DNS terms

The domain name system (DNS) is a crucial internet service that helps users access websites by translating human-readable domain names (like www.nordvpn.com) into machine-readable IP addresses (like 192.0.2.1).

NSEC record, or Next Secure record, is a security DNS record used in DNSSEC to prove the nonexistence of specific DNS records.

A LOC record is an informational DNS record that specifies the geographical location of a domain.

Domain tasting is buying a domain and testing its profitability.

Domain drop catching is registering a domain name immediately after it becomes available due to expiration.

Vanity domain is a domain name or URL registered in the Domain Name System (DNS) to reflect the identity of the person registering the domain.

Time to live is a setting determining the length of time DNS resolvers should cache a particular DNS record.

Split DNS is a configuration where the same domain has two DNS servers (sub-domains): one for the internal network and one for the external network.

A root server is a crucial component of the DNS infrastructure that helps to resolve domain names into IP addresses, which computers use to communicate with each other on the internet.

Reverse domain name hijacking is when a trademark owner wrongfully accuses someone of trademark infringement to seize control of their website address.

Reverse DNS is a lookup method in the Domain Name System that determines the host of an IP address.

A primary DNS server is a server that plays a crucial role in how the internet functions.

A Nord name is a unique DNS name that is automatically generated for devices that are registered to Meshnet.

Name resolution is the process of linking identifiers with actual program components they represent.

An iterative DNS query is a request where if the DNS server has no relevant DNS records in its cache, it refers the DNS client to another DNS server.

The Internet Assigned Numbers Authority (IANA) is a department within the Internet Corporation for Assigned Names and Numbers (ICANN).

A hostname is the label given to a device to identify it on a particular computer network.

A Fully Qualified Domain Name (FQDN) is a complete address that identifies an exact location within the hierarchical system of the internet.

A forward DNS is a DNS query where a client asks a DNS server to return the IP address associated with a specific domain name.

Fast flux is a technique used to rapidly change the IP addresses associated with domain names.

Dynamic DNS is a service that automatically updates DNS servers’ records in real time.

Domain is an organized system of computers and other electronic devices that operate under the direction of a single administrator and adhere to a common set of rules.

Domain shadowing is a subcategory of DNS hijacking that involves the stealthy creation of malicious subdomains under already-compromised domain names.

Domain Name System parking refers to registering a domain name for a website or email service without actively using it.

DNSSEC represents a collection of enhancements to the Domain Name System (DNS) that delivers an extra level of security.

A DNS zone is a specific part of the domain namespace that belongs to, is assigned to, and is managed by a certain administrator or organization.

A DNS zone transfer is a type of DNS transaction you can implement.

A DNS TXT record is a type of DNS record that contains and stores data about your domain in a text format.

DNS TTL is a setting that specifies how long a query should be stored in the DNS resolver's cache before it must be resubmitted.

A DNS SRV record is a type of DNS resource record that specifies the hostname and port number for a particular service within a domain.

A DNS SPF record is a type of DNS TXT record that is an integral part of a domain’s DNS.

A DNS SOA record is a type of DNS record that contains all the administrative data about your DNS zone.

DNS resolution refers to translating an IP address to a domain name, allowing users to access the website through the site’s URL.

DNS redundancy refers to having multiple Domain Name System (DNS) servers in place to ensure continued functionality in the event of a single server failure or a distributed denial of service (DDoS) attack.

A DNS record is a database entry stored in DNS servers with information on specific domains, such as their IP addresses or instructions on how to handle related DNS queries.

A DNS rebinding attack is a type of DNS attack that manipulates the resolution of domain names.

A DNS query is a message your device sends to find the IP address of a website you want to visit.

A DNS PTR record (or Pointer record) is a type of DNS record that provides the domain name linked to a specific IP address.

A DNS proxy is a tool that forwards DNS queries and responses between DNS clients (like computers) and DNS servers, which translate domain names into IP addresses.

DNS propagation refers to the time it takes for all servers on the Internet to update the DNS records after a change has been made.

A DNS port is a network port used for communication between a DNS client and server.

DNS over HTTPS (DoH) is a protocol for performing remote Domain Name System (DNS) queries over an encrypted HTTPS connection.

DNS load balancing is a method of distributing client requests across multiple servers by configuring a domain in the DNS, enhancing performance and reliability.

DNS hosting is a service that allows individuals or organizations to manage their domain names' DNS settings.

DNS flushing is the process of clearing the Domain Name System (DNS) cache on your device.

DNS filtering blocks access to malicious or forbidden websites and apps at the DNS level, helping companies secure data and control employee access on managed networks.

DNS failover is a technique used to ensure the high availability and reliability of a website or web service by automatically redirecting traffic to a backup or secondary IP address or server if the primary server fails or becomes unreachable.

DNS encryption refers to the process of encrypting DNS (Domain Name System) traffic, which helps enhance the security and privacy of internet communication.

A DNS CNAME record is a DNS record type that organizations and individuals use to map an alias name to a canonical or true domain name.

A DNS client is a component or service that resolves DNS domain names into IP addresses by sending name-resolution queries to local and remote DNS servers.

DNS cache is temporary storage on a browser or device’s OS used to store the data about previous DNS requests from that device or browser.

DNS blocking is a type of protection mechanism that organizations and individuals use to prevent devices on their networks from accessing specific websites or web pages.

In cybersecurity, a DNS-based Blackhole List (DNSBL) or Real-time Blackhole List (RBL) can be described as a list of various domain names and IP addresses that are recognized as a source of spam, malware, or other known malicious activities.

A DNS allowlist is a network security tactic that helps administrators control access to websites and online services.

A DNS AAAA record performs the same functions as a DNS “A” record.

A country code top-level domain (ccTLD) is the top-level domain reserved for a geographical area identified with a country code (generally a country, sovereign state, or a dependent territory). ccTLDs identifiers are usually composed of two letters — the area’s ISO 3166-1 alpha-2 code, also known simply as the country code.

A canonical name is a type of database record in the domain name system that indicates that a domain name has an alias or a nickname.

With anycast DNS, multiple servers can apply to a single IP address.

A zone file is a text file on a Domain Name System (DNS) server that contains information that connects the website's name to the IP address of its server.