Skip to main content
SolarWinds MSP
  • Login
  • Support
  • Partnerships
    • Partnerships Overview
    • Solution Provider Program
    • Technology Alliance Program
    • Distributor Program
SolarWinds MSP
  • Products
    • SolarWinds N-central Automate what you need. Tackle complex networks. Try this remote monitoring and management solution built to help maximize efficiency and scale.
    • SolarWinds RMM Start fast. Grow at your own pace. Try this powerful but simple remote monitoring and management solution.
    • SolarWinds EDR Defend against ransomware, zero-day attacks, and evolving online threats with Endpoint Detection and Response
    • SolarWinds Backup Manage data protection for servers, workstations applications, documents and Microsoft 365 from one SaaS dashboard.
    • Mail Protection & Archiving Protect users from email threats and downtime.
    • Password Management Easily adopt and demonstrate best practice password and documentation management workflows.
      • Passportal Demo
    • PSA & Ticketing Manage ticketing, reporting, and billing to increase helpdesk efficiency.
    • Remote Support Help support customers and their devices with remote support tools designed to be fast and powerful.
  • Solutions

    I'm looking for...

    • Security Solutions
    • Monitoring Solutions
    • Efficiency Solutions
  • Resources
    • Blog
    • Webcasts & Events
    • Ask the N-central Experts
    • Daily Live Demos
    • RMM Foundations Training
    • Upcoming Events
    • Upcoming Webcasts
    • Resource Center
    • COVID-19 Resources
    • Resource Library
      • Case Studies
      • Product Information
      • eBooks
      • White Papers
      • Infographics
    • SolarWinds MSP Free Tools
    • GDPR Resource Center
    • Security Resource Center
    • MSP Institute Webinar Series
    • MSP Advice Project
  • About
    • Contact
    • Customer Success
    • Worldwide sales and support
    • Careers
    • Awards and Recognition
    • Get A Quote
    • Newsroom
      • Press Releases
      • In The News
      • Media Contacts
      • COVID-19 Response
    • Leadership Team
    • Legal
      • Cookie Policy
      • Privacy Notice
      • Software Services Agreement
      • Terms of Use
      • Backup Fair Use Policy
    • Security
      • SolarWinds Security Statement
      • Vendor Data Protection Requirements
    • Support
  • IT Departments
  • Contact Sales
    • Get A Quote
    • General Inquiry
  • TRY NOW
    • SolarWinds RMM
    • SolarWinds Backup
    • MSP Manager
    • SolarWinds Passportal
    • SolarWinds N-central
    • SolarWinds Mail Assure
    • SolarWinds Risk Intelligence
    • SolarWinds Take Control
  • Request a Quote
  • Try Now
    • SolarWinds RMM
    • SolarWinds N-central
    • SolarWinds Backup
    • MSP Manager
    • SolarWinds Mail Assure
    • SolarWinds Passportal
    • SolarWinds Risk Intelligence
    • SolarWinds Take Control
Request quote
Filter Blogs
  • Filter by:
  • MSP Business
    • Automation
    • Backup & Disaster Recovery
    • Security-series
    • Best Practices
    • Business
    • Business Growth
    • Business Risk
    • Cloud Computing
    • Customer Service
    • Cybersecurity
    • Cybersecurity Awareness Month
    • Data
    • GDPR
    • Internet of Things
    • IT Support
    • ITSM
    • LOGICcards
    • Machine Learning
    • Mail
    • Managed Services
    • Marketing
    • Mobile
    • Networking
    • Operations
    • Podcast
    • Product
    • PSA
    • Remote Management
    • Research & Trends
    • Risk Intelligence
    • Security
    • Security Vlog
    • Service Desk
    • Services & Support
    • The Head Nerds
    • Tips & Advice
    • Training
Home Blog MSP Business Security Understanding DNS Cache 
Security

Understanding DNS Cache 

By SolarWinds MSP
17 July, 2019

Most managed services providers (MSPs) will have heard of the Domain Name System (DNS), the distributed network of servers that acts as a directory, cataloging domain names and their corresponding Internet Protocol (IP) addresses. Relatedly, a DNS cache is local storage that contains the records of a computer’s query history, including recent website visits. 

As a whole, the DNS translates domain names, a verbal nomenclature humans can more easily understand and recall, to the numerical naming and transmission method required by computers. In turn, the operating system (OS) uses caching to store DNS resource records, which avoids redundancy when attempting to access a web page and therefore decreases DNS lookup latency. If a machine has recently visited the page it wants to access, the cache can supply the IP address of its web server, completing the website request before the lookup has to query the DNS server. 

Ultimately, the DNS enables human users to keep track of more web pages and to access them as required, and DNS caching expedites the DNS lookup process to more quickly resolve a domain name to an IP address when the OS has visited a web page before.

How does DNS caching affect the network? 

While it’s fairly straightforward to answer the question “What is a DNS cache?” the way it affects network operations is a slightly more complicated topic—and in fact, DNS caching can actually be a security concern for MSPs. 

As explained above, the DNS cache exists to streamline the DNS lookup process that resolves a domain name to an IP address—thus, it serves an invaluable acceleration purpose. But DNS caching can compromise webpage access and network security if not properly managed. For this reason, MSPs must understand how caching can put them at risk and must know how to view and clear DNS cache contents. 

First, cleaning the DNS cache regularly is important to ensure consistent access to web pages. If a web page has changed the location of its web server in the time since its IP address was cached, a web browser might return an HTML 404 error—although the site is still online, the cache is feeding the browser an inaccurate IP address. This blocks the user’s access to an active page. 

Second, a clear DNS cache protects overall network security, from wiping personal web usage data to preventing DNS poisoning. Many operating systems (like MacOS and Windows) and almost all web browsers automatically create a DNS cache. Although this function seeks to serve the user by maintaining DNS lookup efficiency, it means that, in effect, a user’s computer and web browser have a comprehensive collection of their web activity whether they realize it or not. Wiping DNS resource records prevents malicious agents from acquiring and abusing this personal information. 

DNS poisoning, or DNS spoofing, refers to the cybersecurity threat in which hackers corrupt DNS resource records. By changing the IP addresses associated with particular domain names, hackers can hijack a web session and send computers requesting a particular site to the wrong web server—a form of phishing. These alternate pages may expose users to advertisements, prompt them to install malware, or succeed at stealing private data (like Social Security numbers or financial information) if they pass as the correct website and convince users to enter sensitive data. Routinely clearing DNS caches both narrows the window of opportunity for DNS poisoning and wipes any corrupted records.  

CTA Image

SolarWinds Remote Monitoring and Management

Get the tools you need to manage, secure, and improve all things IT—all within a single web-based dashboard.

Try It Free Learn More

How do i check my DNS cache? 

Every operating system will require users to follow a different sequence of steps in order to view the contents of the DNS cache, although, generally speaking, the process is fairly similar across mainstream developers. Users will generally need administrative access. Depending on your operating system, you can view DNS contents by following these instructions:

  • Windows: Open your command prompt and enter the command “ipconfig /displaydns.” You should then be able to see the records.
  • Mac: Open the Terminal app, enter the command “sudo discoveryutil udnscachestats,” and input your password. This will display the Unicast DNS cache. When you have finished scrolling through these results, close the Terminal, reopen it, enter the command “sudo discoveryutil mdnscachestats,” input your password, and scroll through the Multicast DNS cache results.
  • Linux: Linux doesn’t create a DNS cache automatically, but many commonly used applications provide this service. If your OS uses the name service caching daemon (NSCD), open the command terminal and enter either “service nscd status” or “sudo service nscd status.”

How do I clear the DNS cache? 

While viewing the DNS cache is useful for monitoring DNS contents or retrieving specific IP addresses, clearing the DNS cache is a critical operation for maintaining network security and updating DNS resource records. 

The DNS cache does some of this work on its own—each DNS resource record has a designated Time to Live (TTL). After the TTL has expired—meaning after the record has existed for its allotted time span—it is no longer valid. The next time the OS requests its address the cache will have to query the DNS server, automatically updating the cache. 

In many cases, system administrators are unaware of the TTL of their DNS records, and often the validity period of DNS entries is too long to ensure optimal web page access reliability and security. To clean out a customer’s cache—a process commonly referred to as flushing the cache—follow these steps, depending on the OS:

  • Windows: Again, the Windows DNS flushing process is fairly simple. Enter “ipconfig /flushdns” in the command prompt. You will see the message, “Windows IP configuration successfully flushed the DNS Resolver Cache.” You can view the DNS cache to see the results (a wiped cache). 
  • Mac: For MacOS 10.10.4 and later versions, open the terminal and run the command “sudo killall -HUP mDNSResponder.” The OS will not generate a success message, so it’s best to check for yourself that the flush was fully executed by viewing the DNS cache. 
  • Linux: To clear the cache of a Linux OS running NSCD, simply restart the application with the command “sudo /etc/init.d/nscd restart.” 

A DNS cache is only one component of DNS services, but it serves an integral purpose in facilitating fast, reliable web searches. Understanding how the cache can affect DNS lookup operations allows MSPs to troubleshoot common problems on customers’ networks, prevent phishing, and purge a record of user search history that hackers could otherwise exploit. 

 

Check out our blog for other common questions and concerns with DNS and other systems issues.  

 

Additional reading

Steps to Troubleshooting DNS Issues
Secure DNS Services
5 Ways to Stop Phishing Attacks
You might also like...
Security

Why People, Processes, and Technology Cannot Change in Isolation
Security

EDR Is Now Integrated with SolarWinds RMM
Security

NCSAM: Analyzing and Improving Your Security Practice
Remote Management

Remote Monitoring and EDR: Better Together
Security

Choosing the Right Antivirus Solution for Your MSP: Four Things to Consider
Security

NCSAM: Responding to and Recovering from Threats as They Arise
Want to stay up to date?

Get the latest MSP tips, tricks, and ideas sent to your inbox each week.

Loading form....

If the form does not load in a few seconds, it is probably because your browser is using Tracking Protection. This is either an Ad Blocker plug-in or your browser is in private mode. Please allow tracking on this page to request a subscription.

Note: Firefox users may see a shield icon to the left of the URL in the address bar. Click on this to disable tracking protection for this session/site

Recent Posts
  • Why People, Processes, and Technology Cannot Change in Isolation
  • Should You Have an Automation Team? 
  • EDR Is Now Integrated with SolarWinds RMM
  • The Real Cost of Field Service 
  • NCSAM: Analyzing and Improving Your Security Practice
Categories:
  • Security (451)
  • Business Growth (426)
  • Tips & Advice (334)
  • Managed Services (307)
  • Best Practices (248)
  • Business (217)
  • Cybersecurity (194)
  • Backup & Disaster Recovery (149)
  • IT Support (114)
  • The Head Nerds (78)
  • ITSM (78)
  • Mail (72)
  • Data (65)
  • Product (63)
  • Cloud Computing (61)
  • Marketing (57)
  • Remote Management (44)
  • Networking (43)
  • Operations (43)
  • Automation (41)
  • Risk Intelligence (31)
  • Customer Service (29)
  • GDPR (17)
  • Services & Support (17)
  • Service Desk (15)
  • PSA (14)
  • Research & Trends (14)
  • Business Risk (12)
  • Internet of Things (12)
  • Mobile (11)
  • Training (11)
  • Security-series (8)
  • Cybersecurity Awareness Month (6)
  • LOGICcards (4)
  • Machine Learning (3)
Show moreless
SolarWinds MSP

Products
  • SolarWinds RMM
  • SolarWinds N-central
  • SolarWinds Backup
  • SolarWinds EDR
  • SolarWinds MSP Manager
  • SolarWinds Mail Assure
  • SolarWinds Risk Intelligence
  • SolarWinds Take Control
  • SolarWinds Passportal
  • All Products Use Cases
Solutions
  • Security Solutions
  • Monitoring Solutions
  • Efficiency Solutions
  • Identify which RMM solution is right for me
  • Drive Efficiency with Automation
  • Manage my MSP Business More Efficiently
  • Manage my IT Department More Efficiently
  • Layered Security
  • Cross-Platform Support
  • Data-Driven Insights
About
  • About Us
  • Careers
  • Newsroom
  • Leadership Team
  • Upcoming Events
  • Subscription Preferences
  • SolarWinds
  • SolarWinds Trust Center
  • COVID-19 Response
Support
  • SolarWinds RMM
  • Solarwinds N-central
  • SolarWinds Backup
  • SolarWinds Mail Assure
  • SolarWinds Take Control
  • SolarWinds MSP Manager
  • Solarwinds Risk Intelligence
  • Solarwinds Threat Monitor
  • SolarWinds Passportal
  • SolarWinds Take Control Downloads
  • Backup & Recovery Downloads
  • Service Status

Footer 2

  • Legal Documents
  • Privacy
  • California Privacy Rights
  • Security Information
  • Sitemap

© SolarWinds MSP Canada ULC and SolarWinds MSP UK Ltd.
All Rights Reserved.