Was ist DNS-Filterung?
One technology that aids in ensuring users remain safe is the use of DNS (Domain Name Systems/Services). DNS correlates domain names, like OpenSystems.com, to the matching numeric IP address.
DNS is required when accessing web content. Content cannot load, or access is allowed before the DNS process occurs. If the website is on a blocklist, the DNS process is halted, and the request is denied. This makes DNS blocking or filtering a useful method for protecting users from malicious sites.
DNS Stops Attacks Before They Begin
DNS filtering can block a website by domain names and by IP addresses. It helps to ensure cybersecurity by blocking:
- Blocking malicious websites containing ransomware, malware, spyware, viruses, etc.
- It stops attacks before they begin, including drive-by attacks.
- Drive-by attacks infect the device the moment the website is opened, giving the user no time to react.
- Blocking phishing websites, which are fake websites designed to steal user information, including login credentials.
- An example would be a user responding to an email alert from a fake online shopping service or credit card service, stating that they need to access their account and review suspicious activity, thereby capturing login credentials.
- May be illegal
- Compromises an employee’s security credentials
- Violates regulatory compliance
Malicious Websites
Phishing Websites
Websites with Suspicious Content
Blocking websites with suspicious or illegal content prevents users from accidentally accessing a website that contains material that:
- Blocking malicious websites containing ransomware, malware, spyware, viruses, etc.
- It stops attacks before they begin, including drive-by attacks.
- Drive-by attacks infect the device the moment the website is opened, giving the user no time to react.
- Blocking phishing websites, which are fake websites designed to steal user information, including login credentials.
- An example would be a user responding to an email alert from a fake online shopping service or credit card service, stating that they need to access their account and review suspicious activity, thereby capturing login credentials.
Blocking websites with suspicious or illegal content prevents users from accidentally accessing a website that contains material that:
- May be illegal
- Compromises an employee’s security credentials
- Violates regulatory compliance
Laden Sie unser eBook herunter. Dieser neue Ansatz für die Vernetzung umfasst eine Reihe von vollständig integrierten, über die Cloud verwalteten Security-Services, die vor Ort oder in der Cloud mit zentral verwalteter Sicherheit bereitgestellt werden. Erfahren Sie, wie Sie:
- Verringerung der Komplexität und des betrieblichen Aufwands
- Benutzerfreundlichkeit / Transparenz für Anwender
- Mehr Sicherheit durch einen Zero-Trust-Netzwerkzugriff
Cybercriminals Can Exploit DNS Vulnerabilities
Cybercriminals are well aware of the safeguards DNS provides and have attacks specifically targeted to exploit DNS vulnerabilities. DNS threats include:
DNS tunneling, which uses SSH, TCP, or HTTP to drill into DNS messaging and pass malware.
DNS hijacking, which directs DNS messaging to a different domain name server with false information intended to redirect users to malicious websites.
DNS spoofing, which returns an IP address that is not the intended website but a website with malicious intent.
Random subdomain, Domain lock-up, NXDOMAIN, and Phantom attacks overload DNS services with a DoS (Denial-of-Service) attack.
Fending Off Attacks to DNS
While DNS deters cyber-attacks, it is also subject to threats. There are many techniques available to detect and deter DNS attacks.
Using a cloud-based DNS provider is a viable option to ensure your DNS capability is protected. DNS providers have large numbers of name servers distributed across the globe. It would be nearly impossible to mount a successful DDoS attack. Another benefit is that when you add your blocklist to their global blocklist, the result is a very complete and deep list that is updated continually. That ensures greater cybersecurity for users and better protection against sophisticated attacks and malicious websites. Lastly, the burden of protecting and maintaining DNS falls to the provider, not to you.
Open Systems DNS Filtering
Another Layer in the Open Systems Cybersecurity Stack
Contact our customer advocates and learn about the global network of access points/ PoPs and how a cloud-based global DNS service can enhance the cybersecurity posture for your organization.
