DNS Data
      Back to home
      1. Knowledge Base
      2. DNS Data

      What are the different types of DNS records used for?

      Our DNS database covers A, MX, NS, TXT, CNAME, and SOA records. A brief description of the business rationale for each record and use case(s) is available below:

      DNS Record Type

      Description

      Security and other use cases

      A

      ‘A’ or address is a resource record (RR) that maps a name to an IPv4 IP address. 

      Verifying A records is critical to a sanitized DNS database.  An incorrect A record could be catastrophic and open various vulnerabilities, including leading up to a compromise.

      AAAA

       Commonly referred to quad-A records, which map a name to an IPv6 IP address.

      AAAA verification.

      CNAME

      		 The ‘canonical name’ maps to a domain, which is very different from A or AAAA records.  

       

      CNAME’s are often used in phishing attacks, particularly on mobile devices where it’s often difficult to see what a FQDN gets expanded to.  Other concerns include CNAME cloaking, anonymizers, shortened URLs, etc. Subdomain takeovers are becoming more common these days as well. 

      NS

      Name Server records point to the server that’s authoritative for the given domain name.  

      Whoever controls the NS records owns the zone, hence there can be major security implications if the wrong person gets control of records.

      MX

      MX stands for “Mail Exchange”. This record type designates where email should be sent to.  

      MX cannot point to a CNAME record; it has to point to an A or AAAA record.

      SOA

      A ‘Start of Authority’ record contains data for a given domain or DNS zone. Important information such as the name server authoritative for the domain in question, the TTL (Time-to-Live) which instructs how long before you should refresh your cache, email address of the domain administrator, and other information is stored here.

      SOA verification.

      TXT

      TXT records can contain free-form textual strings which can be read by others upon demand.

      Careful what you give away!  TXT records are public and can be read by anyone. TXT records can be used to define a token, or public key string, but it can also be used in malicious ways, such as DNS tunneling for data exfiltration.

      PTR

      A PTR record, also known as reverse DNS or rDNS record, is a reverse record for an IP address that allows an IP to map to a domain.

      You can think of PTR records as the opposite of A / AAAA records (which map a domain to an IP address). PTR records are entirely optional.

      - Anti-spam and mail server verification, notably to see if an IP is expected to correspond to legitimate servers.

      - Missing or wrongly set PTR records can create email delivery issues.

      - Logging, as they offer human-readable information instead of numerical IP addresses.

      You can download a DNS data sample for each record type here.