1 00:00:02,720 --> 00:00:08,470 The last leg of the show I saw a model we should examine is the application layer. 2 00:00:08,530 --> 00:00:11,930 There are a lot of application protocols. 3 00:00:12,000 --> 00:00:20,140 As for now we will only be interested in the protocols associated with the network infrastructure services. 4 00:00:20,330 --> 00:00:23,220 The first of those is DNS. 5 00:00:23,250 --> 00:00:28,970 This is a protocol which serves as the Internet's telephone directory in order for you to connect to 6 00:00:28,970 --> 00:00:31,610 a remote computer using its qualified name. 7 00:00:31,670 --> 00:00:39,190 Your host must know its IP address there must exist a database which will translate the name you know 8 00:00:39,250 --> 00:00:42,670 into the IP address. 9 00:00:42,780 --> 00:00:48,320 This is performed by the DNS servers and the protocols created to enable them to communicate. 10 00:00:48,360 --> 00:00:52,140 There are quite a lot of computers on the internet. 11 00:00:52,340 --> 00:00:58,040 If there was only one DNS server then it would have to store a lot of information and would be permanently 12 00:00:58,040 --> 00:01:00,790 blocked due to the number of requests to handle 13 00:01:06,660 --> 00:01:07,810 to counter this problem. 14 00:01:07,830 --> 00:01:12,670 The DNS database has a hierarchical structure at the top. 15 00:01:12,670 --> 00:01:16,690 There are the root servers the root zone. 16 00:01:16,690 --> 00:01:26,280 These are the servers responsible for the root domain domains such as COM or gov etc or at subdomains 17 00:01:28,690 --> 00:01:32,190 each DNS server can be responsible for one or more domains. 18 00:01:34,050 --> 00:01:40,880 The client side of the DNS is called the DNS resolver. 19 00:01:40,990 --> 00:01:49,500 If a client wants to connect to the computer w w w dot Microsoft dot com W W W is the name of the computer. 20 00:01:49,570 --> 00:01:56,220 Microsoft is the name of the subdomain and com is the domain name. 21 00:01:56,340 --> 00:01:59,990 It connects to its local DNS server first. 22 00:02:00,000 --> 00:02:02,660 This is very important. 23 00:02:02,710 --> 00:02:08,890 Later we will find out that controlling the DNS server allows you to control the data transmitted the 24 00:02:08,890 --> 00:02:15,430 host connects to the local DNS server and request for the IP address of w w w Microsoft dot com computer 25 00:02:18,080 --> 00:02:23,480 the local DNS server probably will not keep the IP address as we said. 26 00:02:23,570 --> 00:02:28,980 Each server is responsible for its own subdomain. 27 00:02:29,060 --> 00:02:34,850 Your local DNS server will surely know the address of one of the root zone servers so it will request 28 00:02:34,850 --> 00:02:42,180 one of those servers for the host address of WWE w dump Microsoft dot com. 29 00:02:42,190 --> 00:02:46,760 Unfortunately the root server won't be able to answer this request either. 30 00:02:46,780 --> 00:02:52,630 It will respond however with the address of the DNS server lower in the hierarchy which is responsible 31 00:02:52,630 --> 00:02:55,960 for the domain com. 32 00:02:56,020 --> 00:03:01,830 At this point your local DNS will connect to this server and will request the address w w w. 33 00:03:01,930 --> 00:03:05,790 Microsoft dot com computer. 34 00:03:05,890 --> 00:03:11,100 Your request will probably be forwarded to an authoritative server responsible for the Microsoft Dotcom's 35 00:03:11,140 --> 00:03:12,940 zone. 36 00:03:13,110 --> 00:03:18,840 At this point the only two responses possible are either the computer's IP address or that such as the 37 00:03:18,840 --> 00:03:20,490 computer doesn't exist. 38 00:03:23,140 --> 00:03:29,470 DNS servers store in their databases information not only about the hosts type of records but also about 39 00:03:29,470 --> 00:03:35,370 record types as well two types will be especially interesting for us. 40 00:03:37,130 --> 00:03:44,810 These are DNS records indicating other DNS servers and the MX records indicating mail servers.