System, method, and computer program product for preventing a modification to a domain name system setting
First Claim
Patent Images
1. A system, comprising:
- a processor;
a memory configured to store a domain name system setting; and
logic, wherein the logic is configured to;
detect an attempt for modification of the domain name system setting stored within the memory;
identify an attribute of the modification;
verify a source of the attempt by generating a hash of the source in order to compare the source against a whitelist including predetermined non-malicious sources;
verify the attribute of the modification by comparing the attribute of the modification against at least one of a whitelist including known good attributes and a blacklist including known at least potentially malicious attributes; and
prevent the modification of the domain name system setting responsive to the verifying of the source of the attempt being indicative that the source is a potentially malicious source and the verifying of the attribute of the modification being indicative that the attribute of the modification is a potentially malicious attribute.
9 Assignments
0 Petitions
Accused Products
Abstract
A system, method, and computer program product are provided for preventing a modification to a domain name system setting. In use, an attempt to modify a domain name system setting is detected. Additionally, a source of the attempt and an attribute of the modification are verified. Further, the modification to the domain name system setting is prevented, based on the verification.
20 Citations
20 Claims
-
1. A system, comprising:
-
a processor; a memory configured to store a domain name system setting; and logic, wherein the logic is configured to; detect an attempt for modification of the domain name system setting stored within the memory; identify an attribute of the modification; verify a source of the attempt by generating a hash of the source in order to compare the source against a whitelist including predetermined non-malicious sources; verify the attribute of the modification by comparing the attribute of the modification against at least one of a whitelist including known good attributes and a blacklist including known at least potentially malicious attributes; and prevent the modification of the domain name system setting responsive to the verifying of the source of the attempt being indicative that the source is a potentially malicious source and the verifying of the attribute of the modification being indicative that the attribute of the modification is a potentially malicious attribute. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification