The DNS firewall protects users from coming into contact with websites that pose a potential hardware threat and that could dupe them into giving up sensitive information; it does this by blocking access to the domain in question and redirecting users to a secure landing page.
New potentially harmful domains are constantly being discovered, and Uninett CERT blocks access to these on an ongoing basis. Ultimately, Uninett CERT will also be able to alert users who have already visited a domain before it is blocked that they could potentially be infected.
The DNS firewall raises user awareness when redirecting them to the secure landing page. This enhances digital security and makes users more conscious of the dangers inherent in the Internet.
The service is provided by the program for bolstering a committment to information security in research and education in collaboration with the University of Oslo and NTNU.
The DNS firewall rests on DNS RPZ technology (Domain Name Service Response Policy Zone), which allows certain DNS information to be overwritten. This, in turn, makes it possible to generate alternative responses to DNS requests, thus effectively protecting all types of devices from establishing a connection to malicious systems.
The DNS firewall is implemented on Uninett’s DNS resolvers. Customers subscribing to this service may employ these directly, or by forwarding requests from local DNS resolvers.
Organizations that have begun to subscribe to the DNS firewall can test whether they are being protected by going to filtertest.dnsbrannmur.no. Subscribing organizations will then be redirected to a secure landing page with the title «Dangerous website blocked». Without the DNS firewall, a website will appear informing you that your organization is not protected.