Abstract
The Domain Name System (DNS) is a fundamental Internet service that translates domain names into IP addresses [1]. Information leakage of DNS servers may cause the disclosure of users' behaviour or network zone structure and may even induce phishing or intranet penetration attacks. This paper solves two problems: the first is how to measure the information leakage of the DNS, and the second is how to measure the extent that current DNS services suffer from in-formation leakage. The measuring approach proposed in this paper utilizes DNS lookups on a total of 6,936,431 actual running DNS servers with open DNS ports (accounting for all the DNS servers in IPv4 we can reach), and there was a response rate of 71.84%. The experiment demonstrates that 84.41% of the PTR (Pointer, one DNS record type) RRs (resource records) leak network zone structure or business information. A defense method is further proposed to prevent information leakage to enable DNS privacy improvements.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
