The Domain Name System, or DNS, serves as the core of all work at OpenDNS. It lets us connect 50 million people a day to the Internet with our free home DNS service, predict malware outbreaks in the OpenDNS Security Labs, and provide scalable security enforcement and threat protection with Umbrella. How does an Internet protocol invented 30 years ago serve so many purposes? In this post, I’ll be taking an in-depth look at DNS – what it is, what makes it work, and how we use it to safely connect people to the Internet anywhere and anytime.
What is DNS?
DNS is the address book of the Internet. Computers identify themselves with an “Internet Protocol Address,” or an IP address. When you connect to websites, they also have an IP address. For example, the IP of the OpenDNS website is 67.215.92.219. When you connect to this site, the address bar on your browser doesn’t show 67.215.92.219 – it shows blog.opendns.com – but if you type our IP address into your address bar, you still get to our website!
In that example, blog.opendns.com and opendns.com are domain names. They were invented by early Internet researchers so that they could avoid remembering long IP addresses – instead, they created more human-friendly names, like opendns.com.
When you type opendns.com, you still connect to our server. This is because your computer looks up opendns.com to find the IP address that it connects to. Your computer initiates about a thousand DNS queries every single day – websites, software updates, and even phone apps rely on the service. There are too many sites on the Internet for each computer to keep a complete list, so DNS servers act as an address book when computers look up domains.
That’s the basic premise of DNS – when you want to connect to a website or other application server, it tells your computer which address to connect to.
Whose DNS am I using?
There are tens of thousands of recursive and authoritative DNS servers in the world. If you have never tinkered with DNS in the past, you probably use the recursive DNS servers of whoever provides your Internet. At your house, this may be a cable company. On your phone, it is your cellular provider. At the coffee shop down the street, it’s their Internet Service Provider.
Not all DNS services are created equally. If the recursive DNS service you use breaks, you cannot connect to websites. If the DNS service you use is slow, then your connection to websites will be slow. If your DNS servers are not up-to-date, then you may not be able to connect correctly to websites.
OpenDNS started its DNS service to provide everybody with the most reliable, safest, smartest, and fastest Internet connectivity in the world. If you want to take control of your DNS, learn how to set up OpenDNS on your devices. You can always check whether you are using OpenDNS by visiting welcome.opendns.com.
How can DNS be used to find malware?
With 50 billion DNS lookups going through the OpenDNS Global Network every day, we have a window into the Internet. In our mission to connect the world with confidence, we formed OpenDNS Security Labs to predict emerging threats by analyzing how attackers leverage criminal infrastructures on the Internet to launch attacks.
Our Security Labs team has access to all the data our global network acquires, and they use it to examine how the whole Internet works and changes. Bad things like malware, spyware, phishing, and other scams rely on DNS, so we utilize the power of Big Data to search for, identify or even predict these malicious domains.
The results of the research can be pretty beautiful. With machine-learning systems, the OpenDNS Security Labs can predict the behavior of malware and botnets before attacks happen. The result of this data and research is a product called the OpenDNS Security Graph. It’s basically a contextual search engine for the infrastructure of the Internet. Searching for domains, IP addresses, or other routing protocols shows the OpenDNS Security Labs prediction of whether a site is good or bad.
How can DNS stop me from connecting to malware?
By combining DNS and Security Graph, OpenDNS released Umbrella – a full security enforcement solution in the cloud. Umbrella makes the “address book” of DNS smarter–when Umbrella customers look up a domain like opendns.com, our DNS servers add in one extra step. The DNS service checks where you want to go in Security Graph – in this example, opendns.com – to see if the domain and the address you want are both safe. If they are, the service gives you the correct address, and your Internet browsing continues with the same speed as normal DNS.
However, if Security Graph has flagged the domain or the address as malicious, Umbrella stops you from connecting by redirecting you to a block page indicating that the site is unsafe. Umbrella takes the address book of the Internet and cuts out the bad parts so that your computer cannot even find the addresses of harmful servers.
The best part about Umbrella is that it is built into the OpenDNS Global Network, with data centers around the world. You do not have to install anything – setting up Umbrella for your business can be as easy as setting up the OpenDNS home service.
What is the future of DNS-based security?
Some websites on the Internet are good, but host bad things. For example, file-sharing websites or blog services are sometimes misused for malicious activities. To address this, Umbrella now offers the Intelligent Proxy.
Proxying works like a guarded door–it lets most things through, but if the guard sees something bad coming, it shuts the door to protect you. With the Intelligent Proxy, when your computer makes a DNS query for a site that sometimes hosts bad content, the Intelligent Proxy kicks in to protect you. Instead of returning the correct address of the website, the DNS server returns the address of the Intelligent Proxy, where OpenDNS security software can take a deeper look at everything.
While browsing the Internet, you will never realize that this extra level of security is protecting you–your computer thinks the address of Intelligent Proxy is the website it wants, so it behaves normally.
Conclusion
DNS makes the Internet work. After reading this primer, you should have a better idea of how that’s accomplished, and how that technology can be applied to security. Although we rarely think about it, this quiet protocol controls our access to the Internet, making it important in our everday security. OpenDNS has been delivering reliable and safe DNS to millions of people around the world for seven years, with zero downtime, which is almost as incredible as DNS itself. So if you’d like to be part of the OpenDNS family, simply click this link to get started!
