DNS Filtering

DNS Filtering

An apparently helpful service that can be offered by a DNS provider is filtering.

Queries for sites that have been flagged for various reasons can return either no result, or an IP that links you to a warning or information about the site you requested.

This can be helpful to keep you from known sites that may download malicious code to your computer or are phishing sites designed to fool you for malicious purposes.

Other things can be done such as keeping you from content you may not desire, such as morally offensive, politically offensive, excessively violent, or other concerns.

This attitude, frequently noted as “think of the children”, may market well and give a feeling of security to the end user, but there is a cost to the end user in that things that may be desired or helpful may be blocked.

Consider that your given religious or political persuasion may be shielded from you by your DNS provider. Information about a subject or event may be censored at the decision or whim of the DNS provider. The sites and information exist and are available, but a third party, your DNS provider, prevents you from access.

When your DNS provider offers or imposes a filter, when you have no option around the filter, or when you not informed of the filter, you are the victim of censorship. Even when options are provided on what is filtered, simply making that selection provides a bit of information about you, including a sentiment of you are not falling in line with everyone else.


The Domain Name System ● What it is to “Resolve”

Domain Names and IP Addresses

Iterative Lookup ● Alice’s computer does it all

Recursive Lookup ● A server does it all

Hijacking a query

Tracking your queries

Secure DNS Server

DNS Filtering

Matryoshka DNS Server