Skip to main content

What are DNS Protocols and Security

DNS operates over UDP port 53 for queries and TCP port 53 for zone transfers. Key protocols include:

  • DNSSEC: Authenticates responses using DNSKEY, RRSIG, and DS records to prevent spoofing.
  • EDNS: Supports larger payloads and DNSSEC.

Security configurations include:

  • SPF: Authorizes mail servers (e.g., v=spf1 ip4:192.0.2.0/24 ~all).
  • DKIM: Adds cryptographic email signatures.
  • DMARC: Enforces email policies (e.g., v=DMARC1; p=reject;).
Back to top