×

Using DNS communications to filter domain names

  • US 9,467,421 B2
  • Filed: 05/24/2011
  • Issued: 10/11/2016
  • Est. Priority Date: 05/24/2011
  • Status: Active Grant
First Claim
Patent Images

1. A system, comprising:

  • a processor configured to;

    intercept a DNS (Domain Name System) request from a client on a private network, wherein the processor is part of a security appliance configured to intercept communications associated with the private network and wherein the DNS request is directed to a DNS server;

    extract a domain name from the DNS request;

    determine that the domain name is unknown;

    determine that at least a prescribed number of DNS requests including the DNS request to resolve unknown domain names have been received from the client;

    flag the unknown domain names as suspicious or malicious; and

    respond to the DNS request from the client with a spoofed DNS response comprising a non-existent or unavailable IP (Internet Protocol) address;

    wherein the processor blocks the DNS request from being transmitted to any DNS server; and

    a memory coupled to the processor and configured to provide the processor with instructions.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×