×

Domain name system security network

  • US 20070118669A1
  • Filed: 05/19/2006
  • Published: 05/24/2007
  • Est. Priority Date: 11/23/2005
  • Status: Active Grant
First Claim
Patent Images

1. A method of processing a domain name system (DNS) client query sent to a DNS server, the method to be performed by the DNS server and comprising:

  • receiving in the DNS server a client query from a client computer, the client query requesting an Internet Protocol (IP) address associated with a domain name identified in the client query;

    comparing a first set of information about the client query against security policies to determine if the client computer is performing a prohibited activity indicated in at least one of the security policies, the first set of information being with the client query as first received by the DNS server;

    comparing a second set of information about the client query against the security policies to determine if the client computer is performing the prohibited activity, the second set of information including information that became available in the DNS server after the client query has been received in the DNS server;

    determining an answer to the client query, the answer providing the IP address associated with the domain name identified in the client query; and

    replacing the answer with a different answer when the client computer is deemed to be performing the prohibited activity.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×