本文由 AI 分析生成
建立時間: 2026-03-24 來源: https://tech-blog.cymetrics.io/posts/crystal/dns-hacking-1/
Summary
Introduction to DNS fundamentals — how the hierarchical resolver chain works (Root DNS → TLD DNS → Authoritative DNS → client), TTL caching, and the various DNS record types. Part 1 of a DNS security series explaining the infrastructure before covering attack vectors like DNS hijacking and subdomain takeover.
DNS 基礎教學:介紹 DNS 階層查詢流程(根 DNS → TLD DNS → 權威 DNS → 客戶端)、TTL 快取機制和各種 DNS 記錄類型。這是 DNS 安全系列第一篇,在介紹攻擊手法前先建立基礎知識。
Key Points
- DNS is a distributed hierarchical tree: Root DNS → TLD DNS → Authoritative DNS
- DNS resolver caches results per TTL to avoid repeated full lookups
- TTL controls how long cached records remain valid — shorter TTL = faster propagation of changes
- DNS is the world’s largest distributed database — speed and synchronization are critical design constraints
- Series focuses on DNS security: subdomain takeover and other attack vectors follow in later parts
Insights
The “大通訊錄” (giant phonebook) analogy is a classic but the article’s refinement — comparing resolver caching to an operator who keeps frequently-called numbers handy — is a cleaner mental model for explaining why DNS doesn’t go to root on every lookup. The TTL mechanism is the key architectural insight: it creates an intentional lag between DNS updates and global propagation, which is both a feature (performance) and a vulnerability surface (DNS hijacking window).
Connections
Raw Excerpt
不過,DNS cache 中的紀錄也不是就一直存放在裡面的。每一筆紀錄都會有一個 TTL (Time-to-live),這是一個代表『此紀錄可以被 cache 存多久』的數字。