CJ Robles, Tech Times

Google programmed its Chrome browser and Chromium-based associates to randomly test using three domain names to prevent any DNS takeover. However, ZDNet reported that experts claim that half of the root servers' traffic is due to these tests.

If two domains return the same IP, the browser would think that the network captures and redirects non-existing domain requests. This test is completed during startup and whenever a device's IP or Domain Name System (DNS) settings change.

The DNS serves as the Internet's phonebook, which people access through domain names. While Web browsers interact using Internet Protocol (IP) addresses, DNS decodes domain names to IP addresses--with that, browsers can load the websites.

Since DNS servers pass locally unknown domain queries to more authoritative name servers, the random domains used in the test even find their way up to the root DNS servers, which adds up to half of the root server queries.

According to Verisign principal engineer at CSO applied research division, Matthew Thomas, as Chrome's market share surged in 2010 after the feature was added, queries similar to the pattern used by Chrome also increased.

Thomas wrote in a blog post that 10 years since the feature's introduction, Chromium's queries cause half of the DNS root server traffic. "That equates to about 60 billion queries to the root server system on a typical day," he said, adding that this traffic supports a single browser function while the DNS interception would distribute denial of service attack in any other scenario.

Read also: Gmail and Google Drive Outage Experienced Worldwide, But Not Everyone Is Affected

Only 2,302 servers can disable 80% global internet

Earlier this month, telco giant Telstra experienced a massive denial of service, which previews how an internet outage can affect the users and business as a whole. Telstra Later confirmed the cyber attack was a DNS issue, and not malicious.

In research by Sans Institute dean of research Johannes Ullrich, he found that it would only 2,302 servers among 2.7 million authoritative servers worldwide can disable 80% of internet service.

That is equivalent only to about 0.084% of the total servers. This is because the domain names are concentrated only on a few servers. "0.35% of name servers are responsible for 90% of all domain names," Ulrich said.

For instance, GoDaddy houses over 94.5 million domain names, while Google had 20 million. The other main servers include the trio of dns.com, hichina, and IONOS, which have 15.6 million each as well as Cloudflare had 13.8 million records. Meanwhile, enom.com / registrar-servers.com had 11.1 million, wixdns.net with 9.1 million, while name-services.com and namebrightnds.com had 7.3 million each.

"Using a cloud-based DNS service is simple and often more reliable than running your name server," said Ulrich. He added that the large concentration of name services on with just a small number of entities is highly risky to the infrastructure.

However, to lessen the risk of disabling the Internet due to server outage, Ullrich urged people to enable in-house secondary name servers as well as to utilize more than one DNS provider.


Read also: Google Chrome to Block "Insecure" Downloads; But How Soon?

This article is owned by Tech Times 

Written by: CJ Robles 

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Tags: Google Security Chrome
Join the Discussion