Design And Implemention For DNS Information Detection System Based On Distributed Platform

With the rapid development of the Internet, many Internet security issues havetaken place and need more and more attention. Domain Name System, aka DNS isthe fundamental part of the Internet. Many web applications, such as browsing webpages, e-mailing transportation, file transferring and so on all need DNS toimplement IP address finding and locating. Therefore, the security of DNS is the keyto the healthy development of the Internet.The paper elaborates how DNS works and its related theoretical knowledge viaresearching on some well-known security issues of DNS, which happened recentyears, and then further analyses the reasons of why such issues keep happening. Soas to handle security threats of DNS, it is necessary to provide networkadministrator and DNS server maintainers with more accurate references of DNS. Inthis paper, a DNS information detecting system is designed and then implemented.This system, which is based on distributed platform, applies active probing methodto implement the following two systems, which are distributeddetection system and DNS information detection system.（1）Distributed detection system is designed and implemented with loadbalancing of detection node, formatting task list, achieving the overall task ofsegmentation and detection of DNS information, etc. this system dose some relatedwork for DNS information detection. Distributed detection platform environmentconsists of Master control end and Slave control end. Master end is the controlcenter and the Slave end completes the DNS information detection task.（2）DNS information detection systems is designed and implemented withsome information detection of DNS. Including DNS server detection andsegmentation strategy, DNS configuration information detection, such as DNSserver’s A resource record, AAAA resource record, PTR resource record, NSresource record, SOA resource record, CNAME resource record, MX resourcerecord, and whether allowed TCP connection, IPv6supporting etc. This paperdesigns and implements the information detection of DNS server software versionand vulnerability.Finally, we finalize part of network address within China and top1,000,000domain names with highest page views as the data source, initiate the DNSinformation detection, collect the results and do analysis and statistics based on theexperimental data we get.