Glossary

This page will explain the most popular terms that are used in the result of the analyze.

DNS zone
Registering a domain name involves managing a DNS zone. This zone contains all services related to a domain name. This can be, for example, the address of a website, the address of a mail server, or the address of an FTP server. These are usually the main services configured on a domain. The DNS zone can contain many types of records. The most used are: NS, A, AAAA, MX, CNAME and TXT.
NS record
The NS record will specify the name server that supports your domain on the Internet. It is strongly recommended to have at least two for reasons of availability. If your domain has only one NS and that it is no longer available, then your website will no longer be accessible via its domain name.
MX record
The MX (Mail eXchanger) record will associate a domain name with an email server. There can be as many MX fields as there are mail servers. A priority order is defined when there are multiple servers. This order is represented by a number ranging from 1 to 100. It is possible to put the same priority to several servers in this case all the servers will theoretically receive the same proportion of emails.
SOA record
The SOA record defines the official DNS zone information. There is the name server thatwill be the authority on the DNS zone. The contact email address is also filled in (the @ character must be replaced by a dot). As well as several timers that will define the frequency of renewal of certain elements of the zone.
TXT record
The TXT record allows the owner to enter custom information for his domain name. This field is very often used to implement an SPF or a DKIM. It also allows for certain sites, such as Google Analytics, to check if you are the owner of the domain.
CNAME record
A CNAME record is an alias of a host name or domain name. It makes it possible to reach the same target via a different address. The best-known CNAME is the www. This one will bring the user to the website of the domain.
SPF
The SPF is the diminutive of Sender Policy Framework. This is a standard verification of the sending domain. The goal of the SPF is to allow a sender domain to authenticate itself to a mail server and more specifically to the antispam. It is configured in the DNS zone as a TXT field.
DKIM
Like the SPF standard, the DKIM authenticates the domain name of the sender. The operation is however different since the principle of DKIM is to add a signature generated by a private key in the header of the mail. Upon receipt of the mail, the recipient server will verify the signature via the public key obtained on a DNS record. A server that attempts to spoof your domain will be denied because the signature will not match.
DMARC
DMARC is a standard to avoid spoofing your domain to send emails. It will use the DKIM (DomainKeys Identified Mail) and SPF (Sender Policy Framework) mechanisms and give instructions to the server that will receive the mails if at least one of the two protocols is not respected. To set up the DMARC policy for your domain, you will need to add a new TXT entry in the DNS zone.
RFC
The term RFC comes from Requests For Comments. These are official documents specifying the technical aspects of the Internet as well as some computer hardware such as routers. When configuring a server, it is strongly recommended to respect the RFCs so that its configuration respects a standart which makes the server highly compatible. Internet evolving each year, RFCs evolve too. It is therefore important to update its configurations to avoid any obsolescence.
Top Level Domain
The domain name system integrates several hierarchical levels. We speak of Top Level Domain (TLD) when we refer to the subdomain of the root. To take an example, in the address www.ns.tools, <www> is the host, <ns>is the domain and <tools> is the TLD. There are also several levels of TLDs. In the address www.impots.gouv.fr, <impots> is the domain, <gouv> is the second-level TLD and <fr> is the first-level TLD.
Root server
Root servers are the authoritative DNS servers on the DNS servers that manage top-level TLDs. We are talking about 13 root servers, but in reality there are several hundred around the world in order to be highly available. The names of these servers are in the form letter.root-servers.net where the letter is between A and M. 12 organizations (European, Japanese and American) control these servers that are spread over the entire planet.
IP address
The IP address is an identification number that is assigned permanently or temporarily to each connection to a computer network using the Internet Protocol. There are two versions of IP address, the 32-bit version called IPv4 and the 128-bit version called IPv6.
HTTP HEADERS
HTTP headers allow the client and server to transmit additional information with the request or response. The header is a key/value form separated by ':'. There are 4 types of headers: general header, query, response and entity.
HSTS
The HSTS mechanism allows the web server to force the user to adopt the encrypted version of the HTTP protocol. The configuration is done by adding a header, either by the server (apache, nginx ...), or by the application (php, nodejs, .NET ...). This requirement makes man-in-the-middle attacks impossible.
Whois / Registrar
The WHOIS search service can retrieve information about the owner of a domain name or an IP address. This information is given to the registrar (entity authorized to register domain names) when purchasing a domain name. However there is no standard in the display of these, so we can find more information in some whois.
SMTP banner
This is the return made by the mail server when the connection is successful. According to the RFC, it is recommended to set the name of the SMTP server in the banner.
Domain / Host
A domain name or hostname is an identifier for one or more machines connected to the Internet. This identifier is intended to facilitate the addressing, for example, of a website or a mail server. Indeed, it is easier to memorize the word ns.tools than 195.154.82.101. The syntax of a domain name obeys a standart, it is not possible to put any character. In addition, a domain name is unique, when you register your domain name with a registrar, it belongs to you for a specified period, usually 1 year. It take the following form mydomain.tld. The hostname is unique in your domain but can be found in any other domain. The best known case is www, so the host takes the following form: host.domain.tld.
Host / Dig / Nslookup commands
These are 3 commands used to obtain DNS information for a domain or IP. The Nslookup command has become obsolete for UNIX and is only used on Windows. Nslookup has been replaced by Dig and Host on UNIX. It is recommended to use the Dig command which is much more efficient and returns more detailed information.