TryHackMe Walkthrough: DNS in Detail Explained

https://tryhackme.com/r/room/dnsindetail

Task 1: What is DNS?

DNS, or Domain Name System, is like the internet’s phonebook. It helps us connect to websites without needing to memorize long strings of numbers called IP addresses. Every device on the internet has a unique IP address, like 104.26.10.229, which acts like its home address for communication.

But let’s be honest remembering numbers like that isn’t easy. That’s where DNS comes in. It translates easy-to-remember names, like tryhackme.com, into those complex IP addresses so your browser knows where to go. It’s what makes browsing the internet simple and user-friendly!

What does DNS stand for?

Answer : Domain Name System

Task 2: Domain Hierarchy

A TLD (Top-Level Domain) is the last part of a domain name the bit that comes after the final dot. For example, in tryhackme.com, the TLD is .com.

There are two main types of TLDs:

1. gTLD (Generic Top-Level Domain): Originally, these were designed to indicate the purpose of the domain. For example:

.com: Commercial

.org: Organizations

.edu: Education

.gov: Government

2. ccTLD (Country Code Top-Level Domain): These are tied to specific countries or regions, such as:

.in: India

.ca: Canada

.co.uk: United Kingdom

Over time, the demand for new domain names has led to the creation of many new gTLDs like .online, .club, .website, and .biz, among others. Today, there are over 2,000 TLDs to choose from, giving websites a lot of flexibility in branding and functionality.

https://data.iana.org/TLD/tlds-alpha-by-domain.txt

A Second-Level Domain (SLD) is the part of the domain name that comes right before the Top-Level Domain (TLD). For example, in tryhackme.com, the SLD is tryhackme, and the TLD is .com.

When you register a domain, the SLD is the unique name you choose to represent your website or brand. Here are some rules for creating an SLD:

It can be up to 63 characters long (not including the TLD).

Allowed characters are letters (a-z), numbers (0–9), and hyphens.

The SLD cannot start or end with a hyphen.

Consecutive underscore (e.g., “ _“) are not allowed.

The SLD is your chance to create something memorable and distinctive for your website!

A subdomain is an extension of your main domain, appearing on the left side of the Second-Level Domain (SLD) and separated by a dot. For example, in admin.tryhackme.com, the subdomain is admin, and the SLD is tryhackme.

Some key details about subdomains:

Subdomains follow the same creation rules as Second-Level Domains:
Up to 63 characters long.
Allowed characters are letters (a-z), numbers (0–9), and hyphens.
Cannot start or end with a hyphen or have consecutive hyphens.
You can create multiple subdomains, and they can be chained together. For instance:
jupiter.servers.tryhackme.com
The total length of the full domain name, including all subdomains, must not exceed 253 characters.
There’s no limit to how many subdomains you can create for your domain, making them useful for organizing different sections of your website or services (e.g., blog.example.com, shop.example.com).

Subdomains are a great way to create clear, functional structures for your online presence!

What is the maximum length of a subdomain?

Answer : 63

Which of the following characters cannot be used in a subdomain ( 3 b _ — )?

Answer : _

( In a subdomain, the character _ (underscore) cannot be used.)

What is the maximum length of a domain name?

Answer: 253

What type of TLD is .co.uk?

Answer : ccTLD

Task 3: Record Types

DNS (Domain Name System) supports multiple record types to handle various functions beyond just connecting websites. Here’s an overview of some common DNS record types:

1. A Record (Address Record)

Maps a domain to an IPv4 address.
Example: 104.26.10.229.
Used to route traffic to the correct server.

2. AAAA Record

Maps a domain to an IPv6 address.
Example: 2606:4700:20::681a:be5.
Supports the newer IPv6 format, offering a larger address space.

3. CNAME Record (Canonical Name Record)

Points one domain to another domain name.
Example: store.tryhackme.com resolves to shops.shopify.com.
A second DNS request is made to resolve the IP address of the target domain.
Useful for aliasing and redirecting traffic.

4. MX Record (Mail Exchange Record)

Directs email to the mail servers responsible for the domain.
Example: alt1.aspmx.l.google.com.
Includes a priority flag to determine the order in which servers should be used, allowing backups if the main server is unavailable.

5. TXT Record

Stores freeform text-based data in DNS.
Common uses:
Listing authorized email-sending servers to prevent spam (e.g., SPF, DKIM).
Verifying domain ownership when integrating with third-party services like Google Workspace or Microsoft 365.

DNS records play a critical role in ensuring smooth communication between servers, email systems, and more!

What type of record would be used to advise where to send email?

Answer : MX

What type of record handles IPv6 addresses?

Answer : AAAA

Task 4: Making A Request

When you make a DNS request, a series of steps are followed to translate the domain name into its corresponding IP address. Here’s a simplified breakdown:

1. Local Cache Check

Your computer checks its local cache to see if it has recently resolved the domain.
If found, the IP address is retrieved, and the process ends here.

2. Recursive DNS Server

If not in the local cache, a request is sent to a Recursive DNS Server, usually provided by your ISP (though you can configure alternatives like Google DNS or Cloudflare DNS).
This server also checks its cache for recent queries. If found, it sends the response back to your computer.

3. Querying the Root DNS Servers

If the Recursive DNS Server doesn’t have the result, it forwards the request to one of the root DNS servers, which act as the internet’s DNS backbone.
The root server identifies the Top-Level Domain (TLD) in the request (e.g., .com) and refers the query to the appropriate TLD server.

4. Querying the TLD Server

The TLD server (e.g., for .com) holds information on where to find the Authoritative Name Server for the requested domain.
The TLD server directs the query to the domain’s authoritative server.

5. Authoritative Name Server

The Authoritative DNS Server stores the DNS records for the specific domain.
For example, the authoritative servers for tryhackme.com are kip.ns.cloudflare.com and uma.ns.cloudflare.com.
These servers retrieve the required DNS record (like an A or CNAME record) and send it back to the Recursive DNS Server.

6. Response and Caching

The Recursive DNS Server caches the response locally for a period specified by the TTL (Time To Live) value in seconds. This reduces the need for repeated requests for the same domain.
The server relays the response back to your computer, completing the process.

Caching and Efficiency

DNS caching occurs at multiple levels:
Your local machine
The Recursive DNS Server
This caching ensures faster responses for repeated queries and reduces the load on DNS servers.

What field specifies how long a DNS record should be cached for?

Answer : TTL

What type of DNS Server is usually provided by your ISP?

Answer : recursive

What type of server holds all the records for a domain?

Answer : authoritative

Task 5 : Practical

What is the CNAME of shop.website.thm?

Answer : shops.myshopify.com

Select DNS type as CNAME

What is the value of the TXT record of website.thm?

Answer : THM{7012BBA60997F35A9516C2E16D2944FF}

What is the numerical priority value for the MX record?

Answer : 30

What is the IP address for the A record of www.website.thm?

Answer : 10.10.10.10

Thank you so much for reading my blog! Your time and support mean everything to me. If you found the content helpful or insightful, feel free to like, comment, and share it with others who might benefit from it. I appreciate every bit of feedback and engagement — let’s keep the conversation going and continue learning together!