The Domain Name System (DNS) is a naming system for devices connected to a network, including the Internet.
The DNS translates names to the IP addresses needed to identify computers, servers and other devices and services. It means that, instead of needing to remember the IP address that contains a website, the user only needs to know the name of the company or website, which is more memorable and usable.
Without the Domain Name System, to visit the Athena Forensics website, rather than typing or remembering athenaforensics.co.uk, you would need to type or remember the IP address for it instead which, for athenaforensics.co.uk would be 184.108.40.206, which is far less memorable and completely removed from the site that it relates to.
The DNS is used to take the URL of a website (Uniform Resource Locator) and convert it retrieve the site’s IP address.
This happens whenever a domain name is used, including browsing websites or sending or receiving email.
The DNS Lookup Process
1: Website Information Request
The domain name is typed into the web browser by the user and the computer will attempt resolve the hostname.
The computer will look for the IP address associated with the domain name within its local DNS cache that contains the DNS information that the computer has recently retrieved.
If the DNS is available from the DNS cache then the website is displayed at this point, however, if not then the computer will perform a DNS query in order to retrieve the information.
2: Request the Recursive DNS Servers
When the DNS information requested is not held within the local DNS cache then the computer will query the recursive DNS servers from the Internet Service Provider (ISP) that it is connected to.
If the domain name is already in the cache of the ISP then the website will be displayed to the user.
3: Query the Authoritative DNS Servers
If the recursive DNS server does not contain the DNS information within its cache then the DNS query is passed to the authoritative DNS server that contains the data for a specific domain.
The authoritative servers are used to store the DNS records for their respective domain names.
4: The Access of the DNS Record
The recursive server requests the A record for the domain (athenaforensics.co.uk) and the record is stored within its local cache.
If the A record is requested again then the recursive server will have retained it which reduces the need to repeat the lookup process.
5: The DNS Record is Retrieved
Once the Recursive DNS server holds the information, the A record is returned to the requesting computer which then stores the DNS record within its local DNS cache.
6: The Website is Displayed
Once the computer has retrieved the DNS record and has it stored within the DNS cache, it then reads the IP address from the DNS record and provides that information to the Internet browser.
The Internet browser then connects to the web server associated with the IP within the A record and the website can then be displayed.
About Athena Forensics
For information on our digital forensic services or if you require any advice or assistance please contact a member of our team on 0330 123 4448 or
via email on email@example.com, further details are available on our contact us page.
Our client’s confidentiality is of the utmost importance. All correspondence is treated with discretion, from initial contact to the conclusion of any
computer forensic investigation.
Our digital forensics experts are fully aware of the significance and importance of the information that they encounter and we have been accredited
to ISO 9001 for 10 years.
Our forensic experts are all security cleared and we offer non-disclosure agreements if required. Our premises along with our security procedures have been inspected and approved by law enforcement agencies.
Athena Forensics do not disclose personal information to other companies or suppliers.