What Is Dynamic DNS?
Every device connected to the internet needs an Internet Protocol address, or IP address. The Domain Name System, or DNS, is a protocol that translates user-friendly domain names, such as www.paloaltonetworks.com, into their corresponding IP addresses – in this case, 220.127.116.11. The DNS is often called the phonebook of the internet.
How Attackers Use DNS to Steal Your Data
Years ago, as the number of networked computers and devices increased, so did the burden on network administrators’ efforts to keep track of IP addresses. Moreover, IP addresses were – and are – in short supply. The Dynamic Host Configuration Protocol, or DHCP, was created to allow companies and internet service providers to assign IP addresses to computers automatically when they sign up online as a way to recycle the same IP addresses. Dynamic DNS, or DDNS, is a service that provides a mapping between a hostname, such as www.yourcompany.com, and your IP address.
What are the benefits of DDNS?
- You can access your website or server from anywhere in the world without worrying about changes to your IP address. A device on your network communicates your IP to the DDNS service periodically.
- You won’t have to update all your records manually each time your IP address changes. DDNS is more economical than static DNS in the long run.
- Your network administrators don’t have to reconfigure settings for each IP address change, which frees them up to attend to your network’s health.
Along with the benefits, there are security risks associated with DDNS. Attackers can leverage DDNS services to change the IP addresses that host command-and-control servers. Malware campaigns and even exploit kits can utilize DDNS services as part of their payload distribution. By utilizing DDNS domains as part of their hostname infrastructure, adversaries can easily change the IP address associated with given DNS records and more easily avoid detection. Take a look at our white paper, Protect Your DNS Traffic Against Threats, for a more in-depth look at how to combat DNS attacks.