DNS server access control system and method
First Claim
1. A method for controlling access to information from a DNS server having an access control list specifying clients approved to receive an IP address corresponding to a domain name of a target host, the method comprising:
- receiving a request from a client for an IP address of a domain name at the DNS server;
looking up the domain name in the access control list, wherein the access control list specifies clients approved to receive an IP address corresponding to a domain name of a target host, and the access control list is accessed by the DNS server; and
sending to the client a reply containing the IP address of the domain name if the client is authorized in the access control list to receive the IP address, and denying said request if the client is not authorized to receive the IP address.
9 Assignments
0 Petitions
Accused Products
Abstract
A method for controlling access to information from a DNS server having an access control list specifying clients approved to receive an IP address corresponding to a domain name of a target host is disclosed. The method includes receiving a request from a client for an IP address of a domain name at the DNS server and looking up the domain name in an access control list. The client is sent a reply containing the IP address of the domain name if the client is authorized in the access control list to receive the IP address. If the client is not authorized to receive the IP address, the request is denied.
314 Citations
34 Claims
-
1. A method for controlling access to information from a DNS server having an access control list specifying clients approved to receive an IP address corresponding to a domain name of a target host, the method comprising:
-
receiving a request from a client for an IP address of a domain name at the DNS server; looking up the domain name in the access control list, wherein the access control list specifies clients approved to receive an IP address corresponding to a domain name of a target host, and the access control list is accessed by the DNS server; and sending to the client a reply containing the IP address of the domain name if the client is authorized in the access control list to receive the IP address, and denying said request if the client is not authorized to receive the IP address. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
9. A method for controlling access to information from a DNS server having an access control list specifying clients approved to receive an IP address corresponding to a domain name of a target host, the method comprising:
-
receiving a request from a client for an IP address of a domain name at the DNS server; looking up the domain name in the access control list; and sending to the client a reply containing the IP address of the domain name if the client is authorized in the access control list to receive the IP address, and denying said request if the client is not authorized to receive the IP address; wherein receiving a request comprises receiving the request from a second DNS server; wherein sending a reply comprises sending an encrypted reply and wherein the second DNS server is configured to forward the reply to the client and is not configured to read the encrypted reply.
-
-
18. A computer program product for controlling access to information from DNS server having an access control list specifying clients approved to receive an IP address corresponding to a domain name of a target host, the product comprising:
-
computer code that receives a request from a client for an IP address of a domain name at the DNS server; computer code that looks up the domain name in the access control list, wherein the access control list specifies clients approved to receive an IP address corresponding to a domain name of a target host, and the access control list is accessed by the DNS server; computer code that sends to the client a reply containing the IP address of the domain name if the client is authorized in the access control list to receive the IP address, and denies said request if the client is not authorized to receive the IP address; and a computer-readable storage medium for storing the codes. - View Dependent Claims (19, 20, 21)
-
-
22. A system for controlling access to information from a DNS server, the system having a DNS server comprising:
-
an access control list specifying clients approved to receive an IP address corresponding to a domain name of a target host, wherein the access control list is accessed by the DNS server; a processor configured to receive a request from a client for an IP address of the domain name, look up the domain name in the access control list, and send the client a reply containing the IP address of the domain name if the client is authorized in the access control list to receive the IP address, and deny said request if the client is not authorized to receive the IP address; and memory for storing the access control list, domain names, and corresponding IP addresses. - View Dependent Claims (23, 24, 25, 26, 27, 29, 30, 31, 32, 33, 34)
-
-
28. A system for controlling access to information from a DNS server, the system having a DNS server comprising:
-
an access control list specifying clients approved to receive an IP address corresponding to a domain name of a target host; a processor configured to receive a request from a client for an IP address of the domain name, look up the domain name in the access control list, and send the client a reply containing the IP address of the domain name if the client is authorized in the access control list to receive the IP address, and deny said request if the client is not authorized to receive the IP address; and memory for storing the access control list, domain names, and corresponding IP addresses; wherein the DNS server is configured to receive recursively forwarded requests from a second DNS server and send replies to the second DNS server; wherein the second DNS server is configured to forward the reply to the client and is not configured to read the encrypted reply.
-
Specification