{"id":642,"date":"2023-12-27T09:57:36","date_gmt":"2023-12-27T09:57:36","guid":{"rendered":"https:\/\/linuxresellerwebhosting.in\/blog\/?p=642"},"modified":"2023-12-27T11:19:20","modified_gmt":"2023-12-27T11:19:20","slug":"use-google-dns-8-8-8-8","status":"publish","type":"post","link":"https:\/\/linuxresellerwebhosting.in\/blog\/use-google-dns-8-8-8-8\/","title":{"rendered":"Get Started to use google DNS 8.8.8.8"},"content":{"rendered":"<h1 style=\"text-align: left;\"><span class=\"ez-toc-section\" id=\"GoogleDNS\"><\/span><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\"><span style=\"font-size: 18pt;\">GoogleDNS<\/span>:-<\/span><span class=\"ez-toc-section-end\"><\/span><\/h1><div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82_2 ez-toc-wrap-left counter-hierarchy ez-toc-counter ez-toc-light-blue ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<span class=\"ez-toc-title-toggle\"><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/linuxresellerwebhosting.in\/blog\/use-google-dns-8-8-8-8\/#GoogleDNS\" >GoogleDNS:-<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/linuxresellerwebhosting.in\/blog\/use-google-dns-8-8-8-8\/#Benefits_you_get_while_using_google_DNS\" >Benefits you get while using google DNS:<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/linuxresellerwebhosting.in\/blog\/use-google-dns-8-8-8-8\/#1DNS_latency\" >1.DNS latency.<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/linuxresellerwebhosting.in\/blog\/use-google-dns-8-8-8-8\/#Mitigations_or_how_to_resolve\" >Mitigations or how to resolve:-<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/linuxresellerwebhosting.in\/blog\/use-google-dns-8-8-8-8\/#2Improve_security\" >2.Improve security.<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/linuxresellerwebhosting.in\/blog\/use-google-dns-8-8-8-8\/#Mitigations_or_how_to_resolve-2\" >Mitigations or how to resolve:-<\/a><\/li><\/ul><\/li><\/ul><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n\n<p style=\"text-align: left;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">Google DNS is a free domain name system DNS service offered to internet users worldwide by google.The DNS protocol is an important part of the web&#8217;s infrastructure, it will serves as the internet phone book.each and every time if you visit a website your computer performs a DNS lookups.<\/span><\/p>\n<p style=\"text-align: left;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">Complex pages in a website performs a multiple DNS lookups before start loading.<\/span><\/p>\n<p style=\"text-align: left;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-1375\" src=\"https:\/\/www.coimbatorewebhosting.com\/blog\/wp-content\/uploads\/2019\/03\/google-dns.png\" alt=\"google dns\" width=\"751\" height=\"315\" \/><\/span><\/p>\n<h4 style=\"text-align: left;\"><span class=\"ez-toc-section\" id=\"Benefits_you_get_while_using_google_DNS\"><\/span><span style=\"font-family: 'times new roman', times, serif; font-size: 18pt;\">Benefits you get while using google DNS:<\/span><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<h4 style=\"text-align: left;\"><span class=\"ez-toc-section\" id=\"1DNS_latency\"><\/span><span style=\"font-family: 'times new roman', times, serif; font-size: 18pt;\">1.DNS latency.<\/span><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p style=\"text-align: left;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">Whenever a client or user needs to query a DNS resolver over the network, the latency introduced can be significant, depending on the proximity and number of name servers the resolver has to query (more than 2 is rare, but it can happen).<\/span><\/p>\n<p style=\"text-align: left;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">There are Two components to DNS latency:-<\/span><\/p>\n<ul style=\"list-style-type: disc; text-align: left;\">\n<li style=\"text-align: justify;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">Latency between the client (user) and DNS resolving server. In most of the cases this is largely due to the usual round-trip time (RTT) constraints in networked systems: geographical distance between client and server machines; network congestion; packet loss and long retransmit delays (one second on average); overloaded servers, denial-of-service attacks and so on.<\/span><\/li>\n<li><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">Latency between resolving servers and other name servers. This source of latency is caused primarily by the following factors:<\/span>\n<ul style=\"list-style-type: disc;\">\n<li style=\"text-align: justify;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">Cache misses. If a response cannot be served from a resolver&#8217;s cache, but requires recursively querying other name servers, the added network latency is considerable, especially if the authoritative servers are geographically remote.<\/span><\/li>\n<li style=\"text-align: justify;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">Underprovisioning. If DNS resolvers are overloaded, they must queue DNS resolution requests and responses, and may begin dropping and retransmitting packets.<\/span><\/li>\n<li style=\"text-align: justify;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">Malicious traffic. Even if a DNS service is overprovisioned, DoS traffic can place undue load on the servers. Similarly, Kaminsky-style attacks can involve flooding resolvers with queries that are guaranteed to bypass the cache and require outgoing requests for resolution.<\/span><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h4 style=\"text-align: left;\"><span class=\"ez-toc-section\" id=\"Mitigations_or_how_to_resolve\"><\/span><span style=\"font-family: 'times new roman', times, serif; font-size: 18pt;\">Mitigations or how to resolve:-<\/span><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p style=\"text-align: left;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">In Google Public DNS, they have implemented several ways to speeding up DNS lookup times.<\/span><\/p>\n<ul style=\"text-align: left;\">\n<li><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">Provisioning serving clusters adequately.<\/span><\/li>\n<li><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">Load-balancing for shared caching.<\/span><\/li>\n<li><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">Distributing serving clusters for wide geographical coverage.<\/span><\/li>\n<\/ul>\n<h4 style=\"text-align: left;\"><span class=\"ez-toc-section\" id=\"2Improve_security\"><\/span><span style=\"font-family: 'times new roman', times, serif; font-size: 18pt;\">2.Improve security.<\/span><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p style=\"text-align: left;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">Since the DNS is an open, distributed design of the Domain Name System, and its use of the User Datagram Protocol (UDP), DNS is vulnerable to various forms of attack. Public or &#8220;open&#8221; recursive DNS resolvers are especially at risk, since they do not restrict incoming packets to a set of allowable source IP addresses.<\/span><\/p>\n<p style=\"text-align: left;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">We are mostly concerned with two common types of attacks:<\/span><\/p>\n<ul style=\"text-align: left;\">\n<li><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">Spoofing attacks leading to DNS <em>cache poisoning<\/em>. Various types of DNS spoofing and forgery exploits abound, which aim to redirect users from legitimate sites to malicious websites. These include so-called <em>Kaminsky attacks<\/em>, in which attackers take authoritative control of an entire DNS zone.<\/span><\/li>\n<li><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">Denial-of-service (DoS) attacks. Attackers may launch DDoS attacks against the resolvers themselves, or hijack resolvers to launch DoS attacks on other systems. Attacks that use DNS servers to launch DoS attacks on other systems by exploiting large DNS record\/response size are known as <em>amplification attacks<\/em>.<\/span><\/li>\n<\/ul>\n<h4 style=\"text-align: left;\"><span class=\"ez-toc-section\" id=\"Mitigations_or_how_to_resolve-2\"><\/span><span style=\"font-family: 'times new roman', times, serif; font-size: 18pt;\">Mitigations or how to resolve:-<\/span><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p style=\"text-align: left;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">The solution for the above in a standard system for DNS vulnerabilities is DNSSEC.<\/span><\/p>\n<p style=\"text-align: left;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">Apart from this,<\/span><\/p>\n<ul style=\"text-align: left;\">\n<li><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">Securing your code against buffer overflows, particularly the code responsible for parsing and serializing DNS messages.<\/span><\/li>\n<li><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">Over provisioning machine resources to protect against direct DoS attacks on the resolvers themselves. Since IP addresses are important for attackers to forge, it&#8217;s impossible to block queries based on IP address or subnet; the only effective way to handle such attacks is to simply absorb the load.<\/span><\/li>\n<li><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">Implementing basic validity-checking of response packets and of name server credibility, to protect against simple cache poisoning.<\/span><\/li>\n<li><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">Adding entropy to request messages :-To reduce the probability of more sophisticated spoofing\/cache poisoning attacks such as Kaminsky attacks. There are many recommended techniques for adding entropy, including randomizing source ports; randomizing the choice of name servers (destination IP addresses); randomizing case in name requests; and appending nonce prefixes to name requests.<\/span><\/li>\n<li><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\"><a href=\"https:\/\/developers.google.com\/speed\/public-dns\/docs\/security#remove_duplicates\" target=\"_blank\" rel=\"noopener\">Removing duplicate queries<\/a>, to combat the probability of &#8220;birthday attacks&#8221;.<\/span><\/li>\n<li><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\"><a href=\"https:\/\/developers.google.com\/speed\/public-dns\/docs\/security#rate_limit\" target=\"_blank\" rel=\"noopener\">Rate-limiting requests<\/a>, to prevent DoS and amplification attacks.<\/span><\/li>\n<li><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">Monitoring the service for the client IPs using the most bandwidth and experiencing the highest response-to-request size ratio.<\/span><\/li>\n<\/ul>\n<p style=\"text-align: left;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">The above is he benefits of using google DNS at your side,i thinks definitely it will help you.<\/span><\/p>\n<p style=\"text-align: left;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 14pt;\">To protect and secure your cpanel server from brut force or any other attacks <a href=\"https:\/\/linuxresellerwebhosting.in\/blog\/securing-your-cpanel-server\/\">click here<\/a> to know about that.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>GoogleDNS:- Google DNS is a free domain name system DNS service offered to internet users worldwide by google.The DNS protocol<\/p>\n","protected":false},"author":2,"featured_media":647,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[2,1],"tags":[27,28,26,29],"class_list":["post-642","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","category-uncategorized","tag-dns","tag-fast","tag-googel","tag-public"],"_links":{"self":[{"href":"https:\/\/linuxresellerwebhosting.in\/blog\/wp-json\/wp\/v2\/posts\/642","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/linuxresellerwebhosting.in\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/linuxresellerwebhosting.in\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/linuxresellerwebhosting.in\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/linuxresellerwebhosting.in\/blog\/wp-json\/wp\/v2\/comments?post=642"}],"version-history":[{"count":14,"href":"https:\/\/linuxresellerwebhosting.in\/blog\/wp-json\/wp\/v2\/posts\/642\/revisions"}],"predecessor-version":[{"id":665,"href":"https:\/\/linuxresellerwebhosting.in\/blog\/wp-json\/wp\/v2\/posts\/642\/revisions\/665"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/linuxresellerwebhosting.in\/blog\/wp-json\/wp\/v2\/media\/647"}],"wp:attachment":[{"href":"https:\/\/linuxresellerwebhosting.in\/blog\/wp-json\/wp\/v2\/media?parent=642"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/linuxresellerwebhosting.in\/blog\/wp-json\/wp\/v2\/categories?post=642"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/linuxresellerwebhosting.in\/blog\/wp-json\/wp\/v2\/tags?post=642"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}