multiple sources (infected devices). 

There are different types of DDoS, and each uses a specific technique to produce the traffic. But generally, criminals send a massive amount of requests to their victim to shut it down and get the denial of service for legit users.

Let’s get deeper into the threat and its techniques to build an efficient strategy against it.

Monitor your network’s traffic

Online businesses have traffic patterns. You must understand them to distinguish normal traffic from abnormal. Constant monitoring can point sudden spikes or strange activity. Knowing your traffic, plus a smart monitor will help you catch the first DDoS symptoms before it is too late.

Check this great Monitoring service!

Read More

Two types of DNS zone transfer

DNS zone transfer is a critical component for better performance of your Domain Name System. In this article we will take a look at why it is important and which are the most popular zone transfer types – AXFR and IXFR.

What is the DNS zone?

The Internet Engineering Task Force (IETF) coined the word DNS zone in 1987. It has a critical function: it allows different DNS administrators to administer and manage various components of the global DNS system. This is the major reason behind the global naming database’s decentralized character.

The DNS zone consists of DNS records such as A, AAAA, MX, TXT, PTR, and so on. It’s worth mentioning that the SOA record, which is the first DNS record, also contains basic information about the zone, the DNS administrator, and various DNS zone transfer settings (Refresh and Retry rate).

DNS zone fransfer – meaning

When you copy data from one zone (DNS records) and paste it into another name server, you’re doing DNS zone transfer. What makes you want to do that? In the case of a global domain with visitors from all over the world and numerous Points of Presence (PoP), having multiple copies of your DNS records on several name servers can ensure greater availability in the event of a name server failure and faster DNS resolution.

The most common DNS zone transfer types

AXFR zone transfer (Full zone transfer)

The first is “full zone transfer.” The basic goal of AXFR zone transfer is to send all DNS records from the Primary DNS server to the Slave DNS server. All DNS records will be up to date due to this zone move. They are identical to those in the Master DNS zone.

You can utilize the AXFR zone transfer when you’re deploying one or more Secondary DNS servers and want to replicate DNS records straight away.

If you know, one or more Secondary DNS servers haven’t been updated in a while. Then, you can also compel a full zone transfer.

IXFR zone transfer (Partial zone transfer)

It is possible to simply copy new changes from the Master zone to the Secondary zone. It’s not usually necessary to duplicate all DNS records. When you only need to alter a few DNS entries, the IXFR zone transfer can help. You’ve added two new A records, for example, but the remainder of the table remains unchanged. You can obtain the data from the Secondary DNS server. It can be configured to compare the serial numbers of the SOA record after a certain amount of time to see if the Master has changed. It will ask the Master DNS server for modifications if the serial number it holds is lower.

Another option is for the Master DNS server to send a notification to the Secondary DNS server informing them of the change. They can then request the modification, and if they are permitted to do so, they will receive the new or amended DNS entries. As you can see, IXFR zone transfer requires less data transmission, and it is the more practical approach in most circumstances, especially if you have already set up Secondary DNS servers.

Conclusion

Considering all of the facts, DNS zone transfer is a very useful method that can help you in crisis situations (for example, if your server is down). Of course, this is not a must. But if you don’t have it, it could cost you a lot of lost money and potential customers in a future attack. So, do not wonder, and if you haven’t implemented it in your system yet, do it.

MTR command – A network diagnostic tool for Linux

Many network diagnostic tools are already a part of Linux. For example, Nslookup command, Host command, Dig command, Traceroute command, and more. But, sometime in the past, there was a guy called Matt Kimball. He was just not satisfied with the traceroute command in the 90s, so he decided to make a new one – the MTR command.

What is the MTR command?

The MTR command is a great small tool to trace the route to a target and get information for the round-trip. It is an alternative to the common traceroute command and was written by Matt Kimball created in 1997 to perform functions both from traceroute command and ping command. It provides more information in comparison with the other two commands and is just as easy to use on Linux. Roger Wolff further improved the software in 1998, and the name was changed to My Traceroute. 

On Linux, you can use the MTR command straight through the Terminal application. If you don’t have it installed on your Linux distro, you first need to install it.

On Ubuntu, you can do it by typing: sudo apt update. Then press Enter and write your password. After that, type: sudo apt -y install mtr. Again press Enter.

How does it work?

The MTR command sends ICMP (Internet Control Message Protocol) data packets to the target you set. The target that you decide could be a hostname/domain name or an IP address (IPv4 or IPv6). 

You can use it using the following syntax:

mtr option value target

Mtr – shows which command you are using.

Option – it can use one of the following options to improve your probe further:

-h – help.

-v – version.

-r – report. You need to stop it by pressing the “C” key, and after that, you get a report.

-w – extended report.

-c – number of ICMP messages to be sent.

-s – the size of ICMP data packages.

-t – Curses-based terminal interface.

-n – don’t resolve the hostnames.

-g – GTK+ interface.

-p – split – Split-user interface.

-l – Raw output.

-a – address.

-i – seconds between the ICMP messages.

-u –use UDP.

Read More

What is the purpose of Reverse DNS?

Reverse DNS – What is it?

Reverse DNS, also known as rDNS, is a DNS lookup that maps an IP address to its domain name. It is absolutely the opposite of Forward DNS lookup, where the domain name links to the IP address where it is hosted. 

In the majority of cases, rDNS is an additional service provided by a DNS hosting provider. Once you implement such a service, you should create a Master Reverse zone and add PTR records to it. That way, you are able to provide evidence that your IP address and your domain name have a proper match. 

Thanks to the created PTR record, you actually confirm that the IP address is associated with the domain name. As a result, you are minimizing the chance and avoiding fraud. Additionally, you can implement Reverse DNS both with IPv4 address and A record and with IPv6 address and AAAA record.

Read More

DNS Record Types Cheat Sheet

In case you are just starting managing your DNS, these DNS record types are fundamental. So, let’s explain a little bit more about them.

SOA record

The acronym SOA stands for Start Of Authority, and it is essential to explain this record first. With it, you can show the origin of the authority DNS zone. This DNS record holds inside very important information about the DNS zone. It is a must-have if you want your DNS network to operate normally. The SOA record points to the primary DNS server. In addition, it stores information for the domain administrator and contact information. It also includes parameters such as the domain serial number and how often it should refresh. It is important to note that there should be just one SOA record for a particular DNS zone.

Learn everything about the DNS SOA Record!

Read More

4 reasons why you should use Managed DNS

Managed DNS has a lot of benefits, so here are 4 reasons why you should implement it. The DNS (Domain Name System) is not only a must to exist online, but a keystone for success. It’s the base for any domain to perform well, fast, safe, maintain high uptime, and offer a satisfactory user experience. 

1. Managed DNS robust, modern and reliable infrastructure will totally boost your domain’s performance

Read More

How to clear the DNS cache?

Cleaning the DNS cache will remove all the DNS records that were stored inside your computer. After that, there won’t be any A or AAAA records showing which websites you have visited before. Here you can learn to flush the DNS cache!

Read More

The future of IPv4

What does IPv4 mean?

IPv4 (Internet Protocol version 4) is a popular and broadly used version of the IP. Thanks to the IPv4 addresses, it is possible to identify devices on the network. It includes 4 numbers between 0 to 255, divided by dots, for instance, 123.45.67.89, and it uses a 32-bit address space. 

Read More

DNS resolution: What happens when you access a website?

Thanks to DNS resolution, we don’t even think about what is happening when we click to visit a particular website. It is actually a complete process running behind the scene. It truly happens so fast, and because of it, we are not required to remember and type the difficult IP addresses. Instead, we memorize just the simple domain names, and we can easily connect to our favorite website. So, let’s explain a little bit more about this interesting process!

What does DNS resolution mean?

Read More

What are the characteristics of an Authoritative DNS Server?

What is an Authoritative DNS server?

The Authoritative DNS server is an essential part of every DNS network. It stores all of the important DNS data, including the DNS records for a specific domain. That server could belong to a domain registrar or a DNS hosting provider. 

Read More