The DNS system is responsible for translating human-readable hostnames into machine-readable IP addresses, and vice versa.
DNS recursive resolver is activated, which makes several requests:
- Root Name Server (are 13)
- Top Level Domain (.com, .it, , etc.)
- Authoritative Name Server (example.com).
DNS Records provides specific information.
- NS : Returns the DNS servers (NameServers) of the domain, responsible for the Authoritative Name Server of the zone.
- A : Hostname to IPv4.
- AAAA : Hostname to IPv6.
- PTR : IP to Hostname.
- CNAME : Associate an alias with a hostname, with the hostname associated with an A. e.g., A for hackthebox.eu and CNAME for www.hackthebox.eu
- MX : Mail Exchange, identifies hosts that will accept emails for a specific host. Returns the responsible mail servers.
- TXT : Contains various textual information.
- ANY : To get all records, but RFC8482 specifies that they would be dropped, so they might not respond.
- SOA : It provides information about the corresponding DNS zone and the e-mail address of the administrative contact. The SOA record is found in a domain's zone file and specifies who is responsible for operating the domain and how DNS information for the domain is managed. The dot (.) is replaced by a snail symbol (@) in the email address.
