What are DNS and the DNS Proxy?

The DNS (domain name system) is a network system of servers that translates numeric IP addresses into readable, hierarchical Internet addresses, and vice versa. This is what allows your computer network to understand that you want to reach the server at 192.168.100.1 (for example) when you type into your browser a domain name such as www.watchguard.com.

Because DNS is used by virtually every device connected to the Internet, it is a common target of hacker attacks. Examples include DNS cache poisoning, DNS spoofing, and buffer overflow attacks transmitted through DNS commands.

With Fireware, you have two methods to control DNS traffic through your firewall: the DNS packet filter and the DNS Proxy policy. A packet filter examines the header information while a proxy examines the contents at the application layer and validates that the packet meets RFC compliance for DNS traffic. In this training module, we concentrate on the higher level of security available through a DNS Proxy policy.

To make configuration of your DNS security policy easy, the default configuration includes two template proxy actions for DNS. You can use these rulesets without changing them, or you can use the rulesets as a base for a ruleset to meet the needs of your organization.

DNS-Incoming
    This proxy action includes rulesets to protect your DNS server from DNS queries that are not correctly formed and certain query types that could be a risk to the security of your DNS server.

DNS-Outgoing
    This proxy action includes rulesets to control outgoing DNS requests from your trusted users.

 

Return to Top

Copyright 1996 - 2005 WatchGuard Technologies, Inc. All rights reserved.
Legal Notice/Terms of Use