What is an MX record in DNS?

The Domain Name System (DNS) is a complicated solution that links domain names to their IP addresses. The purpose is to make it easier for people. We remember names that we can easily write and keep in our memory and get to sites, that we need to know their location on the network – their IP addresses.

The DNS works with text commands that computers understand. These commands are called DNS records, and they are saved on DNS nameservers. In our case, we will explore the MX record and what other types of records you will need with it for a functional mail server.

What is the Mail Exchanger record (MX record)?

The MX record is a simple DNS record that holds the instruction for the sending email servers that tells them the name of the responsible server for accepting emails on behalf of the domain name.

For example, if we have a domain name called example.com, we need to add an MX record that links this domain name to the name of the host (mail server for receiving emails) for accepting emails like mail.example.com.

Then the senders need to get the A record or AAAA records of the mail.example.com, and they will know not only the name of the host but the IP address too.

In the zone of mail.example.com, you can’t have CNAME records, and you need to have A or AAAA records. CNAME doesn’t allow other records in the zone.

You can have multiple MX records that point to multiple hosts, like mail1.example.commail2.example.com, and so on, for redundancy.

The MX records have another important parameter, and it is the priority. It indicates the order of importance of accepting mail servers. A lower number means higher priority. You can have different hosts with the same priority or with different priorities. The senders will always try to send to the host with the lower priority first.

A common approach is to have one incoming mail server with a very high priority serving as a backup. Normally, it won’t receive emails, but in case all the rest with lower priority fail, it can receive the messages.

What happens if you don’t have MX records?

The MX records will point to the mail servers for receiving emails for your domain. If you are missing this pointer, the senders won’t know where to send the messages. It is like having a house without a mailbox. They either fail, or they will try to send the emails directly to the domain name, like example.com, and to its IP address (IPv4 or IPv6) with priority 0. The delivery is not guaranteed.

What other DNS records you need for your mail server?

When we talk about DNS, you will need the following DNS records so you can send and receive emails with lower bouncing rate and fewer missed emails for your inbox:

MX record – points which are the incoming mail servers (their hostnames).

A or AAAA records – you need A or AAAA records for your domain name and also for the hosts that you have. They point names to IP addresses.

SPF record – another text record. This one will show which servers can send emails on behalf of your domain.

DKIM record – To encrypt the sent messages and proof that the messages were not forged on the way.

DMARC record – To verify the SPF and the DKIM and to provide feedback to the domain owner or manager.

PTR record – the pointer record is opposite to the A or AAAA records and links IP address to a domain name. It is used for verification purposes as proof that the IP address is corresponding to the domain.

{ Add a Comment }

SSL vs TLS. Which one to choose?

SSL vs TLS

Authentication and security for the transporting of data are the common factors between these two technologies. There are differences between SSL vs TLS. Let see what each of them has in store for you.

What is SSL?

Secure Sockets Layer (SSL) is a standard for encrypting data that is exchanged between users’ devices (browsers) and websites. SSL also proves identity for users to feel safer. SSL became a convenient security layer, especially for websites requiring sensitive data from users.

To transfer information without securing it have the risks of interception, theft, or manipulation. 

SSL works via two different keys, a public key and a private one. Both are vital for encoding and decoding the information exchanged between two systems.

Whenever a user connects to a website with an SSL certificate, there’s an exchange of public keys to encrypt the messages they send to each other. When the server receives a message, it decrypts it through its private key. Its answer to the user is encrypted with this private key, and a mirrored process takes place on the user’s side.

SSL is used on remote login, e-mail, websites, etc.

What is TLS?

Transport Layer Security (TLS) is a cryptographic technology to keep private the data communicated on the Internet. It encrypts messaging, e-mail, voice-over IP, file transfers, etc. It’s an evolved version of SSL. 

TLS can authenticate the server or the client, supply confidentiality to the communication channel, and guarantee integrity.

A TLS connection starts with a handshake between the user’s device and a server. This handshake involves different processes. The identity of the server is authenticated. The TLS version and the specific cipher suite they will use to communicate are defined. And session keys to encrypt messages they will exchange are created. There won’t be an exchange of data until the handshake is completed.

SSL vs TLS. Which one to choose?

As you see, both technologies work similarly. TLS repaired vulnerabilities found on SSL and improved its functionality for authenticating and securing communication.

  • TLS supplies more detailed and reactive alerts when problems occur.
  • SSL authentication of messages through keys offers a good level of security. But TLS goes to a higher level, using key-HMAC (Hashing for Message Authentication Code) to protect information not to be modified while it is in transit. HMAC works through a secret cryptographic key and a cryptographic hash function. The shared secret replaces the use of digital signatures.
  • For creating key data with the HMAC, TLS uses two hash algorithms to increase security. Even if an algorithm gets compromised, information will be safe.
  • While authenticating, SSL sends a message to every node saying that the integrity of the exchanged information is untouched. Meaning it was not modified. TLS does the same, but it includes HMAC and PRF (pseudorandom function family) values in that message to strengthen its method of authentication. 
  • Data integrity is stronger guaranteed by TLS because it also defines the kind of certificate to be exchanged by nodes. This avoids loss of data while getting transferred to their destination.
  • SSL and TLS provide reliability for your website. Both supply the visible security marks for your customers to realize they are in a secured site. The HTTPS and the padlock on the address bar.
  • Many people call indistinctly SSL or TLS this technology. Some providers also think clients can be confused with the change. They sell you the TLS, saying it’s the SSL you asked for. But they are not the same. All SSL versions are already outdated. Many websites still use it (one of its versions), but they should be aware of the risks of its vulnerabilities to mitigate them.

To put it bluntly, TLS is already the official successor of the SSL certificate. 

Conclusion

Now the choice is clear, TLS for protecting the integrity of all the communication you exchange with your clients online. Internet is not a safe place anymore. Protection is a must!

{ Add a Comment }

Domain Name System Security Extension (DNSSEC).

Domain Name System Security Extension (DNSSEC)

DNSSEC is a group of different protocols and specifications for adding a security layer to the Domain Name System and all its processes. From the look-ups to all the exchange of data.

Those extensions supply DNS resolvers security through authenticated denial of existence, cryptographic authentication of DNS information, and information integrity.

It was created by the Internet Engineering Task Force (IETF). Mainly because the Domain Name System’s design originally didn’t include security aspects. In the early times of its use, different vulnerabilities were detected. Then this DNSSEC was developed. Creators chose to give this system the shape of extensions to make it easier to add them to the rest of the DNS infrastructure already in use.

Learn more about how DNSSEC service works!

What is the Domain Name System (DNS)?

Let’s shortly review DNS as a context to understand the importance of DNSSEC and how exactly it works.

DNS is in charge of translating domain names we use to refer to the domains we want to visit into IP addresses, strings of numbers that computers use to communicate with each other.

Then, every time you type a domain name on your browser, this sent a query to get DNS information, the IP address associated with the requested domain. The DNS translation is done for the computers to look for it. Once the information is found, the query is responded including the needed IP address. With it, your browser can finally reach the domain you requested.

How does DNSSEC work?

DNSSEC authenticates DNS through digital signatures that work with public and private keys cryptography. DNS information is signed by its owner. The DNSSEC is present at every domain’s level (root, TLD, etc.). Through the use of two keys, one private and one public, every upper level can check the one below for verifying trustable data and for detecting and refusing untrustable data. It’s like a security chain.

When you enter a domain name in your browser, you produce a request. Then the search of DNS information to resolve the request gets triggered. When the resolver server in charge of that search gets the information, it will check the digital signature to know if it matches with the ones saved in the master DNS servers. Only in the case of a positive match will the verified IP address pass and access the computer that originated the request. 

The digital signature protects you as a user to know you really are establishing communication with the website you wanted. This stops possible redirections to fraudulent destinations. 

Besides, resolvers also can check if the digital signatures on the information they receive are valid. In a positive case, the information will be sent to users. If a digital signature doesn’t pass validation, the resolver will discard the information to avoid a possible attack. And the user will receive an error.

DNSSEC’s data origin authentication feature gives a chance for resolvers to cryptographically verify if the information they get really comes from the proper zone where it was originated.

And through the data integrity protection, resolvers can also check if the information suffers changes in transit, meaning after it was signed by the zone (information’s owner) with its private key.

Benefits of having DNSSEC

The security it provides makes the internet trustable.

It protects users against man-in-the-middle, spoofing, or cache poisoning attacks and avoids redirections to malicious websites. IP addresses are verified in every DNS resolution process via the digital signature, not to receive a forged IP address.

What to consider about DNSSEC?

It is not by itself a DDoS attacks’ protection.

Activating DNSSEC will add some weight to the network, causing a little delay. Your administrators will realize it, but not your users.

Conclusion

Security is a priority. Without DNS, your domain can’t exist online, but by itself is not safe. Activate DNSSEC to protect your domain, network, and users.

{ Add a Comment }

How to back up your website?

Website Back Up

Even in the offline world, people back up their paperwork preventing a possible data loss. With computers, we learned the importance of backing up regularly in case of a hardware or software failure, a virus, or other threat.

The same logic should operate for websites. You should have security copies of it. This can save you in case something goes wrong, but also in other common situations.

Why is it important to back up your website?

Prevent data loss. Besides the website’s data, more information is added from your users’ purchases, comments, visits, etc. 

Malware or/and hacking attack. If your security defenses are defeated, a backup of your website is key to get back on track faster and easier than to build it from zero. Down-time means income loss.  

Compatibility problems. Lack of compatibility while installing software to improve website’s functionality can produce problems. If it goes too bad, a backup will allow you to get back fast to the beginning. 

Update’s issues. To update is a responsible and regular practice, but sometimes the process can cause conflict among the different software components. Have a copy of your website to restore it quickly.

Migration to a different web hosting provider. This process requires transferring the complete database and files of your website to a new server. You need an updated copy.

Original website’s development vs. updated backup. Websites get more developed with time and new additions. What you need is a copy of the latest website’s version. 

How to back up your website?

Back up manually. This is the hardest method. It takes time, effort, but it works. A website has many files to back up, especially big ones. Be very focused not to miss a single one because the smallest loss can cause problems. Check every downloaded file, organize to avoid confusion, and remember to back up regularly. A good practice is to create an archive file with the complete directory instead of downloading file-by-file. Have more than only a copy on different hard drives.

Back up with rsync. Remote sync is a remote but also a local tool for transferring and synchronizing files. Through an algorithm, it can detect the segments of the files that have been modified to save them. It reduces the amount of data that has to be copied, takes less bandwidth and time. It works between a computer and an external hard drive and across servers. 

Back up directly from your cPanel. Click the backup icon and go on clicking until the process is finished. It’s really important to save the backup on a computer or an offline destination too. A common mistake is to back up without choosing the destination for the copy to be saved. Then, by default, it gets stored in the server. If it fails or shuts down, you simply don’t have a backup.

Back up using the cloud. This is an easy solution. Everything (database, content, themes, plugins…) will be safely backed up and available when you need it. There are different services for you to choose from. 

Back up through automated tools. There is software, free and paid. You can configure to make a copy of your website as frequent as you set it up, manually or automated, etc. Some of these tools have to be installed. Others are web-based. In general, they download backups via FTP. Every file and the database will be downloaded and even scanned to be sure they are free of malware. There are many choices. They add specific features to compete with others.

Conclusion

Backing up is a self-defense practice. Choose the choice that best suits your website’s needs and your budget. Redundant backups are essential. Don’t store only a copy. Save in more than one server or offline safe location. Guarantee you can immediately restore your website and don’t leave this task for tomorrow!

{ Add a Comment }

DNS SRV record explained

DNS SRV record

Let’s investigate one more complicated DNS recourse record, the DNS SRV record. It is a very important one that points not only to the service, its location but also the exact port that it uses for communication. Let’s see the DNS SRV record in detail.

What is the DNS SRV record?

The DNS SRV record (service record) is a DNS record that is used to show the service’s port and hostname. What makes it different from other DNS records is that it specifies port too, and not the only hostname. That way, you can set through which port you want to be used a specified service.

How to configure SRV record?

It is a very useful DNS record for setting up a multi-host configuration. Now you can use multiple servers with different services with the same domain.

The DNS SRV record is very commonly used for APT, DANE, SMTP, POP, IMAP, SIP like Skype, Slack, etc.

DNS SRV record syntax:

_Service._Proto.Name TTL Class SRV Priority Weight Port Target

The components of the DNS SRV record are TYPE, TTL, NAME, PRIORITY, WEIGHT, PORT, TARGET.

What is a port?

When we are talking about computer networking, a port is the endpoint of communication. It is an identifier of a process or a type of network service. The ports have their specific number that is always related to IP addresses. It makes the origin or the destination complete.

Ports and ports’ numbers are digital, but if we want to make an analogy, let’s see an example with radio. 

A particular radio frequency is dedicated to FM radio. Imagine the FM radio as the port, and the exact frequency of your favorite FM station, like 98.2 MHz, is the exact port number.

Common port numbers are 20 (FTP Data Transfer), 21 (FTP Command Control), 22 (SSH), 23 (Telnet), 25 (SMTP), 53 (DNS), 67 (DHCP), 68 (DHCP), 80 (HTTP), 110 (POP3), 119 (NNTP), 123 (NTP), 143 (IMAP), 161 (SNMP), 194 (IRC), 443 (HTTPS).

What’s inside the DNS SRV record?

SERVICE – The short name of the service for which we are using the SRV.

PROTOCOL (PROTO) – here, we specify the protocol that we want to use for the communication like UDP, TCP, HTTP, HTTPS, etc.

NAME – the domain name for which the DNS SRV record is valid.

TTL – standard TTL field for a DNS record.

TYPE – SRV.

CLASS – Standard DNS field. You will see it with “IN”.

PRIORITY – You can have multiple hosts (servers) for the same service. The lower the number is, the higher the priority of the host is. The value must be between 0 and 65535. In case there are two hosts with the same priority, the weight parameter will determine the order.

WEIGHT – The weight is a selection mechanism for servers. A larger weight means a higher chance of getting connected. You can put higher weight (lower number) to a more powerful server, so it gets more connections. Again the number is between 0 and 65535.

PORT – The exact port like 53, 23, etc. It is a number between 0 and 65535.

TARGET – The hostname of the server that provides the service and ends with a “.”.

Conclusion

You now know what the SRV record is, why it is used and what’s inside one. Go ahead and use your newly-obtained knowledge for your configurations.

{ Add a Comment }

What is two-factor authentication, and how does it work?

two-factor authentication

One of the most basic security methods is the creation of strong passwords. The problem is after time, we all need to create not one password but plenty of them. For the personal and job e-mail, banking, taxation, social networks, video streaming service, shopping, etc.

This is bait for hackers. By cracking passwords, they can access all possible sensitive data from people. Besides, many people use the same password for different accounts, they don’t change them regularly, and they use really predictable information. This makes the job really easy for the shady guys.

What is two-factor authentication?

Two-factor authentication (2FA) is an authentication method in which users must prove their identities through two different ways to access their accounts. If they don’t provide the correct two factors, access will be denied.

2FA strengthens security by adding a layer of protection. It stops unauthorized people from accessing your sensitive information. Even if they get your user and password, they won’t access directly to your account. An extra factor still is needed.

How does the two-factor authentication (2FA) work? 

2FA adds a step to the regular log-in process. Besides, enter regular credentials (user and password), the users’ fingerprint can be required, or a code that the user will receive via mobile. That involves a separated device from the one you are trying to access, either a scanner or a mobile phone, meaning fewer risks. Regularly such codes are built with at least six numbers. The fewer numbers a code has, the easier it is for hackers to try combinations until they get the right one. This code is generated every time a user attempts to log in (user and password). It is called a verification code, passcode, or authenticator. That way, the identity will be double-checked to prevent hackers.

Without the second factor/step, logging in won’t be possible.

2FA uses several factors. The most common categories are the following.

  • Biological factors. It includes biological aspects like humans’ voices, eye retina, or fingerprints. 
  • Possession factors. A piece of information that can be physically possessed. A USB drive or a plastic card you have to insert on a specific spot to access. 
  • Software factors. Proves of identity supplied by software (applications, cryptographic key, etc.).
  • Knowledge factors. Specific, confidential information to access an account. A particular keystroke, the answer to a question, a code sent to your mobile, etc. 

Types of two-factor authentication (2FA)

There are different technologies available on the market. As you will see, the different factors can be combined to offer you stronger security.

  • Location authentication. Some accounts can require a second step to check the user’s location. When the user logs in with regular credentials (step one), this action triggers the verification of the location based on IP address or GPS coordinates. If your business has permanent regions, countries, or areas of operation, this can be a choice for you.  
  • Biometrics. This technology has become very popular, and it already offers a wide menu of choices. To prove your identity, you have to pass a recognition test. From fingerprint, hand geometry, voice, iris, retina, or face recognition, to gait (walking style), typing style, odour, and much more. 
  • Audio messages or SMS. Codes can be sent to users via SMS or voice message. 
  • Software tokens. They are applications that users install to generate and/or receive the necessary code they need as a second factor for accessing an account.
  • Hardware tokens. These are physical tokens that generate codes or the extra piece of information necessary for users to have access. 

Conclusion

Don’t take security for granted! To crack simple credentials is a piece of cake for hackers. Protect your online accounts and sensitive data with two-factor authentication (2FA).

{ Add a Comment }

Web hosting – explained for beginners

Web hosting

The process of creating a website, if you are passionate about your idea, is really exciting. Sometimes, as beginners, we think about important aspects like the design, content, a very attractive name, but we don’t consider the technical side.

One of the first needs that you will face is web hosting. Where on the Internet will your website live? Where are you going to store all its content and tech resources?

What is web hosting? 

It is the action of allocating space on a server to save all files (images, videos, text, code, etc.) belonging to a website. This action is a service provided by many different hosting companies. Web hosting is a must for your website (all the files that integrated it) to be accessed online. 

Think about it like the online space where your website will live. When you look for a web hosting provider, it’s like searching for an online home to rent. 

Types of web hosting

Servers are computers equipped with the necessary tech and connectivity to make your website available for the whole world or for a specific zone, whatever your goal is.

Thinking that a server will be your business home, you can get livable or a sophisticated, more or less independent and equipped home. Besides, there is a vast menu of plans and fees (even free choices) to cover all kinds of businesses’ needs. These are the main types of web hosting.

Shared hosting. It’s a cost-effective solution for beginners, small businesses, and even medium ones. You will have all the necessary tech features for your website to be online. What you need to consider is that many more websites will be hosted on the same server. And all of them will share the resources. If a “neighbor” has a special sale, it can suddenly get big loads of traffic. To manage such traffic will take more resources (bandwidth, processor power, RAM…). As a result, your website can be very sluggish. Put it bluntly, what happens to others, can negatively influence your site’s performance. 

Virtual Private Server (VPS). Again, your website will be hosted on the same server, next to many more “neighbors”. But there’s a big difference. Resources are not shared. Even living on the same server, every website has totally separated resources. No matter the e-shop next to you has a special sale, this won’t affect your site’s performance. It’s pretty affordable because to have many guests on the server means they all contribute to paying for the technology and maintenance of the server.

Dedicated server. This is a premium service. You can rent your own server for hosting only your website. No more sharing, bye “neighbors”. Absolutely all the resources and space will be for you to enjoy them. The price goes up considerably, but many big businesses for sure can afford this choice. If you have massive traffic and you look for total control of the server’s software, security systems, etc., this is for you. 

Cloud hosting. Traditional web hosting offers you to host the website through tech solutions installed on a server. Cloud hosting works through a network composed of multiple servers to host you. Scalability and flexibility are highlights of its infrastructure. 

Conclusion

If you are wondering which alternative to choose, the answer is, depending on what your website really needs and your budget. It’s easy to get dizzy while checking innovative and premium features, but why buy a private jet for a local trip around your city?

{ Add a Comment }

How does Traceroute command work?

Traceroute command

By the name of this command, you already know what it does, but let’s go a bit deeper and see precisely how the Traceroute command works. When you learn how to use the Traceroute command, you will see how useful it is and how often you will need it in your daily network’s tasks.

What is the Traceroute command?

Traceroute is one of the built-in commands inside your OS (Linux, macOS, and even on Windows as a tracert command) that serves for network diagnostic and, more specifically, for tracing the route from a point to a target.

You can access it through the Terminal application and use it to target a hostname or an IP address. The query will give you information about each of the elements on the network, starting with the first hop, all the way to the target. You will get useful statistics. The results will show you how exactly a query travels. The information can help you understand the route better, see if there is some strange routing going on, and plan your future network expansion for better and faster query answering.

How does it work?

There are many routers spread all around the world that help us resolve domain names and other web services.

Traceroute command will show the exact path the packets of data takes to their target. When we trace the route from our computer, we will need to open the Terminal and type “traceroute + IP address” or “traceroute + hostname”. 

If we use Wikipedia, we can do it like this: 

traceroute wikipedia.org, or traceroute 91.198.174.192

The typical Traceroute command will send 3 packets of data, so you will get 3 columns of answers. 

Each time a packet reaches a router (hop), it will report back to us with the hostname, the IP address, and the response time. 

You will see each hop in a different line. The total number of lines you can see in the first column of the result and shows the total number of hops. 

You can see the data each hop returns and see if there is a problem. A particular hop could be taking a too long time to respond, so you can increase the waiting time. Another problem that could occur is that the packet might get lost, but thanks to the traceroute command, you will know where exactly they get lost. This will be the problematic point that you can focus on and fix it. 

It works differently from the ping command because the Traceroute not only sends packets to the target but also pings each router on the way to the target and measures the route trip time for each of the routers.

The data packets have TTL values that show how far they can go. By default, it is set to 30, but you can set it to more or less. The value exists, so no packets are traveling forever on the Internet.

Traceroute command options

Here you have a few important options that you can try with the Traceroute command for more specific queries: 

traceroute -m 35 wikipedia.org 

In this case, we increased the TTL to 35, so if we are further away from our target, we will have 5 more hops to reach it than the default 30. 

traceroute -w 60 wikipedia.org

You can also increase the time to wait, not just the number of hops. That way, you can wait longer for a response but actually get one. 

traceroute -q 8 wikipedia.org

Here we are increasing the number of packets to 8, from the default 3. We can have a better view of the network with more packets sent. 

traceroute -T wikipedia.org

With the Traceroute command, you can change the interface for your query. In this case, we use T for TCP, but you can use -I for ICMP or -I for IP. 

{ Add a Comment }

Introduction to the Domain Name System (DNS)

Domain Name System - DNS

Running an offline business successfully doesn’t mean it will directly succeed online. The Internet is a different realm. It’s vital to understand its rules, methods, and its DNS. It’s complex but key for your online strategy to be more effective. 

What is DNS? 

Domain Name System (DNS) is the infrastructure that makes the Internet experience for humans as simple as it is nowadays. Its functionality is vast, but to start, it has in its core the database with the existent domain names and their corresponding IP addresses.

[Continue reading…]

{ Add a Comment }

How to hide your IP address

Hide IP Address

What is an IP address?

The IP address is a tag that each device that is connected to a network that uses IP (Internet Protocol) gets to identify the network and the location of a device on the network.

By seeing the IP address, you can see who the host of service is (the computer) and trace it to its location (where precisely it is placed).

[Continue reading…]

{ Add a Comment }