Domain Name System blocking, or DNS blocking / filtering, is a strategy for making it difficult for users to locate specific domains or websites on the Internet. It was first introduced in 1997 as a means to block spam email from known malicious IP addresses.
DNS blocking can also be applied for outgoing requests as well. Instead of returning the valid IP address of a requested site (for example, instead of 126.96.36.199 being returned by the DNS when "www.wikipedia.org" is entered into a browser, if this IP were on a block list, the DNS might reply that the domain is unknown or with a different IP address that directs to a site with a page stating that the requested domain is not permitted). The latter case where the user is redirected to another destination would be considered DNS Spoofing, otherwise known as "DNS Poisoning". DNS blocking can be applied to individual servers/IP address, or entire blocks of IP addresses for multiple reasons.
Some public DNS Resolvers, like Quad9 and CleanBrowsing, offer filters are part of their DNS. Quad9, for example, blocks access to known phishing and malicious domains. CleanBrowsing filters out adult content in their effort to protect kids online.
In addition to its technical impact, DNS blocking also has many social and political implications. Free speech and due process are key concerns regarding DNS blocking, particularly in the United States. DNS blocking was proposed to be mandated by the Stop Online Piracy Act (SOPA) and the PROTECT IP Act (PIPA). It is a technique that essentially breaks the fundamental architecture of the internet. The goal for its use as intended by SOPA and PIPA is to prevent users from intentionally or unintentionally accessing web sites and web services that are known to host copyrighted material without authorization.
According to an article in Network World magazine, "Just about universally, the people responsible for the technical development and operation of the Internet have said that the DNS-blocking proposals would break vital Internet technology while at the same time being entirely ineffectual against people who are serious about violating copyright laws and largely ineffectual against those who do so casually." They go on to claim that politicians who support this type of legislation are motivated by pressure from lobbyists and donors to their campaigns. These lobbyists and donors are often affiliated with special interest groups such as the MPAA and RIAA.
Google's chairman, Eric Schmidt, is quoted saying "I would be very, very careful if I were a government about arbitrarily [implementing] simple solutions to complex problems" in reference to DNS blocking and the PIPA bill. Experts claim that users could get around DNS blocking by using foreign search engines and foreign DNS servers. In fact, within two months of the legislation being introduced there were browser plug-ins released that enable users to resolve blocked domains.
Numerous industry experts have concerns regarding the effect of DNS blocking on the security of the Internet. A former Bush administration Department of Homeland Security policy director claimed that altering the Domain Name System "would do great damage to internet security."
- "What is DNSBL?". WhatIsMyIPAddress. Retrieved 2019-04-18.
- Hostname to IP Address Lookup, http://www.lookips.com/hostname-ip/www.wikipedia.org Archived 2018-04-16 at the Wayback Machine
- DNS Poisoning - Is it effective?, http://www.watchdoginternational.net/index.php/filtering-technology/56-dns-poisoning-dummy-web-servers/56-isp-dns-poisoning- Archived 2014-08-19 at the Wayback Machine, Retrieved June 10, 2012
- "Internet Society Supports Actions to Raise Awareness of the Consequences of Proposed U.S. Legislation, SOPA" (Press release). Internet Society. 12 December 2011. ProQuest 912231747.
- Bradner, Scott (17 January 2012). "Science, technology and politicians: Why is it so hard to get politicians to listen to the people who know what they are talking about?". Network World. ProQuest 917191332.
- Schwartz, Mathew J. (13 January 2012). "Copyright Bill Causes Stir On Foreign Website Blocking". InformationWeek. ProQuest 916010996.
- Ernesto (20 December 2011). "Firefox Add-On Bypasses SOPA DNS Blocking". TorrentFreak. Retrieved 18 April 2019.
- Kravets, David (13 January 2012). "Rep. Smith Waters Down SOPA, DNS Redirects Out". Wired.