Although we spend a lot of time talking about the benefits of content filtering and how CleanBrowsing can help, there is a hidden benefit that comes in the form of a DNS Firewall that immediately helps any user that leverages the CleanBrowsing DNS Resolver.
To help illustrate how a DNS firewall works, we’ll use Browser hijacking as an example.
What is Browser Hijacking?
Browser hijacking is exactly as the name implies, when a bad actor is able to take control of your local browser settings by injecting it with their preferred settings.
The most common action is when you initiate a search in Google, the results are returned via a Search Engine Result Page (SERP) that looks like Google, but is far from it.
This type of attack is extremely valuable to bad actors, they monetize via ads and unsuspecting online users. While most are benign in the sense that they are abusing the ad ecosystem, some can be used for more malicious purposes (e.g., malware droppers, stealing sensitive information).
Practical Example – MyPrivacyKeeper Hijack
This is the exact scenario a customer was recently faced with. They engaged us frustrated that we were blocking their search queries. But what they failed to realize is that the CleanBrowsing DNS Firewall was doing its job, stopping them from accessing a domain intent on doing harm.
If you find yourself dealing with this hijack, don’t fret. MalwareTips has a great guide on how to remove it, and MalwareBytes works extremely well identify and removing all forms of Browser hijacks.
DNS Firewall – The Complementary Security Control
The example above is a real-world example of the benefits of a DNS firewall, but the examples don’t stop there.
Via the CleanBrowsing DNS we have been able to help organizations a) identify infected networks, b) eradicate those infections, and c) help create safe networks for all their users.
We do this by helping them take a proactive approach to mitigating the risk that comes with curious users that click on links, and also by helping them harden their network to monitor their outbound communication.
Technically it all happens at the resolver level, where able to see the requests being made and apply specific rules based on what an organization defines as their acceptable use policy. This feature is built into the CleanBrowsing platform by default, and is not restricted to large organizations (i.e., all users, including parents have it by default).
The Domain Name System (DNS) is a critical piece of how the internet works. It is often underutilized as a defensive security control, but it’s highly effective. We encourage you to think about how it might help augment your security program.