Reverse DNS queries may reveal too much, computer scientists argue
Computer scientists at the University of Twente in the Netherlands have found the interplay between the internet and local networks can be analyzed to reveal private data and facilitate tracking.
In a study titled, "Saving Brian’s Privacy: the Perils of Privacy Exposure through Reverse DNS," Olivier van der Toorn, Raffaele Sommese, Anna Sperotto, Roland van Rijswijk-Deij, and Mattijs Jonker look at how DNS interacts with DHCP and find that some of the data exchanged can be exposed by Reverse DNS (rDNS) queries.
DHCP is a network management protocol that allows IP addresses to be dynamically assigned to devices on a network. This involves a client-server model where the device joining the network (the client) requests an address from the DHCP server.
The client retains this address for a set amount of time (a lease period) or until it sends a release message and leaves the network, to allow the assigned IP address to be reallocated. But clients may also leave a network without sending a release message, creating a time gap between client departure and automated record removal that provides an opportunity for further rDNS network interrogation.
/cdn.vox-cdn.com/uploads/chorus_asset/file/24801728/Screenshot_2023_07_21_at_1.45.12_PM.jpeg)
