Quote:
Originally Posted by Minirra
As best as I can understand it, there's a particular server affiliated with Trump.* Servers have DNS addresses. Other machines can query/look up these addresses,
Servers, like all networked machines (servers, workstations/personal computers, smartphones, etc.) have IP addresses. DNS is a protocol. There exists DNS servers, which are like phone books. When you want to go to a website, you type in your web browser
https://website.com and hit enter. What happens is that your computer queries a DNS server, which is like a phone book. This DNS server resolves the host name "website.com" to the IP address. It's like looking up "Mr. Personname" in a phone book to find their phone number (IP address). Then your computer establishes a (usually TCP) connection to the IP address of the server, which was learned through the DNS query.
Quote:
Originally Posted by Minirra
and someone found out that about 80% of the lookups came from Alfa bank in Russia, and about 20% came from a company owned by Betsy DeVos (or her husband). Other traffic went another route.
As stated in the article, some experts were able to obtain records of DNS queries from a DNS server that the Russian bank was using to resolve host names to IP addresses.
Quote:
Last year, a small group of computer scientists obtained internet traffic records from the complex system that serves as the internet's phone book. Access to these records is reserved for highly trusted cybersecurity firms and companies that provide this lookup service.
These signals were captured as they traveled along the internet's Domain Name System (DNS).
http://www.cnn.com/2017/03/09/politi...ion/index.html
I don't know what DNS server this was, there are many. Your ISP provides DNS servers, Google provides DNS servers, companies can provide their own internal DNS servers, etc. But the logs the researchers collected were like if you could see everything that someone had been looking up in a phone book.
We know from what the researchers found, that the Russian bank's server (which we don't know what kind of server it is, servers have many different purposes) sent 99% of their DNS queries to resolve the IP address of the Trump server, and the Devos server. This would be like someone over a period of time looking up information in a phone book to find out someone's phone number many different times, and 99% of the time they were looking up either Trump, or Devos. We do not know if connections were actually established to these servers, which would be like we do not know if the person actually called the phone numbers they found in the phone book, but we know that 99% of the time they were looking up Trump and Devos.