This tutorial explains what is DNS Cache and step-by-step instructions with screenshots to flush DNS cache for Windows 10 and macOS:
In this tutorial, we will explore the significance and method of clearing DNS (domain name server) cache memory from the Windows OS. We have also briefed the steps involved in clearing DNS cache from different versions of the MAC OS.
The diagrams and screenshots included here will help you to easily understand the steps involved in flushing the DNS cache memory from Windows.
Examples have been included to explain the concept of DNS spoofing that occurs when we don’t clear out the DNS cache on a regular basis and don’t use a strong firewall in our system. This will lead to hacking of the user database by using fake DNS entries.
Some FAQs have been included in this tutorial for your better understanding.
What You Will Learn:
What Is DNS Cache
DNS stands for Domain Name Server.
DNS cache represents the temporary storage of the IP addresses and other relevant information of the previously used lookups used for resolving the website URL’s query on the host machine or computer web browser and the operating system.
The OS and the web browser always keep a copy of the DNS lookups to quickly resolve the query and get the corresponding IP address of the webpage efficiently when requested.
DNS lookup procedure involves various procedures. For resolving the query for the first time, it will pass through the resolver followed by the root server and finally the TLD server. Each of the servers and resolvers will gather and save their copy of the information for future use.
Thus even if the DNS cache is flushed out from the OS, it will not completely get empty as the resolver will have a copy of previously used lookups.
Let’s see how it works with the help of the below figure:
Here, the Internet user raises a request for the webpage or any of the information from the Internet. As a response, the DNS server will look up in the entries and resolve the request by giving the IP address of the requested page.
Sometimes the main DNS server is overloaded, thus the response gets delayed. In this case, the user gets an error on the page, however, the issue can get resolved by using the alternate DNS server.
Further reading =>> Methods to fix ‘DNS Server isn’t responding’ error
Now the OS system that the user is using will store the result delivered by the DNS server locally in the cache memory for further lookups.
Information Carried By DNS Cache
- Resource Data: It denotes the address of the host machine.
- Record Name: It represents the object domain name for which the cache entry is registered.
- Record Type: It shows the kind of entry created in decimal. For example, for IPV4 addresses its value is “1” and for IPV6 addresses its value is “28”.
- Time To Live (TTL): It represents the time of validity of the resource i.e. in seconds.
- Host Record: It shows the IP address of the respective domain or the hosts.
- Data Length: It represents the length of the data in bytes. For IPV4 it is 4 or 8 and for IPV6 it is 16.
Use Of Regular DNS Cache Flush
- Security Against Vulnerable Threats: The data stored in the cache memory can easily become vulnerable to cyber attacks if kept for a long time. If unwanted people get access to your network through the prolonged DNS cache, then they can manipulate your data thereby affecting your ongoing projects and other activities adversely.
- To Resolve Technical Issues: Regular flushing of your DNS cache can resolve most of the technical issues that we face in our daily routine. For instance, while accessing some desired web-page, we might be directed towards some undesired web page or “page cannot be found” message. This indeed can be resolved by clearing the Cache.
Checking DNS Cache For Windows
To check the DNS cache entries for Windows 10 OS, go to the Windows start bar option, type “cmd” and click enter. Now the command prompt will display. Then enter the following command and the result of the same is shown in the below screenshot.
“ ipconfig /displaydns”
When we enter this command, the result will show the information carried by the DNS Cache.
Flush DNS Cache On Windows 10 OS
Step 1: Go to the search bar and type “cmd” for opening the command prompt and press enter. You will be able to see the Black screen as shown below.
Step 2: Now you can clear the DNS cache entries by entering the following command as shown in Screenshot 1.
By entering the command, Windows will clear the DNS and display the result of the successfully flushed cache resolver which is shown in Screenshot 2.
This finalizes the process of clearing the DNS cache.
Clear DNS Cache On macOS
Clearing DNS cache memory on MAC OS is as much as important as it was in Windows OS. But here the process is different and the commands are also different depending upon the various versions of the MAC Operating system.
Step 1 which is to enter into the terminal is common for all the versions, but step 2 is different.
Step 1: Go to the “Applications” menu select “utilities” => “terminal” and press enter. Now the terminal will open in front of you.
Step 2: Type the command for flushing the DNS cache and then enter. It will clear the DNS cache.
For macOS 10.12.0 (Sierra)
- sudo killall -HUP mDNSResponder
For OS X 10.10.4 (Yosemite), OS X 10.9.0 (Mavericks) and 10.11.0 (EI Capitan)
- sudo dscacheutil -flushcache;
- sudo killall –HUP mDNSResponder
Domain name server spoofing which is also known as DNS cache poisoning is a kind of attack in which the amended DNS entries are deployed to forward the online traffic to a fake website that looks just like the destined site for which the user is requested for.
Once the user arrives on the fraudulent website page they generally log into the page using their credentials. For example, logging into an online bank account using the username and password, gives the attacker a chance to embezzle the credentials and access the confidential information of the user.
In addition to this, the attacker also induces worms and malicious virus on the user’s machine to get long-lasting access.
Example Of DNS Server Attack
This whole process is explained with the help of the below diagram.
Here the user raised a request for the authentic webpage, but by inducing fake DNS entries the attacker has directed the user to his fake webpage instead of the original one.
Now the user considers it as an authentic page and enters his confidential data and gets hacked.
Methods Of DNS Spoofing
- DNS Cache Poisoning: In this scenario, the local DNS server is exchanged with the compromised DNS server enclosed with the altered entries of the authentic websites with the attacker’s fake IP addresses. Thus when the user forwards the request to the local DNS for IP resolution, then it will be directed to the compromised DNS server which results in forwarding the user to the fake website placed by the attacker.
- DNS ID Spoofing: In this scenario, a combination of the data packet and the IP address information gathered for resolving the request raised by the user is replaced by the fake information of the IP address in the DNS.
In response to the DNS output, the ID matches the request ID and the user accepts the false information considering it as the authentic one. Thereby he gets hacked and his sensitive information is leaked out.
Q #1) Does Flushing DNS improve Internet Speed?
Answer: Yes, if we regularly clear the DNS records, it will enhance the Internet speed in terms of opening the requested webpage more quickly than before.
Q #2) How long does a DNS Cache last?
Answer: As per the default settings in Windows, the successful DNS results in the cache memory stay for almost 1 day and the negative results will last only for about 5 minutes. But we can alter the settings if needed by using some configuration commands.
Q #3) Is it secure to use DNS over HTTP/HTTPS?
Answer: Yes, using DNS over HTTPS is very much secure as it uses the encrypted connection. This implies that the ISP and the attacker will not be able to get access to the DNS lookup queries and exchange between the user and the server, thereby making it more secure.
Q #4) How to prevent DNS spoofing?
Answer: To prevent DNS spoofing filter out the irrelevant stuff from the DNS server at a regular interval and use a good firewall to protect the DNS server from malicious threats.
Q #5) How to check if my DNS is working properly?
Answer: Go to your system command prompt and try to ping the DNS IP from your system. If it is successful then your DNS is working properly. Else you can use an alternate DNS server IP for accessing the Internet as it may be overloaded.
This tutorial provided step-by-step instructions to flush the DNS cache memory for Windows with screenshots. If you are a beginner then you can easily carry out the process by following the above-mentioned steps.
We learned that regular flushing of the DNS cache is important to safeguard the system from the security threats and to rule out any unwanted technical issues due to the old DNS entries and memory.
We also explored some more concepts related to DNS i.e. DNS spoofing, methods of DNS spoofing, and the uses of clearing the Cache memory.
Recommended reading =>> GPResult Command with examples