Podcast Summary: Hacking Humans

Episode: Domain Naming System (DNS) (noun) [Word Notes]
Host: N2K Networks
Date: March 17, 2026
Theme: Deception, influence, and social engineering in the world of cyber crime, focusing on the Domain Name System (DNS)—its history, how it works, and why it matters in cybersecurity.

Episode Overview

This “Word Notes” episode explains the Domain Name System (DNS), a cornerstone of the internet’s infrastructure. The episode covers the evolution and technical workings of DNS, its vital role in enabling web access, and its significance in cybersecurity, including how attackers exploit DNS vulnerabilities. The show also features a first-person historical reflection by Paul Mockapetras, the creator of DNS.

Key Discussion Points & Insights

1. What is DNS?

Definition: DNS (Domain Naming System) is "a system that translates text-based URLs to their underlying numerical IP addresses." (01:35)
- Example Sentence: “The user was connected to the website after the DNS query found the address.” (01:42)
Purpose: Converts human-readable website names (like thecyberwire.com) into IP addresses that computers use.

2. History and Context

Internet’s Early Days:
- In the early 1970s, all domain names and their IPs were listed in a shared host.txt file maintained by SRI International. This approach was manageable with just 300 computers but quickly became impractical as the internet grew. (02:17-03:19)
Scaling Problem:
- "It was clear to all the Internet pioneers that the Host.Txt file solution wouldn't scale. They needed an automated, distributed system that could grow and shrink as machines came on and left the Internet." (03:20-03:34)
Creation of DNS:
- Paul Mockapetras at USC’s Information Sciences Institute designed DNS in 1983. By 1986, it became an Internet standard. (03:35-03:45)

3. How DNS Works: The Four DNS Server Types

Each step described builds a chain to resolve a domain name to its IP address:

Recursive Resolver (04:01)
- The client (user’s browser) makes a request, and the resolver “knows where to look to find the answer.”
Root Server (04:13)
- Contacts the authoritative source for top-level domains (.com, .org, .net, etc.); “As of August 2022, there were some 1,487 top-level domains or TLDS registered.”
Top Level Domain Name Servers (TLD Name Servers) (04:46)
- Store information for second-level domains (like thecyberwire.com under .com). TLD servers don’t have the exact IP but know which domain name servers do.
Domain Name Server (05:16)
- Stores the actual IP address. The resolver finally gets the address and returns it to the browser.

End-to-End Summary:
“The recursive resolver sends the IP address to the browser and now the browser can travel to the cyberwire.com webpage and render the site. Whew. That was a lot.” (05:35)

4. DNS and Cybersecurity

Attack Techniques:
- Attackers "try to manipulate it into causing a denial of service attack of some sort, use the DNS protocols to hide their attack sequence across the intrusion kill chain, or spoof the DNS traffic to trick the victim into visiting a malicious site." (05:41)

Notable Quotes & Memorable Moments

Historical Reflection from Paul Mockapetras (Creator of DNS)

On being tasked to design DNS:
- “John Postel walked in, he was my boss, walked into my office and said five people had these ideas for ways to do a distributed registry... could I kind of take a look at all the proposals and create a compromise.” (06:53)
On creative freedom and importance:
- “Nobody at the time thought it was important. And it was clear because I was a recent graduate and this was a nice little project while all the important people were off doing other things. Now, it turned out to be a very important thing, but nobody at the time thought it was.” (07:11)
On shaping DNS:
- “In reality it was work that I had done earlier at MIT with Nicholas Negroponte... and a bunch of other influences ahead that sort of shaped my thoughts. And this just kind of… They gave me a blank sheet of paper and thought I was supposed to copy onto it and I didn’t. So that’s how I got to do it over the years.” (07:35)
On legacy:
- “If I take a look at it, the way to think about it is I maybe built the basement and first floor of a building and other people have added 10, 20, 30 stories on top of it. So... a lot of that’s been done by other people after I kind of did the first steps.” (08:03)

Timestamps for Key Segments

What is DNS? – 01:35
Origins of DNS and Internet Scaling Challenges – 02:17 – 03:34
How DNS Works: Resolver to Domain Server – 03:59 – 05:35
DNS and Common Attacks – 05:41
Paul Mockapetras Interview Clip – 06:53 – 08:44

Tone & Style

The episode maintains an accessible, conversational, and slightly playful tone (“DNS as the cool kids call it”, “Whew. That was a lot.”), balancing technical explanation with relatable examples. Historical anecdotes from DNS's creator add a personal, reflective touch.

Summary Takeaway

DNS is foundational for the internet's operation and inherently implicated in cybersecurity—its distributed, evolving design is both a triumph and a frequent target for attackers. The episode provides both technical clarity and historical color, culminating in a rare, candid insight into how the digital world’s “phone book” was invented and continues to evolve.

Transcript

A (0:02)

You're listening to the Cyberwire Network, powered by N2K. Ever wished you could rebuild your network from scratch to make it more secure, scalable and simple? Meet Meter, the company reimagining enterprise networking from the ground up. Meter builds full stack zero trust networks including hardware, firmware and software, all designed to work seamlessly together. The result? Fast, reliable and secure connectivity without the constant patching, vendor juggling, or hidden costs. From wired and wireless to routing, switching, firewalls, DNS security and vpn, every layer is integrated and continuously protected in one unified platform. And since it's delivered as one predictable monthly service, you skip the heavy capital costs and endless upgrade cycles. Meter even buys back your old infrastructure to make switching effort, transform complexity into simplicity, and give your team time to focus on what really matters, helping your business and customers thrive. Learn more and book your demo@meter.com cyberwire that's M E T E R.com cyberwire.

B (1:35)

The word is DNS. Spelled D for domain, N for naming, and S for system. Definition. A system that translates text based URLs to their underlying numerical IP addresses. Example sentence the user was connected to the website after the DNS query found the address, Origin and context. The domain Name system, or DNS as the cool kids call it, converts the English sounding website destinations or URLs, that Internet users type into their browsers, like TheCyberWire.com into IP addresses that the underlying computers and routers use to direct Internet traffic. According to Andrew Bloom in his excellent history of the Internet, called tubes, in 1969 the Stanford Research Institute and UCLA connected the first two computers over a phone line, and as Bloom says, the Internet took its first breath that day. Since then it has been exponentially growing. In those early days, early 1970s, network managers passed around a file named host.txt maintained by Sri International that listed all the names and associated IP addresses on the Internet. Users would type the name of the computer they wanted to connect to, and the application would look up the IP address on the local machine. By the early 1980s, there were some 300 computers on the Internet, and it was clear to all the Internet pioneers that the Host. Txt file solution wouldn't scale. They needed an automated, distributed system that could grow and shrink as machines came on and left the Internet. Paul Mockapetras, in his first job at a grad school working for USC's Information Sciences Institute, designed the Domain Name System in 1983, and in 1986 the Internet Engineering Task Force made Macapetras Design one of the early Internet Standards. The DNS system consists of four DNS server types. Now bear with me, this gets a little complicated. If you're keeping score at home, you might want to write this down. Here are the the Recursive resolver, the root server, the top level domain name server, and finally the actual domain name server. Let's start at the top one. The recursive resolver when you type thecyberwire.com into your browser, you are essential sending a request to the DNS asking for the IP address of thecyberwire.com the recursive resolver knows where to look to find the answer. 2. The root server the recursive resolver contacts the root server for the.com domain. The root servers are the authoritative source for top level domains like.com, org, net, etc. As of August 2022, there were some 1,487 top level domains or TLDS registered in the system. There are thousands of root servers scattered around the world for each top level domain. To make sure the queries are answered quickly, the root server sends back to the recursive resolver the IP address of the top level domain name server that can help answer the question. 3. The top level Domain Name Servers Top level Domain Name servers, or TLD Name Servers for short, store information for second level domains like TheCyberWire.com, dot com is the first level, the CyberWire.com is the second level. In other words, TLD name servers don't store the actual IP address of the cyberwire.com but they know where all the domain name servers are that have that information. The recursive resolver now asks the TLD name server for the IP address of the actual domain name server of TheCyberWire.com. 4. The domain name Server the domain name server stores the actual IP address for the cyberwire.com the recursive resolver asks the domain name server for the CyberWire.com's IP address and receives it. Finally, the recursive resolver sends the IP address to the browser and now the browser can travel to the cyberwire.com webpage and render the site. Whew. That was a lot. When hackers attack the domain name system, they either try to manipulate it into causing a denial of service attack of some sort, use the DNS protocols to hide their attack sequence across the intrusion kill chain, or spoof the DNS traffic to trick the victim them into visiting a malicious site. Nerd Reference on The History Herd YouTube channel back in 2009, the host interviewed Paul Makapetras about the creation of the domain name system.