Firewall based on domain names
First Claim
1. A method for selectively allowing access to a node exterior of a network using a network firewall comprising:
- monitoring a request to a Domain Name Service (DNS) server, said request including a domain name for said node, said monitoring occurring at said network firewall;
receiving an IP address identified in a response to said request, said receiving occurring at said network firewall;
associating said IP address with said domain name, thereby providing an association of said IP address with said domain name;
recording said association;
utilizing said association to provide a determination of whether said access to said node is allowable; and
selectively granting said access to content from said node based on said determination, said selective granting being via automated operations of said network firewall.
11 Assignments
0 Petitions
Accused Products
Abstract
The invention is a firewall capable of blocking access to a website or other Internet node based on a domain name. A DNS request is monitored and a domain name is decoded from the DNS request. An IP address is received in a response to the DNS request. The IP address and domain name are associated with each other. The steps are executed non-intrusively with respect to traffic flow through the firewall. Afterward, a determination is made if the IP address is associated with a domain name for which access is restricted. If the domain name is a restricted domain name, access to content of the website is denied by blocking traffic flow on the basis of identifying the source IP address of data packets.
74 Citations
14 Claims
-
1. A method for selectively allowing access to a node exterior of a network using a network firewall comprising:
-
monitoring a request to a Domain Name Service (DNS) server, said request including a domain name for said node, said monitoring occurring at said network firewall; receiving an IP address identified in a response to said request, said receiving occurring at said network firewall; associating said IP address with said domain name, thereby providing an association of said IP address with said domain name; recording said association; utilizing said association to provide a determination of whether said access to said node is allowable; and selectively granting said access to content from said node based on said determination, said selective granting being via automated operations of said network firewall. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. Computer-executable code stored on a computer-readable medium for enabling a method comprising:
-
generating a rules base that includes rules restricting access to particular said websites, said rules including identifications of domain names; detecting a Domain Name Service (DNS) request, said DNS request including a domain name for a specific website, said detecting occurring at a network firewall; receiving an IP address for said website as a response to said DNS request, said receiving occurring at said network firewall; enabling enforcement of said rules base, including providing an association of said IP address and said domain name; enforcing said rules base to selectively grant access to said website, thereby providing an enforcement of said rules base; and dynamically updating said rules base for subsequent said enforcements. - View Dependent Claims (9, 10, 11)
-
-
12. A network firewall for enforcement of a rules base to selectively restrict access to a website exterior of a network comprising:
-
a Domain Name Service (DNS) request monitor for decoding domain names embedded within DNS requests; a receiver configured to accept an IP address as a response to each said DNS request; a domain name rules base having identifications of restricted domain names; an automatic update component for recording current associations between IP addresses and said restricted domain names, said automatic update component being responsive to said receiver; and a controller configured to selectively deny access to said websites based on said rules base and said associations. - View Dependent Claims (13, 14)
-
Specification