DNS is beautiful

Поделиться
HTML-код
  • Опубликовано: 27 дек 2024

Комментарии • 73

  • @hnasr
    @hnasr  2 года назад +5

    Get my Fundamentals of Networking for Effective Backends udemy course Head to network.husseinnasser.com (link redirects to udemy with coupon)

  • @briandsouza1550
    @briandsouza1550 2 года назад +34

    Your content is so worth the time! Thank you for making it captivating in your own unique way. I'm a network engineer and I can't tell you how much what you say helps me expand my horizons!

  • @rohrvy1989
    @rohrvy1989 2 года назад +9

    First I thought ok it was just DNS basics..but as you progressed through and explain DNS cache poisoning and Chrome bug.. it became a worth to watch video

  • @WiktorJurek
    @WiktorJurek 2 года назад +7

    Love it! You always get taught about DNS, but you never get taught about the sheer brilliance to be able to deliver such a service *at scale*. Thanks, Hussein.

  • @derickasamani5730
    @derickasamani5730 2 года назад +4

    As a network engineer I just love hearing Hussein take on DNS, it makes me appreciate some of the decisions developers have to make.

  • @faizalimuhammadzoda4731
    @faizalimuhammadzoda4731 2 года назад +2

    Love it. Thanks for taking time to make this precious tutorial.
    BTW, you seem to feel so relaxed when you talk.

  • @randompandit3208
    @randompandit3208 2 года назад +1

    your channel is a gold mine

  • @jonathonkiner7415
    @jonathonkiner7415 12 дней назад

    In other words, a top-down approach is generally considered more efficient than a bottom-up approach.

  • @poiiihy
    @poiiihy 2 года назад +6

    Instead of partitioning with TLDs, couldnt they have partitioned by letters of the domain? Like as if the first or last letter was a tld without the dot.

    • @hnasr
      @hnasr  2 года назад +11

      I see, your idea is to replace TLD with the first character of the domain, so there will be a fixed number of 26 partitions only. The root servers will return IP address of a partition server. And the partition sever will return the authoritative name server IP.
      example, resolving hussein will ask the root server for an “h” server which there will be many, the client connect to the h server, and ask for hussein, get back the authoritative name server which will have the ip address of hussein.
      Sub domains will be asked from the authoritative name server.
      We can even add an additional layer of partitioning in case one letter gets too large.
      I love the idea. Might work! (Btw I love comments like this which challenges what we have today)

    • @vikingthedude
      @vikingthedude 2 года назад +1

      Interesting idea. This would also mean we're coupling the name we want with the DNS nameservers. If there was ever a reason we'd want to avoid a certain nameserver, we'd have to mostly change our site's name. This is opposed to the current situation where we'd just have to change the tld part of our site's name.

    • @gamer-gw9iy
      @gamer-gw9iy 2 года назад +1

      This would centralize DNS unless the tld was also partitioned or the full domain list was made public somewhere, eg each domain registrar posted a list of all their domains and IP addresses so that anyone could run their own 'h' master server 🤔

  • @abhi9811206369
    @abhi9811206369 2 года назад +1

    What an amazing and insightful video!

  • @kornelijussliubauskas8299
    @kornelijussliubauskas8299 2 года назад +6

    I might think this would sound deadly simple to understand for some, but as through my self taught programming journey I still have no colorful view of base64 encoding. Peeked at your channel ad didn't found nothing about it. So asking you a favor for creating video about base64 encoding, what problems it "was" solving and current benefits of it. Thank you.

    • @hnasr
      @hnasr  2 года назад +10

      Sure! It is basically taking any binary blob and make it into string of subset characters (a-z 0-9) . Main use cases is getting rid special characters such as % and spaces and make it into a simple string that everyone understands. In the example I mentioned, environment vars will have special chars, spaces, etc so hackers in this case took all that and base64
      Eg
      This is a base 64 string RW5jb2RlIHRoaXMgIiRwZWNpYWwgc3RyaW5nIg==
      Which is converted from this text
      Encode this "$pecial string"
      Play with it here amp.base64encode.org
      Hope that helps

    • @almostcertainlynotapotato6528
      @almostcertainlynotapotato6528 2 года назад

      @@hnasr So base64 is like sha256 but reversible?

    • @kornelijussliubauskas8299
      @kornelijussliubauskas8299 2 года назад

      @@hnasr So if binary blob is being transported no matter what layer 4, layer 7 is in count, it always has to be encoded in base64 for the convenience of parsing it at one end so it's platform agnostic? Its funny to say because so far everything seems to make sense for me talking about networking, but this base64 is just... :DD

    • @SlackerVez
      @SlackerVez 2 года назад

      ​@@kornelijussliubauskas8299 It's not so much about ease of parsing or being platform agnostic, as it is about getting the blob through intact. Many communication channels are not binary safe (i.e. control characters in terminals, CRLF conversion on windows), so base64 trims down the character set in a way that any any two bytes can be represented using three "plain text" characters, minimising the chances the data gets mangled in transit. It's a more efficient version of turning the bytes into a string of hexadecimal values, as base64 has a size overhead of 50% whereas hexadecimal notation has an overhead of 100% (doubling the size). Either way, once decoded, you now have your binary blob elsewhere, but unless you're just piping it out to disk / network, you still need to process it in whatever potentially platform specific way it may require. All the lower layer networking is binary-safe, base64 mostly helps overcoming application protocols that look for control characters in the byte stream and modify it in transit.

  • @eyondev
    @eyondev 2 года назад +2

    I was just having DNS problems the other day. I hope this will be useful.

  • @kalpakHere
    @kalpakHere 2 года назад +1

    There's nothing without problems, at the end of the day.
    Nice way to wrap it all up :)

  • @KangJangkrik
    @KangJangkrik 2 года назад +1

    Professor, when is the deadline?

  • @g3n3ricnam35
    @g3n3ricnam35 2 года назад +1

    My only question is, how does the tld server know the authoritative server is the right one for the domain?

  • @tamatawanavu
    @tamatawanavu 10 месяцев назад

    There might be more.....not sure! LOL love it.

  • @emtee5994
    @emtee5994 2 года назад

    ODBC inclination of thoughts. Nice.

    • @hnasr
      @hnasr  2 года назад +1

      You noticed!

    • @emtee5994
      @emtee5994 2 года назад

      I did!

    • @emtee5994
      @emtee5994 2 года назад

      I'm looking for things to do to grow and going through your content is enlightening.
      Thank you.

  • @Mikhai_nik
    @Mikhai_nik 2 года назад

    I use G-core's DNS hosting. 10-15 ms. Unlike Cloudflare, u can configurable DNS balancing by coordinates. Balancing by IP, ASN, countries, or continents with GeoDNS. DNS still coolest thing

  • @peterszarvas94
    @peterszarvas94 2 года назад +4

    So Google was DDoS-ing the DNS root servers for 10 years, haha

  • @Crupanshu
    @Crupanshu 2 года назад

    Really nice insights...
    FYI I'm definitely going to look up for "Grandma for Hire" at least on surface web.

  • @gugocharade
    @gugocharade 2 года назад

    Let's say i have a company which has a private network and i want a DNS server, how can i do that ?

  • @BennyKleykens
    @BennyKleykens 2 года назад

    DNS never goes down. That's the beauty of it. Just like the Internet never goes down.

  • @zainabalhaidary
    @zainabalhaidary 2 года назад +4

    Who here made it to the grandmas for hire part? 😅

  • @maximus6884
    @maximus6884 2 года назад

    Btw, how could DNS spoof work in modern internet as browsers check for certificates?

    • @mateuscanelhas5662
      @mateuscanelhas5662 2 года назад +1

      By default, browsers used to try and initiate a plain http connection. Only when the origin responded with the availability of https would it try and upgrade the connection.
      This has been very recently changed - Not sure how this work with these in place.

    • @maximus6884
      @maximus6884 2 года назад

      @@mateuscanelhas5662 I see. Is it still the case may I ask?

    • @mateuscanelhas5662
      @mateuscanelhas5662 2 года назад

      @@maximus6884 It is not. ruclips.net/video/XrlfX0duLKQ/видео.html

    • @poiiihy
      @poiiihy 2 года назад

      Wtf where'd my comment go

    • @maximus6884
      @maximus6884 2 года назад

      @@poiiihy youtube deletes.

  • @FilthySnob
    @FilthySnob 2 года назад +1

    'DNS is beautiful'
    no you're beautiful

  • @bubulray1106
    @bubulray1106 2 года назад +2

    Damn... Those attackers who hacked apple really got big brains. 😂

  • @huh_wtf
    @huh_wtf 2 года назад

    real nice!

  • @MukeshKumar-vv3wd
    @MukeshKumar-vv3wd Год назад

    I really like your videos, but it would be better if you show some tools / code and demonstrate whatever you're saying.

  • @GoodwillHeadset
    @GoodwillHeadset 2 года назад +1

    For Grandma

  • @__nitinkumar__
    @__nitinkumar__ 2 года назад

    First, non emoji comment.

  • @_just_for_fun_4472
    @_just_for_fun_4472 2 года назад +6

    Can you please shorten the length of videos

    • @shantanu9412015407
      @shantanu9412015407 2 года назад +6

      This takes out the major fun in this way, Its just asking someone to change the style of their teaching which made them popular. What makes him standout is this way of him .

    • @iulians1993
      @iulians1993 2 года назад +3

      I skipped a lot of videos of this man because of their length. I see so many good feedbacks in the comments, but I don't really feel like I get that precious information from here.

    • @dragon_warrior_
      @dragon_warrior_ 2 года назад +6

      @@iulians1993 for me it was totally opposite of what you said. Depends on person to person and their domain knowledge...

    • @zainabalhaidary
      @zainabalhaidary 2 года назад +3

      I think the length of the video is perfect to go into enough details

    • @harsiddhdave44
      @harsiddhdave44 9 месяцев назад +3

      Lengthy videos ensure enough details in it. This is much needed!

  • @noirmax1083
    @noirmax1083 2 года назад

    😋😋😋

  • @phill13able
    @phill13able 2 года назад +1

    Bro started the video as though his wife died or something. lol

  • @maximus6884
    @maximus6884 2 года назад

    I love your explanation on DNS - but I do not agree that DNS is beautiful. Its design is beautiful however DNS itself is evil. WEB2 is broken and WEB3 is invented strogly because of DNS problems. Big goverments own the entire internet and the entire internet is broken because of DNS. Why? Because DNS is controlled by a single entity. And that entity loves to keep all power to itself. For this reason, the WEB2 cannot be decentralized, can be easily blocked and it can NEVER be secure. Comes IPFS addressing all of these issues in WEB3.

    • @gyroninjamodder
      @gyroninjamodder 2 года назад +1

      DNS is not controlled by a single entity. It is controlled by all of the name servers your query hits. Nothing prevents you from setting up your own root name servers. Even though the main root nameservers are run my ICANN there early hasn't been an issue even though it's centralized. IPFS uses content based addressing which is separate from just using a simple name.

    • @big-t2060
      @big-t2060 2 года назад

      @@gyroninjamodder DNS is centrally controlled ; Just try to reach say RT or Sputnik using a DNS server located in the European Union...

    • @gyroninjamodder
      @gyroninjamodder 2 года назад

      @@big-t2060 Are you saying that Is European ISP's nameservers sensor it? I recommend using 8.8.8.8 or 1.1.1.1 instead in that case. It's even better to use DoH if you are worried about that.

    • @maximus6884
      @maximus6884 2 года назад

      @@gyroninjamodder you're wrong. DNS is centrally controlled. It looks distributed - like Netflix has many servers. But not truly.

    • @gyroninjamodder
      @gyroninjamodder 2 года назад +1

      @@maximus6884 Who centrally controls it then?

  • @yesyas5972
    @yesyas5972 Год назад

    I really enjoy this video, thk for the video