Glossary
What Is DNS?
The Domain Name System (DNS) is the address book of the internet. It translates human-readable hostnames like example.com into the IP addresses, mail servers, and other records computers actually use to communicate. Almost every internet transaction begins with a DNS lookup.
How DNS Works
DNS is hierarchical. The root zone delegates authority to top-level domains (.com, .org, .uk). Each TLD delegates to authoritative nameservers for individual domains. A recursive resolver walks this chain on the client's behalf — querying root, TLD, and authoritative servers, then caching the result.
Common Record Types
- A — IPv4 address for a hostname.
- AAAA — IPv6 address.
- CNAME — alias from one hostname to another.
- MX — mail servers for a domain.
- NS — authoritative nameservers for a zone.
- TXT — arbitrary text records (used for SPF, DKIM, DMARC, domain ownership proofs).
- SOA — administrative metadata for a zone.
- PTR — reverse mapping from IP to hostname.
Authoritative vs. Recursive
- Authoritative servers — own the answers for the zones they're configured for.
- Recursive resolvers — query authoritative servers on behalf of clients and cache the results.
DNS in Security
DNS is one of the richest sources of security signal on the internet. Attackers stand up domains, point them at infrastructure, rotate them as defenders catch up, and shut them down again — all visible in DNS data. Useful queries include:
- Co-hosted domains — what else resolves to a given IP.
- Domain history — every IP a hostname ever resolved to (passive DNS).
- Nameserver pivots — which other domains share an unusual nameserver.
- Newly registered domains with patterns matching brand abuse or DGA output.
DNS in Whisper
Whisper treats DNS as one substrate of a larger graph. Hostnames are nodes; resolution is an edge that changes over time. Combined with BGP, WHOIS, and threat feeds, DNS pivots become near-instant.