Gone But Not Forgotten: Part 3 – DNS

As an M365 Admin, you’ve expanded your understanding of the underlying technology that allows all your clients (desktops/laptops/tablets and mobile devices) to connect to the M365 platform you manage. TCP/IP and DHCP work together to put those devices on a network and, ultimately, on the Internet. Although we didn’t dive deeply into the way routers work or how Wi-Fi is part of the 802 model (802.11 to be exact: IEEE 802 - Wikipedia), you now have a better grasp of the invisible aspects of client connectivity to Microsoft’s hosted services. But… being connected and making the connection are two different things. Yes, you’re ON the Internet, but how does your computer or device know where your email is, or where your OneDrive files reside, or how to show you the Amazon website when you type in Amazon.com?

Some of you may remember dial tone. You would pick up your home phone and it would have a dial tone. This let you know your phone was working. You had power and you had a connection to the phone network. But to actually talk to someone else, you had to put in their phone number. We didn’t always know the number, so we would call information (a simple 411 got us to a person who helped us). We would tell them the name of the person or business and location and they would give us a number for us to call. The Internet works the same way using DNS.

DNS (domain name services) servers are on the Internet to help us find the IP address of web sites or send emails to mail servers and so on. DNS provides this hierarchical, organized set of registered IP addresses and domain names for everyone on the Internet. and it is all done behind the scenes. The root for the whole DNS system is a period (.) which is odd because we never type that in. If we typed a period (.), it would be at the end of the URL, but because it is assumed, we leave it out. Instead, we end our URLs with .com, .gov, .net, .org, and so on. For countries, there may be ones like .uk, .cn, and so on. That is why not all URLs we type in are .com, but can include other ending points. 

When you register a domain name like yourcompanyname.com (or .org, .net, etc) with a naming provider, like GoDaddy, it gives you an opportunity to provide a location for your servers. When you first set up your M365 organization, if you were the one who did it, you had to provide a domain name. If you didn’t already have one registered, you could search for and purchase a domain name during the setup process. In doing so, that name is connected to the IP address that is associated with the servers that have your services back at Microsoft.

It's easy to remember Mimecast.com is where you want to go. Or, if you send an email to person@companyname.com, it’s clear that that email needs to be sent to the email server for that company. The DNS servers on the Internet keep track of all the names and locations so that you don’t have to!

From a security perspective, it’s worth noting that DNS is a problem point if you can attack the DNS response to provide name resolutions that lead to malicious websites or other types of DNS attacks including spoofing, amplification, and hijacking. You can see how something so essential to ensuring clients can access servers and services would be a perfect attack point for the “bad guys”. On the positive perspective side to things, you can use DNS as a way of preventing network users (or family members) from accessing sites that are harmful or inappropriate because, again, if when you click a link to a site your system has to reach out to DNS for the IP address of the server where that URL is taking you and the DNS has that URL as a no-fly location … the process stops right there. There is value to using DNS blocking in this way.

Conclusion

Our opening title is somewhat misleading. Gone but not forgotten. These solutions are alive and well. They’re gone in the sense that the modern admin, especially the non-IT admin that focuses on M365 services, may not have had the training or the time to become self-educated on the subjects we just reviewed. And yet, you can see how these “older” technologies are the underpinnings of all that we do on the Internet, and all that you do as M365 admins. Hopefully, we have engaged your curiosity enough to spur on further research into these subjects for the benefit of you personally, and the organization you are responsible for managing and protecting.

Recommendations To Learn More:

Where Wizards Stay Up Late: The Origins of the Internet (by Katie Hafner)

ACI Learning Courses: https://www.acilearning.com/