/ROOT/NODES/POSTS/2026/01/24

Internet Science Popularization Series - What is DNS?

STAMP: 2026-01-24 // UID: 080fd771 // AUTH: VERIFIED
Premium Promo Premium Promo Premium Promo Premium Promo

What is DNS?

Imagine the internet as a vast city, home to countless websites and servers, each with its own "address," which is a string of numbers like 192.168.1.1. We call this an IP address.

However, humans can't easily remember so many numerical addresses; we're more accustomed to remembering names, such as www.baidu.com or www.google.com.

DNS (Domain Name System) is like a telephone book or address book for this city. Its main job is to translate the website names we're familiar with (domain names) into their corresponding numerical addresses (IP addresses).

So, simply put, DNS is a translator on the internet, specifically responsible for translating website names into IP addresses.

What is DNS used for?

With this DNS translator, we can conveniently access various services on the internet.

  1. Convenient memory and access: Without DNS, every time we wanted to access Baidu, we would have to remember Baidu's server IP address – that would be incredibly inconvenient! With DNS, we only need to enter www.baidu.com, and DNS will help us find it.
  2. Website migration and IP address changes: Website servers may move (IP addresses change) or be upgraded. If we had to update the IP addresses we remembered every time, it would be a disaster. But with DNS, only the IP address in the DNS record needs to be updated, and users won't even notice, still able to access the website normally. DNS acts as an intermediary, hiding the complex changes behind the scenes.
  3. Load balancing: A large website may have several servers providing services to distribute the load. DNS can direct access requests to different servers depending on the situation, preventing any single server from becoming overloaded and causing website slowdowns.

What is the role of DNS on the internet?

DNS holds a very important position on the internet; it is arguably one of the cornerstones of the internet.

You can think of it as the internet's navigation system. Without navigation, you might not be able to find where you want to go. DNS is the guide, telling your computer where the website you want to visit "lives" (its IP address). If DNS fails, access to the entire internet will be severely affected, just like a navigation system malfunctioning – people won't be able to find their way.

Everyday Uses of DNS

In fact, you use DNS every day without even realizing it:

  • Browsing the web: When you type a website address into your browser or click a link, your computer uses DNS to look up the corresponding IP address before connecting to the website server.
  • Using apps: Many mobile apps also need to connect to servers on the internet, such as WeChat, Weibo, and TikTok. They also use DNS in the background to find the servers.
  • Sending and receiving emails: Sending and receiving emails also requires DNS to find the email server address.
  • Online gaming: When playing online games, DNS helps your game client find the game server.

In short, whenever your device needs to connect to a service on the internet, DNS is silently working for you.

The Dangers of DNS Poisoning and the Specific Process of DNS Poisoning

The Dangers of DNS Poisoning

DNS poisoning is like someone tampering with that "address book," changing the correct addresses to incorrect ones.

The dangers mainly include:

  1. Inability to access legitimate websites: For example, if you type www.baidu.com, DNS might redirect you to a fake, unrelated server, preventing you from accessing Baidu.
  2. Being redirected to phishing or malicious websites: Even worse, scammers might poison the domain name of a bank website to point to a fake phishing website. You think you're accessing the bank, but in reality, all your account numbers and passwords will be stolen by the scammers.
  3. Network security risks: Viruses, Trojans, and other malicious software can also use DNS poisoning to redirect users to websites that download malicious programs.
  4. Impact on normal business operations: For businesses, DNS poisoning can prevent customers from accessing their official website or services, causing economic losses and reputational damage.

Specific Process of DNS Poisoning (Simplified Version)

Scammers who want to poison your DNS usually use some technical means to make the DNS server used by your computer or home router return incorrect IP addresses.

A common scenario is this:

  1. The scammer controls a DNS server: The scammer may control one or more DNS servers through various means. 2. Modifying DNS Records: On the compromised DNS server, the scammers change the domain name of a commonly used website (such as the bank's official website www.bank.com) to point to a fake IP address. This fake IP address points to a phishing website set up by the scammers.
  2. Inducing your device to use this compromised DNS:
  3. Method 1 (Router): If your home router is configured to use this compromised DNS server, all devices connected to your router will receive the wrong IP address when querying www.bank.com.
  4. Method 2 (Local hosts file): Some viruses or malware directly modify your computer's local hosts file. This file acts like a "small address book" on your computer, with a higher priority than external DNS servers. If it contains an entry for www.bank.com pointing to a wrong IP address, the computer will prioritize using this incorrect address.
  5. Method 3 (DNS Hijacking): In some network environments (such as insecure public Wi-Fi), scammers may use technical means to "hijack" your DNS query requests, unknowingly redirecting your requests to the compromised DNS server.
  6. Accessing the website, being redirected to the wrong address: When you type www.bank.com, your computer will connect to the fake website set up by the scammers based on the compromised DNS information.
  7. Stealing information: This fake website looks exactly like the real one. When you enter your account, password, and bank card information, this information will be easily obtained by the scammers.

In short, DNS poisoning is when someone secretly modifies the internet's "address book," changing the "good place" you intended to go to into a "bad place," leading you to be scammed.

Common DNS Resolution Addresses

These are the server addresses that provide DNS resolution services. You can think of them as different "address book administrators." Different service providers may offer different resolution speeds, stability, and security. * Baidu DNS: + Primary DNS Server: 180.76.76.76 + Secondary DNS Server: ~.~.~.~ * Alibaba Cloud DNS: + Primary DNS Server: 223.5.5.5 + Secondary DNS Server: 223.6.6.6 * Tencent Cloud DNS: + Primary DNS Server: 119.29.29.29 + Secondary DNS Server: 119.28.28.28 * China Telecom DNS: + Primary DNS Server: 114.114.114.114 + Secondary DNS Server: 114.114.115.115 * Google Public DNS: + Primary DNS Server: 8.8.8.8 + Secondary DNS Server: 8.8.4.4 * Cloudflare DNS: + Primary DNS Server: 1.1.1.1 + Secondary DNS Server: 1.0.0.1

You can manually change the DNS server address in your computer or router's network settings based on your network conditions and preferences. This can sometimes improve access speed or resolve some network issues.

# SOURCE_NODE:
# LICENSE: CC-BY-NC-SA-4.0
// EOF_SIGNAL_RECEIVED