December 5, 2018
Domain Name System (DNS) filtering ensures security from online threats like malware, viruses and ransomware, botnets, and phishing attacks. DNS delivers protection so that users can use the Internet by recognizing names, and computers can interpret the same names into IP addresses (Machine-language) to transfer data from file servers, websites, and email servers to your email client or browser. Even though the concept of DNS is easy to understand, you might be skeptical about using DNS filtering that could work safely and reliably. In this article we will discuss more.
How does DNS work? In order to better understand how DNS attacks happen, it is vital to know how DNS work. To find a particular website, the IP address helps in reaching the particular web server. In the process, the browser consults the system’s hosts file, a text file with the IP addresses of any domain names. When the web address isn’t in the system’s hosts file, the browser will go to the DNS server which may be operated by an ISP, or by an organization like Google or OpenDNS.
All that a hacker does is find a way to make the resolver report back the wrong IP address. When it is done, anyone from any part of the world trying to access the particular website will be redirected to a bogus website. Similarly, the emails also can be delivered to the wrong destination.
Cache Poisoning In simple, cache poisoning as the term refers to is placing false information into the cache of a server. Hackers accomplish this by assigning a bogus “reply” with a tricked source IP address to an information request. When a bogus reply comes back it may be cached.
This is how cache poisoning is performed by hackers, and once it is done, any following information request will be responded with this wrong information until the information expires.
There is a time limit for the DNS information (TTL) to be active and then it requires to be recovered again from the official server. The TTL for DNS information is defined by the owner of the domain name, however, doing it at the right moment depends on the hacker to perform the malicious activities.
DNS Protection – Here is how you need to steer clear of becoming a victim of a DNS attack. Always maintain the resolver private and protected. When the resolver is operated on the own, ideally, the usage should be restricted to users on your network. Thus, you will prevent its cache from being corrupted by hackers outside the network. Remember, never to leave it open to external users. Besides, configure it to be as strong as possible against cache poisoning, the potential ways of doing it includes:
➢ instead of UDP port 53 – use a random source port
➢ randomizing the case of the letters of the domain names
➢ randomizing the query ID
➢ maintaining your DNS servers securely
DNS filtering should be a part of your security collection – to ensure web filtering, it’s simple and easy option. By altering the MX records internally, a single configuration change can be done by which you can deny access to risky sites and secure your network.
Comodo Dome Shield DNS Filtering protects from accessing malicious websites. The DNS internet security is available for homes, businesses, and MSPs. It doesn’t matter how many users you have, it’s absolutely free. For more details, please visit the official page.
Terminates Malware & Malicious Websites – denies access to phishing attacks, malware like viruses, ransomware, malicious websites, and spyware.
Control Web Access – entitles you to manage internet access in your organization.
Cloud Benefit – It comes as a cloud-based service, so this demands a basic DNS redirect to the servers.
Comodo Dome Shield is a Cloud-based DNS Security-as a-Service (SaaS) solution that delivers effective domain filtering and granular-level policies that includes security and rules based on classification.
Dome Shield entitles admins to manage and oversee the website traffic instantly! It provides the admins a clear visibility to the web traffic for all devices and can terminate website categories and blacklist individual websites to guarantee secure, and productive web browsing.
Dome shield provides an experienced network admin to assist in the process of domain and record migration and ensures the complete process is seamless. DNS that lets you to respond instantly to evolving business needs.
It guarantees priority support that includes ticket escalation, committed phone support to attend to customers. It provides SSL and two-factor authentication with control and flexibility.
Dome shield meets the demands of managed service providers to help them with seamless integration into their portfolio of products. Dome shield offers DNS filtering for Managed Service providers that has multiple APIs to ensure easy integration with monitoring, existing billing and auto-provisioning techniques.
The Dome shield offers DNS filtering for managed service providers with multiple APIs to integrate easily with existing billing, monitoring, and auto-provisioning systems. If there are any problems and challenges with integration, we deliver instant support through industry leading support to benefit our clients and to troubleshoot all other problems instantly.