Time
7 hours 35 minutes
Difficulty
Intermediate
CEU/CPE
12

Video Transcription

00:03
Hey, guys, Welcome to another episode of the S S C P exam Prep Siri's. I'm your host, Peter. Simple. Um,
00:11
this is going to be the fourth lesson
00:14
in the six domain
00:16
so far in the six domain we've taken a look at the O. S I and T C P I P models, which describes seven layers off sending information from one user down across the network to another user
00:31
we've also taken will get I'm keen networking, which describes how information is actually sent over the network. And we've taken a look at networked apologies. How certain apologies or better or worse, for your organization, depending on their needs.
00:46
Now, finally, in this lesson, we're gonna table at Domaine de NS domain name system, which is the process of driving the name from a website and getting a user to that particular website and L DAP lightweight directory access protocol,
01:03
which is really just a directory off Information service is
01:07
on that organization's used.
01:10
We'll also take a look at commonly used ports and protocols. We have lots get to today, so let's get started.
01:18
Domain name system. The s is a hierarchal distributed naming system for any resource connected to the Internet or private network.
01:27
This is the world's biggest phone book, but for the Internet,
01:33
so this translates domain names to their I P addresses and I p addresses to domain names. So when you type in something in Web browser like for example, www dot google dot com,
01:48
it converts
01:49
google dot com into an I P address. They actually take you to that website now. It doesn't always have that doesn't always know the I. P address off the website that you were trying to visit. So it has to go through the domain name system, too.
02:07
Associate the correct I p address
02:10
with the Dhoni
02:13
So it starts up at the top that very top dot
02:16
and then it goes down to the little dot com the dot edu dot gov and got milk. Now these are top level domains. These are the common domain extensions you see at the end of the websites,
02:35
and from there it goes down to what is known as an authority authoritative system. And then that's where it finds the name that you entered into the browser and returns wth e associating i p address
02:53
key terms in order to fully understand d n s resolved. So this is a D. N s client that sends messages to obtain information about the requested domain space. So when you're
03:08
computer receives that domain name that you typed in whatever website that is, it sends a request to the resolver, which is a server usually like the I, uh, your Internet service provider server asking for,
03:28
uh, the i P address
03:30
associate ID with the name that you have entered
03:36
Rikers in the action taken when a D. N s server is asked to query on the behalf of a recent of a D. N s resolved
03:45
now occurs in happens when they're resolver server looks at the name that was submitted from the computer and says, I don't know what that, uh, I p address associated for that name is so it sends it to the D. N s system where then it gets filtered down
04:05
and it goes through the different levels until it finds the one is looking for
04:12
authoritative server, the D n. A server that responds to query messages with information stored in our ours for a domain being stored on the server
04:23
the authoritative server is the one that will know the address the i p address off the domain that you have submitted.
04:33
So once it receives yeah, domain
04:38
name, it will return the i p address
04:42
recursive resolver a d n a server that would personally queries for the information asked in the d. N s queer.
04:49
So when the information gets to the top
04:54
of the D. N s tree, it goes down to the top level domain.
05:00
And then from there, the server queers again to the authoritative server and from there, And that's how you get the domain being
05:09
on the I. P. Address.
05:12
Fully qualified Domain name is the absolute name of a device within the D. N s database. So the full of qualified domain name for Google is google dot com,
05:24
and our our is a resource record. It's used in Deanna's messages after this composed off different fields. So it has the name. It has the i p address. It has the time and a few other things on then from there, when that one is found, it returns to the I P address back to the user
05:45
ends them a database that contains information about the domain name space stored on the authoritative sir.
05:56
It's very important to protect D N s as much as possible because there are a lot off D. N s attacks. Associate it with a system this Big Four figuring out the I P addresses for domain names.
06:12
It's only natural that hackers will want to try and take advantage of this.
06:16
So most of the most common attacks of D. N S. R the D. N s denial of service attack. This is where attacker delivers traffic to the victim by reflecting it off of 1/3 party
06:30
weary or request redirection. So when a D and S Queary is sent out looking for the I P address of a particular name, back weary is intercepted and modified in transit to the D. N s server. So the D n a server returned the wrong I P address
06:48
and ends up sending the
06:50
user to the wrong website.
06:55
Dean s cash poisoning. This is where malicious data is injected into D A nest servers that are operated by the Internet service providers.
07:08
The damage caused by this attack is localized to specific users connecting to the compromise servers
07:15
and Zonen knew Marie Shin users can use the NS diagnostic commands to learn about AH Websites Architecture's. So this includes commands such as Big and N s Look Up, which will return information based on on the I P address.
07:33
This is an attempt to gain information, usually about the sights network architecture, er, and oftentimes, is this behavior that precedes an attack.
07:45
There is de NS bath flux, which is the ability to move. Distributed service is two different computers quickly. This is primarily used by pot nets and phishing attacks.
07:57
In order to the detection, they might switch computers fairly quickly
08:03
and taking over the registration of a domain. This is where the authoritative server is changed. So when less come to the authoritative server, an attacker can send back a different I P addresses instead of the proper ones.
08:18
D. N s uses pours 53 for T, c, P and U. T P.
08:24
L. NAP. This is a client server based directory for managing user information, so there's a lot of different information that can be on the network war in an organization, And L dap really just helps. Ah helps a user to find it quickly
08:41
by organ E organizing it in a hierarchal database.
08:46
So this allows people to locate users and information and resource is on network with relative ease.
08:54
L've app uses ports 3 89 for T, C, P and U T P,
09:03
Couple Service's and Protocols. The first is Net Bias, which allows different applications on different computers to interact with each other within the land
09:13
that BIOS uses. Port 1 35 and 1 39th with UDP at 1 37 1 38 4 TCP
09:24
Network Information Service In this plus is a directory service mostly used in linen for bandaging user credentials within a group of machines.
09:35
Common Internet file system, slash server, message, Block S and beef. This is really a file sharing protocol that's on window systems. So if you had a network scanner and you wanted to hook it up to your computer so you could scan the document on the scanner
09:54
and it would
09:56
go over the network and appear in a folder on the computer, you would set that up using SNB
10:03
S and B uses port for 45 with T c. P.
10:07
Simple male transfer protocol SMTP This is a client server protocol for rounding email across the Internet.
10:16
This one basically make sure e mail gets to the right spot and to the right user, there's no authentication or corruption. Mint this
10:24
and it uses poor 25 TCP
10:30
file transfer protocol. This is how information is uploaded to the Internet. Originally,
10:37
FTP uses ports 20 and 21 on T c p.
10:41
Trivial File Transfer Protocol. T F T P is the simplified version of FTP. You can use D F T P when authentication is not needed, and quality of service is not an issue. As a result, it really should only be used on trusted networks
11:01
on Did it uses Port 69 with you. D. P.
11:05
Http Hypertext transfer protocol. This is one of the most popular ones, especially with the Web.
11:13
It's considered. It was it's kind of considered to be a stripped down version off FTP
11:20
and is the foundational protocol for the Web. It uses poor 80 on T. C. P.
11:28
In today's lecture, we discuss D. N S and L DAP, and we took a look at some commonly used ports and protocols
11:37
with time.
11:37
This commonly used protocol is for email and uses poor 25.
11:43
Is it a http
11:45
B D N S c FTP or D SMTP
11:54
If you said d SMTP, then you are correct. Remember, SMTP stands for simple male transfer protocol and it works for sending email across the network.
12:07
Thanks for watching guys. I hope you learned a lot in this lesson and I'll see you next time.

Up Next

Systems Security Certified Professional (SSCP)

Obtaining your SSCP certification signifies that you possess the ability to tackle the operational demands and responsibilities of security practitioners, including authentication, security testing, intrusion detection/prevention, incident response and recovery, attacks and countermeasures, cryptography, malicious code countermeasures, and more.

Instructed By

Instructor Profile Image
Pete Cipolone
Cyber Security Analyst and Programmer
Instructor