You may have read of the outage experienced by major Web host and domain registrar GoDaddy earlier this month. For many hours, millions of websites and email accounts hosted by the company were inaccessible, including sites that were using its DNS hosting services.
Though a member of the notorious Anonymous hacker collective came forward to claim responsibility for an alleged Distributed Denial of Service (DDoS) on GoDaddy’s Domain Name System (DNS) infrastructure, GoDaddy CEO Scott Wagner later attributed the outage to “a series of internal network events that corrupted router data tables.”
Irrespective of who to believe, the outage focused attention on the importance of DNS and its relative vulnerability to disruptions. Why is the DNS so important and is there anything small businesses can do to better protect their DNS?
How DNS Works
In a nutshell, the DNS handles translating human-readable domain names into the numeric IP addresses used by computers and Internet routers. The data is structured in a hierarchical manner and served from 13 clusters of root name servers that services the entire public Internet.
The most important fact to remember is that while DNS information can be cached for varying amounts of time within this hierarchy, only the DNS server serving your domain – known as the authoritative name server, holds the requisite IP address information. In simplified terms, knocking the authoritative name server out of action will disrupt the ability to resolve the IP address.
An inability to resolve an IP address will cause Internet software to fail. And because server-to-server communication also works on the same principle, the affected domain is rendered inaccessible, including the capability to send and receive emails. This is why Internet service providers and hosting companies routinely deploy multiple DNS servers.
Maintaining the DNS Server
Despite the importance of the DNS, scant attention is usually paid to who maintains the authoritative DNS server for a company. Many domain name resellers will host the DNS as a value-added service at no additional charge, as do practically all Web hosts when you sign up with them.
While this arrangement works fine most of the time, the problem of such an important service being provided for free is obvious: vendors may lack the expertise or resources to deal with a determined DDoS attack on their DNS infrastructure.
So what are SMBs to do when it comes to better protecting their websites and email services against outages instigated by malicious parties? For most businesses, it is probably adequate to determine who runs the authoritative DNS server for your business’s domain. This will allow the Web provider to identify whether the source of an outage is related to problems with your DNS hosting.
However, if you own or run a company where 24/7 accessibility to your website and its services is crucial, you may want to take a more proactive approach and consider paying for DNS hosting services from specialists such as Dyn or ZoneEdit. Though this service is not free, it offers better protection against hackers taking your company’s domain off the Internet.
Paul Mah covers technology for SMBs for Small Business Computing and for IT Business Edge. He also shares his passion for and knowledge of everything from networking to operating systems as an instructor at Republic Polytechnic in Singapore, and is a contributor to a number of tech sites, including Ars Technica and TechRepublic.
|Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!|