Domain name system (DNS) message processing method and network safety equipment

A network security, DNS server technology, applied in the field of DNS packet processing methods and network security devices, can solve problems such as inaccessibility and network attackers' attacks

Active Publication Date: 2014-07-09
HANGZHOU DPTECH TECH
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The domain name resolution service facilitates the use of the network by users. However, it may become the target of network attackers. Once the domain name resolution is attacked, the consequences will be very serious, because it may cause a large area to be inaccessible. occur

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Domain name system (DNS) message processing method and network safety equipment
  • Domain name system (DNS) message processing method and network safety equipment
  • Domain name system (DNS) message processing method and network safety equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] The inventor of the present invention finds through research that the common malicious attacks against DNS services are accompanied by the occurrence of domain name resolution failure events, such as brute force attacks against DNS server resource consumption. The main objective of the present invention is to check the failure event of domain name resolution through the network security device located between the DNS client and the DNS server in the network, and form records and statistics to find suspicious attack behaviors. Before introducing the preferred implementation manner of the present invention, the message format and the basic flow of DNS interaction to be used by the present invention are introduced first.

[0031] The format of DNS request message and DNS response message is as follows figure 2 As shown, the 16-bit (bit) flag field is divided into several subfields. Please refer to further image 3 , the meanings of each subfield are as follows:

[0032...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to network safety equipment and a domain name system (DNS) message processing method, which are applied to a computer network. The network safety equipment is positioned between a DNS client and a DNS server and comprises a primary judgment unit, a secondary judgment unit and a forwarding unit, wherein the primary judgment unit is used for receiving a DNS response message and checking whether a resolved internet protocol (IP) address is carried in the response message, if so, submitting the message to the secondary judgment unit, otherwise determining that domain name resolution fails and updating failure domain name resolution record; the secondary judgment unit is used for checking whether the resolved IP address carried in the DNS response message corresponds to the domain name requested to be resolved by a DNS, if so, determining that the domain name resolution is success, otherwise determining that the domain name resolution fails and updating the failure domain name resolution record; and the forwarding unit is used for forwarding the DNS response message to the DNS client.

Description

technical field [0001] The present invention relates to network communication technology, in particular to a DNS message processing method and network security device. Background technique [0002] In computer network communication, hosts need to know the IP address of the communication peer before they can communicate with each other through the IP network. However, the 32-bit IPv4 address (the IPv6 address is 128 bits) is not easy for communication participants to remember. Therefore, more intuitive domain names (such as www.google.com.hk) are widely used to solve the problem that IP addresses are difficult to remember. However, the network communication is based on the IP protocol, and the host to be accessed cannot be directly found through the domain name. Therefore, the host needs to convert the domain name entered by the user into an IP address. This process is called domain name resolution. [0003] In order to complete the domain name resolution, a domain name sy...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/12H04L29/06H04L12/24
Inventor 滕晓燕
Owner HANGZHOU DPTECH TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap