DNS Filtering: How Does It Work?

So, how does DNS filtering work?

The short answer: DNS filtering gives you the ability to filter bad or unwanted content at the DNS level. DNS filtering works by categorizing every single domain you attempt to access and cross-referencing those categorizations and domain names with policies you've determined you want to block. If you want to block all social media sites and attempt to access a brand new social media site, you won't be able to because your policy will stop you. DNS protection solutions, like DNSFilter, include DNS filtering as a feature.

What does DNS do?

Any website you type into your browser has a separate IP address that it is connected to. What holds all these IP addresses? The Domain Name System, or known as "DNS". Some people compare this to a phonebook for the internet. Your web browser understands what to load when given an IP address. The DNS retains domain names, like dnsfilter.com, to the IP addresses so your browser can load these websites for you.

How did we land on this system?

In the ‘70s, the internet’s precursor was called ARPAnet. ARPA stood for Advanced Research Projects Agency Network.

A critical component of ARPAnet was a file called “HOSTS.TXT.” This was a single file housed at the Stanford Research Institute called “HOSTS.TXT” which, true to its name, held all of the information about the hosts. Similar to the modern-day internet, users of ARPAnet could access the “host files” (what we would call “domains”), but everything was routed through a single file, and a single computer.

As you can imagine, updating this HOSTS.TXT file became cumbersome. The system couldn’t scale, and it was relatively easy to make the system go down. For instance, there was nothing in place preventing someone from adding a duplicate “host” to the master file. Imagine if someone tried to add a second “Facebook.com” to the internet! Likely, Facebook would be down for a little while until someone fixed the mistake.

Because there was nothing in place to prevent this duplication, affected hosts and systems could be taken offline if someone made the mistake of adding, for instance, a second “Facebook.com”.

From this experiment, DNS was born. DNS is a hierarchical and decentralized naming system that ensures all names are completely unique. And because DNS servers are distributed (i.e., not located in a single place), it has allowed the internet to grow the way it has.

We’re now at nearly 2 billion domains!

Now what does DNS filtering do?

We gave the short answer earlier but for the long answer on how DNS filtering works, this blog post will cover DNS basics, what DNS filtering is, and why everyone needs it.

‍

‍

What is DNS filtering (and how does it work)?

If DNS is the phonebook, think of DNS filtering as a caller ID system that can enable call blocking.

With DNS filtering, when you type in a website’s domain, a filtering process takes place between the IP address being retrieved and the page being displayed. This filtering process categorizes the site into a variety of groupings that include news and media, social networking, malicious, illegal content, and much more.

Businesses put DNS filters in place to block employees or guest Wi-Fi users from specific sites. A business might choose to block social media sites during work hours for their employees or illegal content for both employees and public Wi-Fi guests. A DNS filtering system will always block users from malicious content.

Once a website has been categorized, the filter will either display the page or block it depending on the parameters set up ahead of time by the business. So if you’re trying to access Facebook during work hours at a company that has blocked the site, you’ll see something like this:

Like this example, block pages are usually customizable. If you encounter a company block page, you might see your company’s logo with a note that they’re the ones who are blocking you.

Why do we need DNS filtering?

Though we touched on it in the previous section, DNS filtering is not just about employers blocking sites they don’t want their employees to access. It’s also a very important cybersecurity measure that prevents you from accessing malicious sites that can administer phishing, ransomware, or cryptojacking attacks.

Unfortunately, there are a lot of people who compromise websites in order to trick people into handing over their login credentials, scamming them out of money, and causing businesses to be shut down.

And if you remember, there are almost 2 billion domains out there. And roughly 200,000 new domains every day. Those are a lot of opportunities to run into a malicious site without realizing it.

Even previously “safe” websites aren’t always safe, as they may become compromised. That’s why going with a DNS protection solution with an advanced AI is a must. It keeps employees and guest Wi-Fi users safer because it doesn’t just check a list of safe domains, it actually scans the page.

Omitting DNS filtering from your cybersecurity is a huge business risk. It puts pressure on employees to assess risks on their own, when they might not have the skills or training to do so.

Get your free trial of DNSFilter today to prevent you and your employees from accessing malicious content.