Description
No client directly uses DNS. In some ways, DNS is the precursor of contemporary directory services. From the very beginning, it was not practical to use IP addresses directly; address assignments change after time. Hosts files, which are tables with name to number matching, grew too large to manage as the size of the Internet increased. This caused DNS to gain in popularity. One of the advantages of DNS is its ability to scale, because it can distribute and interconnect lists of names and addresses.
Though it has been of great value to the ease of use of the Internet, configuration errors of clients, servers, and resolvers can occur in many ways. In addition, new ways are being discovered all the time to warp, corrupt, or disable the function of the server, resolver, or client. These range from co-opting delegation for a given domain at the top of the hierarchy to poisoning a local resolver with inaccurate addresses. Most users will not suspect a compromised lookup that takes them to a site that looks legitimate, and many will, when experiencing a timeout or failure of a host lookup, simply conclude that "the Internet is down."
In 3–4 paragraphs:
- Enumerate as many DNS errors as you can, and propose a method to detect one of them, or a small cluster of related ones.
- Analyze the errors you have chosen for their potential to be used as a deliberate or accidental attack (for example, a man-in-the middle attack).
- Propose a method to reduce or eliminate the risk. Since some problems are only truly fixed by updated software or infrastructure, there may be interim workarounds, so you may propose one of those, and those steps to improve security or stability may reduce the functionality of the systems.

Explanation & Answer

Here you go. In case of any further inputs please let me know!It was good working with you! 👋 Thanks for using Studypool. Take care and good luck!All the best.
Running Head: DNS ERRORS AND ASSOCIATED THREATS
DNS Errors and Associated Threats
Name
Course
Tutor
Date
1
DNS ERRORS AND ASSOCIATED THREATS
2
DNS Errors and Associated Threats
DNS Errors and Detection Methods
DNS remains a significantly useful networking tool as it ensures proper propagation
of IP addresses within the networking community and ensures internet connectivity to a host
for any device within a network. Like most IT products, however, its major downside comes
with security-associated errors, which manifest majorly through five common errors.
Improper address configurations, DDoS attacks, and high time-to-live values are some of the
errors that are commonly associated with DNS. The service is also prone to errors of high
latency and failures in its networking and hardware components. Fortunately, there are
detection measures that have been developed over time by various cybersecurity experts
whose functionality in error identification has helped secure active internetworks. An
acronym for Network Intrusion Detection System, NIDS, has proven effective in sieving out
troublesome and malicious codes on transit within a network. Composed of various
components to enable effective isolation of problematic data packets, NIDS remains the
single-most useful tool at network administrators' disposal for securing DNS. Its design seeks
to prevent any form of intrusion into a system regardless of whether or not its origins are
accidental or malicious (Kuyama et al., 2016).
Improperly Figured DNS Records
Given that DNS majorly functions as an avenue for assigning tables and names for IP
addresses, DNS records errors often result in disastrous outcomes. Accidental attacks
originating from this premise occurs when data from a particular source enters a mistaken
destination. It consequently results in the exposure of information to unauthorized personnel.
However, Deliberate attackers constitute DNS Spoofing or DNS poisoning, which refers to the
willful diversion of internet traffic to fake servers from the legitimate servers within a
DNS ERRORS AND ASSOCIATED THREATS
3
network. In addition to willfully misdirecting internet traffic, an attacker could create
phishing codes for a destination or code within the traffic, opening up th...
