Recursive DNS
With any internal DNS system, an upstream DNS provider or server is required in order to reach the outside world. This is usually managed by your internet service provider (ISP) in which your ISP receives all of your requests and routes those requests to the appropriate servers for a response. This can be dangerous on both the data privacy level and in terms of your own internet security. In terms of privacy this allows your ISP to be able to keep a log of all of your internet activities as well as government agencies to be able to easily track and monitor your habits.

In terms of security upstream DNS providers are targets from a view point of a hacker since they only need to poison a single DNS server in order to gain access to a large number of internet users. Instead of your credit card's web address IP, a hacker could easily send you to a phishing site with the intention of stealing your credit card information, personal data, or purely gain access. Within each Honeypod, a recursive DNS is deployed dramatically decreasing the security risk and placing a stop to all ISP logging.

Recursive as the name implies simply recurses, which means that it refers back to itself. The purpose of a DNS is to lookup and route requests to the appropriate server. Once the location of that request is found, the request is sent on to that server and a response is then given from the server. Where a recursive DNS comes into play is that instead of assuming that a request belongs to a server it will transverse the web querying other DNS servers on your behalf until it has confirmed the server that the request belongs to. The recursive DNS will then send the request on to that server for a response.

Return to Previous Page
Technical Doc