Module 2
Module 2: DNS Security — Protecting the Digital Backbone
⏱ 3 min read
Module 2: DNS Security
DNS is the protocol everyone depends on and almost no one secures properly. It was designed in 1983 for a 1,000-node internet where everyone knew each other. Today it routes queries for billions of devices across a network that's hostile by default.
This module covers how DNS gets attacked — specifically, mechanically, with real incidents — and how to defend against it. Not theory. Production knowledge.
What You'll Learn
By the end of this module, you'll know:
- The DNS threat surface: which attacks are common, which are rare, and why attackers care about DNS at all
- How amplification attacks work, and why open resolvers are public infrastructure for DDoS criminals
- The Kaminsky cache poisoning attack — one of the most elegant exploits in internet history
- How domains get stolen (spoiler: usually through the registrar, not the protocol)
- DNSSEC, how it works, why adoption is still low, and when you actually need it
- DNS over HTTPS and DNS over TLS — the privacy trade-offs no one talks about honestly
- A production-ready checklist for securing DNS infrastructure
- Four case studies from real incidents, analyzed technically
Lessons
| # | Topic | Duration |
|---|---|---|
| 01 | DNS Security Landscape | 10 min |
| 02 | Amplification and DDoS | 12 min |
| 03 | Cache Poisoning and Spoofing | 12 min |
| 04 | Domain Hijacking | 11 min |
| 05 | DNSSEC | 14 min |
| 06 | DNS over HTTPS and DoT | 10 min |
| 07 | Best Practices | 10 min |
| 08 | Case Studies | 15 min |
Prerequisites
You should have completed Module 1, or have a solid understanding of DNS fundamentals: how resolution works, what a resolver does, the difference between authoritative and recursive DNS, and the basics of record types.
If you can explain what happens when you type a domain into a browser without consulting notes, you're ready.