DNS blocking

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Domain Name System Blocking, or DNS Blocking is a strategy for making it difficult for users to locate specific domains or web sites on the Internet. It was first introduced in 1997 as a means to block spam email from known IP addresses.[1] However, DNS blocking should not be the only line of defense against spam email.[2]

DNS blocking can also be applied for outgoing requests as well. Instead of returning the valid IP address of a requested site (for example, instead of 198.35.26.96 being returned by the DNS when "www.wikipedia.org" is entered into a browser,[3] if this IP were on a block list, the DNS might reply that the domain is unknown or with a different IP address that directs to a site with a page stating that the requested domain is not permitted). The latter case where the user is redirected to another destination would be considered DNS Spoofing, otherwise known as "DNS Poisoning".[4] DNS blocking can be applied to individual servers/IP address, or entire blocks of IP addresses.

Proposed Legislation[edit]

In addition to its technical impact, DNS Blocking also has many social and political implications. Free speech and due process are key concerns regarding DNS blocking, particularly in the United States. DNS Blocking was proposed to be mandated by the Stop Online Piracy Act (SOPA) and the PROTECT IP Act (PIPA).[5] It is a technique that essentially breaks the fundamental architecture of the internet. The goal for its use as intended by SOPA and PIPA is to prevent users from intentionally or unintentionally access web sites and web services that are known to host copyrighted material without authorization.

According to an article in Network World magazine, "Just about universally, the people responsible for the technical development and operation of the Internet have said that the DNS-blocking proposals would break vital Internet technology while at the same time being entirely ineffectual against people who are serious about violating copyright laws and largely ineffectual against those who do so casually." [6] They go on to claim that politicians who support this type of legislation are motivated by pressure from lobbyists and donors to their campaigns. These lobbyists and donors are often affiliated with special interest groups such as the MPAA and RIAA.

Criticism[edit]

Google's chairman, Eric Schmidt, is quoted saying "I would be very, very careful if I were a government about arbitrarily [implementing] simple solutions to complex problems" in reference to DNS blocking and the PIPA bill.[7] Experts claim that users could get around DNS blocking by using foreign search engines and foreign DNS servers. In fact, within two months of the legislation being introduced there were browser plug-ins released that enable users to resolve blocked domains.[8]

Numerous industry experts have concerns regarding the effect of DNS blocking on the security of the Internet. A former Bush administration Department of Homeland Security policy director claimed that altering the Domain Name System "would do great damage to internet security." [9]

External links[edit]

References[edit]

  1. ^ What is a DNSBL?, http://whatismyipaddress.com/dnsbl-blacklist
  2. ^ How Useful Are Dns Block Lists?, http://www.articledashboard.com/Article/How-Useful-Are-DNS-Block-Lists/337523, Retrieved June 10, 2012
  3. ^ Hostname to IP Address Lookup, http://www.lookips.com/hostname-ip/www.wikipedia.org
  4. ^ DNS Poisoning - Is it effective?, http://www.watchdoginternational.net/index.php/filtering-technology/56-dns-poisoning-dummy-web-servers/56-isp-dns-poisoning-, Retrieved June 10, 2012
  5. ^ Internet society opposes stop online piracy act. (2011). Wireless News, , n/a. http://search.proquest.com/docview/912231747
  6. ^ Bradner, S. (2012). Science, technology and politicians. Network World (Online), , n/a. http://search.proquest.com/docview/917191332
  7. ^ Schwartz, M. J. (2012). Copyright bill causes stir on foreign website blocking. Informationweek - Online, , n/a. http://search.proquest.com/docview/916010996
  8. ^ Firefox Add-On Bypasses SOPA DNS Blocking, http://torrentfreak.com/firefox-add-on-bypasses-sopa-dns-blocking-111220/, Retrieved June 10, 2012
  9. ^ Rep. Smith Waters Down SOPA, DNS Redirects Out, https://www.wired.com/threatlevel/2012/01/dns-sopa-provision/, Retrieved June 11, 2012